diff --git a/.azure-pipelines/1es-entra-powershell-ci-build.yml b/.azure-pipelines/1es-entra-powershell-ci-build.yml index fa72ad1d83..f7ea158529 100644 --- a/.azure-pipelines/1es-entra-powershell-ci-build.yml +++ b/.azure-pipelines/1es-entra-powershell-ci-build.yml @@ -32,6 +32,14 @@ extends: name: MSSecurity-1ES-Build-Agents-Pool image: MSSecurity-1ES-Windows-2022 os: windows + credscan: + suppressionsFile: $(Build.SourcesDirectory)\.config\CredScanSuppressions.json + outputFormat: pre + debugMode: false + batchSize: 16 + psscriptanalyzer: + break: false + enabled: true stages: - stage: build jobs: @@ -42,7 +50,7 @@ extends: - template: .azure-pipelines/common-templates/install-tools.yml@self - template: .azure-pipelines/common-templates/security-pre-checks.yml@self - - template: .azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml@self + - template: .azure-pipelines/generation-templates/generate_adapter-1es.yml@self parameters: Sign: ${{ parameters.Sign }} @@ -50,7 +58,7 @@ extends: - template: .azure-pipelines/common-templates/esrp/codesign-nuget-migrate.yml@self parameters: FolderPath: "$(Build.ArtifactStagingDirectory)" - Pattern: "Microsoft.Graph.Entra.*.nupkg" + Pattern: "Microsoft.Entra.*.nupkg" - task: 1ES.PublishBuildArtifacts@1 displayName: Publish Module Artifacts inputs: @@ -60,7 +68,7 @@ extends: displayName: Publish NuGet to preview feed inputs: useDotNetTask: false - packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Graph.Entra.*.nupkg + packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Entra.*.nupkg packageParentPath: '$(Build.ArtifactStagingDirectory)' publishVstsFeed: $(PROJECT_NAME)/$(PREVIEW_FEED_NAME) nuGetFeedType: internal diff --git a/.azure-pipelines/1es-entra-powershell-release.yml b/.azure-pipelines/1es-entra-powershell-release.yml index 9a4310e7b8..611b3c3efc 100644 --- a/.azure-pipelines/1es-entra-powershell-release.yml +++ b/.azure-pipelines/1es-entra-powershell-release.yml @@ -58,7 +58,7 @@ extends: displayName: Publish Nuget package inputs: useDotNetTask: false - packagesToPush: '$(System.ArtifactsDirectory)/drop/Microsoft.Graph.Entra*.nupkg' + packagesToPush: '$(System.ArtifactsDirectory)/drop/Microsoft.Entra*.nupkg' packageParentPath: '$(System.ArtifactsDirectory)' nuGetFeedType: external publishFeedCredentials: EntraPowerShell_PSGallery diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index 0a24db784a..b1db0112b2 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -41,7 +41,7 @@ jobs: - template: ./common-templates/esrp/codesign-nuget.yml parameters: FolderPath: "$(Build.ArtifactStagingDirectory)" - Pattern: "Microsoft.Graph.Entra.*.nupkg" + Pattern: "Microsoft.Entra.*.nupkg" - task: PublishBuildArtifacts@1 displayName: Publish Module Artifacts @@ -54,7 +54,7 @@ jobs: displayName: Publish NuGet to preview feed inputs: command: push - packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Graph.Entra.*.nupkg + packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Entra.*.nupkg publishVstsFeed: $(PROJECT_NAME)/$(PREVIEW_FEED_NAME) allowPackageConflicts: true diff --git a/.azure-pipelines/entra-powershell-release.yml b/.azure-pipelines/entra-powershell-release.yml index 16068e8343..e34aa0b66a 100644 --- a/.azure-pipelines/entra-powershell-release.yml +++ b/.azure-pipelines/entra-powershell-release.yml @@ -40,7 +40,7 @@ stages: inputs: targetType: inline script: | - Publish-Module -NuGetApiKey $env:NuGetApiKey -Path $(Build.ArtifactStagingDirectory)/modules/Microsoft.Graph.Entra -Verbose - Publish-Module -NuGetApiKey $env:NuGetApiKey -Path $(Build.ArtifactStagingDirectory)/modules/Microsoft.Graph.Entra.Beta -Verbose + Publish-Module -NuGetApiKey $env:NuGetApiKey -Path $(Build.ArtifactStagingDirectory)/modules/Microsoft.Entra -Verbose + Publish-Module -NuGetApiKey $env:NuGetApiKey -Path $(Build.ArtifactStagingDirectory)/modules/Microsoft.Entra.Beta -Verbose pwsh: false dependsOn: Release_Approval \ No newline at end of file diff --git a/.azure-pipelines/generation-templates/generate_adapter-1es.yml b/.azure-pipelines/generation-templates/generate_adapter-1es.yml new file mode 100644 index 0000000000..c135f17715 --- /dev/null +++ b/.azure-pipelines/generation-templates/generate_adapter-1es.yml @@ -0,0 +1,247 @@ +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. +# https://aka.ms/yaml + +parameters: + - name: Sign + type: boolean + default: false + - name: Integration + type: boolean + default: false + +steps: +- task: powershell@2 + displayName: 'Show current PowerShell version information' + inputs: + targetType: inline + script: 'echo $PSVersionTable' + pwsh: true +- task: powershell@2 + displayName: 'Set maximum function count' + inputs: + targetType: inline + script: '$MaximumFunctionCount=32768' + pwsh: true +- task: powershell@2 + displayName: 'Install Dependencies Entra' + inputs: + targetType: inline + script: | + ./build/Install-Dependencies.ps1 -ModuleName Entra -Verbose + pwsh: true +- task: powershell@2 + displayName: 'Install PlatyPS' + inputs: + targetType: inline + script: Install-Module PlatyPS -scope currentuser -Force + pwsh: true +# - task: powershell@2 +# displayName: 'Create Module Help Files Entra' +# inputs: +# targetType: inline +# script: | +# Import-Module PlatyPS +# . ./build/common-functions.ps1 +# Create-ModuleHelp -Module Entra +# pwsh: true +- task: powershell@2 + displayName: '[Modularization ] Build Entra' + inputs: + targetType: inline + script: | + ./build/Create-EntraModule.ps1 -Module Entra -Verbose + ./build/Create-EntraModule.ps1 -Module Entra -Root -Verbose + pwsh: true +- ${{ if eq(parameters.Sign, true) }}: + - template: ../common-templates/esrp/codesign-migrate.yml + parameters: + FolderPath: "bin" + Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" + - task: PowerShell@2 + displayName: "Validate Authenticode Signature" + inputs: + targetType: "inline" + pwsh: true + script: ./build/ValidateAuthenticodeSignature.ps1 +- task: powershell@2 + displayName: 'Create Module Files Entra' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Create-ModuleFolder + pwsh: true +- task: 1ES.PublishBuildArtifacts@1 + displayName: 'Publish Module Files EntraBeta' + inputs: + PathtoPublish: 'bin' + ArtifactName: 'Module Files' +- task: powershell@2 + displayName: 'Register Local Gallery' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Register-LocalGallery -Path $(Build.ArtifactStagingDirectory) + pwsh: true +- task: powershell@2 + displayName: 'Publish to Local Gallery Entra' + inputs: + targetType: inline + script: ./build/Publish-LocalCompatModule.ps1 -Install + pwsh: true +- task: 1ES.PublishBuildArtifacts@1 + displayName: 'Publish Module Nuget File Entra' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)' + ArtifactName: 'Module Nuget' +- task: powershell@2 + displayName: 'Remove Build Folders' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Remove-BuildDirectories + pwsh: true +- task: powershell@2 + displayName: 'Install Dependencies EntraBeta' + inputs: + targetType: inline + script: | + ./build/Install-Dependencies.ps1 -ModuleName EntraBeta -Verbose + pwsh: true +# - task: powershell@2 +# displayName: 'Create Module Help Files EntraBeta' +# inputs: +# targetType: inline +# script: | +# Import-Module PlatyPS +# . ./build/common-functions.ps1 +# Create-ModuleHelp -Module EntraBeta +# pwsh: true +- task: powershell@2 + displayName: '[Modularization ] Build EntraBeta' + inputs: + targetType: inline + script: | + ./build/Create-EntraModule.ps1 -Module EntraBeta -Verbose + ./build/Create-EntraModule.ps1 -Module EntraBeta -Root -Verbose + pwsh: true +- ${{ if eq(parameters.Sign, true) }}: + - template: ../common-templates/esrp/codesign-migrate.yml + parameters: + FolderPath: "bin" + Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" + - task: PowerShell@2 + displayName: "Validate Authenticode Signature" + inputs: + targetType: "inline" + pwsh: true + script: ./build/ValidateAuthenticodeSignature.ps1 +- task: powershell@2 + displayName: 'Create Module Files EntraBeta' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Create-ModuleFolder + pwsh: true +- task: 1ES.PublishBuildArtifacts@1 + displayName: 'Publish Module Files EntraBeta' + inputs: + PathtoPublish: 'bin' + ArtifactName: 'Module Files' +- task: powershell@2 + displayName: 'Publish to Local Gallery EntraBeta' + inputs: + targetType: inline + script: ./build/Publish-LocalCompatModule.ps1 -Install + pwsh: true +- task: 1ES.PublishBuildArtifacts@1 + displayName: 'Publish Module Nuget File EntraBeta' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)' + ArtifactName: 'Module Nuget' +- task: powershell@2 + displayName: 'Remove Build Folders' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Remove-BuildDirectories + pwsh: true +- task: powershell@2 + displayName: 'Install Pester' + inputs: + targetType: inline + script: Install-Module Pester -scope currentuser -SkipPublisherCheck -Force + pwsh: true +- task: powershell@2 + displayName: 'Run tests Entra' + inputs: + targetType: inline + pwsh: true + script: | + cd test/Entra + Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml +- task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-ad.xml" + failTaskOnFailedTests: true +- task: powershell@2 + displayName: 'Run tests Entra Beta' + inputs: + targetType: inline + pwsh: true + script: | + cd test/EntraBeta + Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml +- task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-ad.xml" + failTaskOnFailedTests: true +- ${{ if eq(parameters.Integration, true) }}: + - task: powershell@2 + displayName: 'Run Entra integration tests' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/Integration/Entra + Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml + - task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-preview.xml" + failTaskOnFailedTests: true + - task: powershell@2 + displayName: 'Run EntraBeta integration tests' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/Integration/EntraBeta + Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml + - task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-preview.xml" + failTaskOnFailedTests: true +- task: powershell@2 + displayName: 'Remove Local Gallery' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Unregister-LocalGallery + pwsh: true +- task: PSScriptAnalyzer@1 + displayName: 'Run PSScriptAnalyzer' + inputs: + Path: '$(Build.SourcesDirectory)' + Settings: required + IgnorePattern: .gdn + Recurse: true diff --git a/.azure-pipelines/generation-templates/generate_adapter-legacy.yml b/.azure-pipelines/generation-templates/generate_adapter-legacy.yml new file mode 100644 index 0000000000..43bdec1d2c --- /dev/null +++ b/.azure-pipelines/generation-templates/generate_adapter-legacy.yml @@ -0,0 +1,253 @@ +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. +# https://aka.ms/yaml + +parameters: + - name: Sign + type: boolean + default: false + - name: Integration + type: boolean + default: false + +steps: +- task: powershell@2 + displayName: 'Show current PowerShell version information' + inputs: + targetType: inline + script: 'echo $PSVersionTable' + pwsh: false +- task: powershell@2 + displayName: 'Set maximum function count' + inputs: + targetType: inline + script: '$MaximumFunctionCount=32768' + pwsh: false +- task: powershell@2 + displayName: 'Install Dependencies Entra' + inputs: + targetType: inline + script: | + ./build/Install-Dependencies.ps1 -ModuleName Entra -Verbose + pwsh: false +- task: powershell@2 + displayName: 'Install PlatyPS' + inputs: + targetType: inline + script: Install-Module PlatyPS -scope currentuser -Force + pwsh: false +- task: powershell@2 + displayName: 'Create Module Help Files Entra' + inputs: + targetType: inline + script: | + Import-Module PlatyPS + . ./build/common-functions.ps1 + Create-ModuleHelp -Module Entra + pwsh: false +- task: powershell@2 + displayName: 'Build Entra' + inputs: + targetType: inline + script: ./build/Create-CompatModule.ps1 -Module Entra -Verbose + pwsh: false +- ${{ if eq(parameters.Sign, true) }}: + - template: ../common-templates/esrp/codesign.yml + parameters: + FolderPath: "bin" + Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" + - task: PowerShell@2 + displayName: "Validate Authenticode Signature" + inputs: + targetType: "inline" + pwsh: true + script: | + $ModulePsd1 = "bin/Microsoft.Graph.Entra.psd1" + $ModulePsm1 = "bin/Microsoft.Graph.Entra.psm1" + ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" + ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" +- task: powershell@2 + displayName: 'Create Module Files Entra' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Create-ModuleFolder + pwsh: false +- task: PublishBuildArtifacts@1 + displayName: 'Publish Module Files Entra' + inputs: + ArtifactName: 'Module Files' + PathtoPublish: 'bin' +- task: powershell@2 + displayName: 'Register Local Gallery' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Register-LocalGallery -Path $(Build.ArtifactStagingDirectory) + pwsh: false +- task: powershell@2 + displayName: 'Publish to Local Gallery Entra' + inputs: + targetType: inline + script: ./build/Publish-LocalCompatModule.ps1 -Install + pwsh: false +- task: PublishBuildArtifacts@1 + displayName: 'Publish Module Nuget File Entra' + inputs: + ArtifactName: 'Module Nuget' + PathtoPublish: '$(Build.ArtifactStagingDirectory)' +- task: powershell@2 + displayName: 'Remove Build Folders' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Remove-BuildDirectories + pwsh: false +- task: powershell@2 + displayName: 'Install Dependencies EntraBeta' + inputs: + targetType: inline + script: | + ./build/Install-Dependencies.ps1 -ModuleName EntraBeta -Verbose + pwsh: false +- task: powershell@2 + displayName: 'Create Module Help Files EntraBeta' + inputs: + targetType: inline + script: | + Import-Module PlatyPS + . ./build/common-functions.ps1 + Create-ModuleHelp -Module EntraBeta + pwsh: false +- task: powershell@2 + displayName: 'Build EntraBeta' + inputs: + targetType: inline + script: | + $MaximumFunctionCount=32768 + ./build/Create-CompatModule.ps1 -Module EntraBeta -Verbose + pwsh: false +- ${{ if eq(parameters.Sign, true) }}: + - template: ../common-templates/esrp/codesign.yml + parameters: + FolderPath: "bin" + Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" + - task: PowerShell@2 + displayName: "Validate Authenticode Signature" + inputs: + targetType: "inline" + pwsh: true + script: | + $ModulePsd1 = "bin/Microsoft.Graph.Entra.Beta.psd1" + $ModulePsm1 = "bin/Microsoft.Graph.Entra.Beta.psm1" + ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" + ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" +- task: powershell@2 + displayName: 'Create Module Files EntraBeta' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Create-ModuleFolder + pwsh: false +- task: PublishBuildArtifacts@1 + displayName: 'Publish Module Files EntraBeta' + inputs: + ArtifactName: 'Module Files' + PathtoPublish: 'bin' +- task: powershell@2 + displayName: 'Publish to Local Gallery EntraBeta' + inputs: + targetType: inline + script: ./build/Publish-LocalCompatModule.ps1 -Install + pwsh: false +- task: PublishBuildArtifacts@1 + displayName: 'Publish Module Nuget File EntraBeta' + inputs: + ArtifactName: 'Module Nuget' + PathtoPublish: '$(Build.ArtifactStagingDirectory)' +- task: powershell@2 + displayName: 'Remove Build Folders' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Remove-BuildDirectories + pwsh: false +- task: powershell@2 + displayName: 'Install Pester' + inputs: + targetType: inline + script: Install-Module Pester -scope currentuser -SkipPublisherCheck -Force + pwsh: false +- task: powershell@2 + displayName: 'Run tests Entra' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/entra + Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml +- task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-ad.xml" + failTaskOnFailedTests: true +- task: powershell@2 + displayName: 'Run tests EntraBeta' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/entrabeta + Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml +- task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-preview.xml" + failTaskOnFailedTests: true +- ${{ if eq(parameters.Integration, true) }}: + - task: powershell@2 + displayName: 'Run Entra integration tests' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/Integration/Entra + Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml + - task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-preview.xml" + failTaskOnFailedTests: true + - task: powershell@2 + displayName: 'Run EntraBeta integration tests' + inputs: + targetType: inline + pwsh: true + script: | + cd test/module/Integration/EntraBeta + Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml + - task: PublishTestResults@2 + inputs: + testResultsFormat: NUnit + testResultsFiles: "./test/results/pester-test-results-preview.xml" + failTaskOnFailedTests: true +- task: powershell@2 + displayName: 'Remove Local Gallery' + inputs: + targetType: inline + script: | + . ./build/common-functions.ps1 + Unregister-LocalGallery + pwsh: false +- task: PSScriptAnalyzer@1 + displayName: 'Run PSScriptAnalyzer' + inputs: + Path: '$(Build.SourcesDirectory)' + Settings: required + IgnorePattern: .gdn + Recurse: true \ No newline at end of file diff --git a/.azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml b/.azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml deleted file mode 100644 index dfa002b8ae..0000000000 --- a/.azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml +++ /dev/null @@ -1,253 +0,0 @@ -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. -# https://aka.ms/yaml - -parameters: - - name: Sign - type: boolean - default: false - - name: Integration - type: boolean - default: false - -steps: -- task: powershell@2 - displayName: 'Show current PowerShell version information' - inputs: - targetType: inline - script: 'echo $PSVersionTable' - pwsh: false -- task: powershell@2 - displayName: 'Set maximum function count' - inputs: - targetType: inline - script: '$MaximumFunctionCount=32768' - pwsh: false -- task: powershell@2 - displayName: 'Install Dependencies Entra' - inputs: - targetType: inline - script: | - ./build/Install-Dependencies.ps1 -ModuleName Entra -Verbose - pwsh: false -- task: powershell@2 - displayName: 'Install PlatyPS' - inputs: - targetType: inline - script: Install-Module PlatyPS -scope currentuser -Force - pwsh: false -- task: powershell@2 - displayName: 'Create Module Help Files Entra' - inputs: - targetType: inline - script: | - Import-Module PlatyPS - . ./build/common-functions.ps1 - Create-ModuleHelp -Module Entra - pwsh: false -- task: powershell@2 - displayName: 'Build Entra' - inputs: - targetType: inline - script: ./build/Create-CompatModule.ps1 -Module Entra -Verbose - pwsh: false -- ${{ if eq(parameters.Sign, true) }}: - - template: ../common-templates/esrp/codesign-migrate.yml - parameters: - FolderPath: "bin" - Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" - - task: PowerShell@2 - displayName: "Validate Authenticode Signature" - inputs: - targetType: "inline" - pwsh: true - script: | - $ModulePsd1 = "bin/Microsoft.Graph.Entra.psd1" - $ModulePsm1 = "bin/Microsoft.Graph.Entra.psm1" - ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" - ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" -- task: powershell@2 - displayName: 'Create Module Files Entra' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Create-ModuleFolder - pwsh: false -- task: 1ES.PublishBuildArtifacts@1 - displayName: 'Publish Module Files EntraBeta' - inputs: - PathtoPublish: 'bin' - ArtifactName: 'Module Files' -- task: powershell@2 - displayName: 'Register Local Gallery' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Register-LocalGallery -Path $(Build.ArtifactStagingDirectory) - pwsh: false -- task: powershell@2 - displayName: 'Publish to Local Gallery Entra' - inputs: - targetType: inline - script: ./build/Publish-LocalCompatModule.ps1 -Install - pwsh: false -- task: 1ES.PublishBuildArtifacts@1 - displayName: 'Publish Module Nuget File Entra' - inputs: - PathtoPublish: '$(Build.ArtifactStagingDirectory)' - ArtifactName: 'Module Nuget' -- task: powershell@2 - displayName: 'Remove Build Folders' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Remove-BuildDirectories - pwsh: false -- task: powershell@2 - displayName: 'Install Dependencies EntraBeta' - inputs: - targetType: inline - script: | - ./build/Install-Dependencies.ps1 -ModuleName EntraBeta -Verbose - pwsh: false -- task: powershell@2 - displayName: 'Create Module Help Files EntraBeta' - inputs: - targetType: inline - script: | - Import-Module PlatyPS - . ./build/common-functions.ps1 - Create-ModuleHelp -Module EntraBeta - pwsh: false -- task: powershell@2 - displayName: 'Build EntraBeta' - inputs: - targetType: inline - script: | - $MaximumFunctionCount=32768 - ./build/Create-CompatModule.ps1 -Module EntraBeta -Verbose - pwsh: false -- ${{ if eq(parameters.Sign, true) }}: - - template: ../common-templates/esrp/codesign-migrate.yml - parameters: - FolderPath: "bin" - Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1" - - task: PowerShell@2 - displayName: "Validate Authenticode Signature" - inputs: - targetType: "inline" - pwsh: true - script: | - $ModulePsd1 = "bin/Microsoft.Graph.Entra.Beta.psd1" - $ModulePsm1 = "bin/Microsoft.Graph.Entra.Beta.psm1" - ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" - ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" -- task: powershell@2 - displayName: 'Create Module Files EntraBeta' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Create-ModuleFolder - pwsh: false -- task: 1ES.PublishBuildArtifacts@1 - displayName: 'Publish Module Files EntraBeta' - inputs: - PathtoPublish: 'bin' - ArtifactName: 'Module Files' -- task: powershell@2 - displayName: 'Publish to Local Gallery EntraBeta' - inputs: - targetType: inline - script: ./build/Publish-LocalCompatModule.ps1 -Install - pwsh: false -- task: 1ES.PublishBuildArtifacts@1 - displayName: 'Publish Module Nuget File EntraBeta' - inputs: - PathtoPublish: '$(Build.ArtifactStagingDirectory)' - ArtifactName: 'Module Nuget' -- task: powershell@2 - displayName: 'Remove Build Folders' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Remove-BuildDirectories - pwsh: false -- task: powershell@2 - displayName: 'Install Pester' - inputs: - targetType: inline - script: Install-Module Pester -scope currentuser -SkipPublisherCheck -Force - pwsh: false -- task: powershell@2 - displayName: 'Run tests Entra' - inputs: - targetType: inline - pwsh: true - script: | - cd test/module/entra - Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml -- task: PublishTestResults@2 - inputs: - testResultsFormat: NUnit - testResultsFiles: "./test/results/pester-test-results-ad.xml" - failTaskOnFailedTests: true -- task: powershell@2 - displayName: 'Run tests EntraBeta' - inputs: - targetType: inline - pwsh: true - script: | - cd test/module/entrabeta - Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml -- task: PublishTestResults@2 - inputs: - testResultsFormat: NUnit - testResultsFiles: "./test/results/pester-test-results-preview.xml" - failTaskOnFailedTests: true -- ${{ if eq(parameters.Integration, true) }}: - - task: powershell@2 - displayName: 'Run Entra integration tests' - inputs: - targetType: inline - pwsh: true - script: | - cd test/module/Integration/Entra - Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml - - task: PublishTestResults@2 - inputs: - testResultsFormat: NUnit - testResultsFiles: "./test/results/pester-test-results-preview.xml" - failTaskOnFailedTests: true - - task: powershell@2 - displayName: 'Run EntraBeta integration tests' - inputs: - targetType: inline - pwsh: true - script: | - cd test/module/Integration/EntraBeta - Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml - - task: PublishTestResults@2 - inputs: - testResultsFormat: NUnit - testResultsFiles: "./test/results/pester-test-results-preview.xml" - failTaskOnFailedTests: true -- task: powershell@2 - displayName: 'Remove Local Gallery' - inputs: - targetType: inline - script: | - . ./build/common-functions.ps1 - Unregister-LocalGallery - pwsh: false -- task: PSScriptAnalyzer@1 - displayName: 'Run PSScriptAnalyzer' - inputs: - Path: '$(Build.SourcesDirectory)' - Settings: required - IgnorePattern: .gdn - Recurse: true diff --git a/.azure-pipelines/generation-templates/generate_adapter.yml b/.azure-pipelines/generation-templates/generate_adapter.yml index 30567ca177..c4bb9c254e 100644 --- a/.azure-pipelines/generation-templates/generate_adapter.yml +++ b/.azure-pipelines/generation-templates/generate_adapter.yml @@ -16,41 +16,43 @@ steps: inputs: targetType: inline script: 'echo $PSVersionTable' - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Set maximum function count' inputs: targetType: inline script: '$MaximumFunctionCount=32768' - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Install Dependencies Entra' inputs: targetType: inline script: | ./build/Install-Dependencies.ps1 -ModuleName Entra -Verbose - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Install PlatyPS' inputs: targetType: inline script: Install-Module PlatyPS -scope currentuser -Force - pwsh: false -- task: powershell@2 - displayName: 'Create Module Help Files Entra' - inputs: - targetType: inline - script: | - Import-Module PlatyPS - . ./build/common-functions.ps1 - Create-ModuleHelp -Module Entra - pwsh: false + pwsh: true +# - task: powershell@2 +# displayName: 'Create Module Help Files Entra' +# inputs: +# targetType: inline +# script: | +# Import-Module PlatyPS +# . ./build/common-functions.ps1 +# Create-ModuleHelp -Module Entra +# pwsh: true - task: powershell@2 displayName: 'Build Entra' inputs: targetType: inline - script: ./build/Create-CompatModule.ps1 -Module Entra -Verbose - pwsh: false + script: | + ./build/Create-EntraModule.ps1 -Module Entra -Verbose + ./build/Create-EntraModule.ps1 -Module Entra -Root -Verbose + pwsh: true - ${{ if eq(parameters.Sign, true) }}: - template: ../common-templates/esrp/codesign.yml parameters: @@ -62,8 +64,8 @@ steps: targetType: "inline" pwsh: true script: | - $ModulePsd1 = "bin/Microsoft.Graph.Entra.psd1" - $ModulePsm1 = "bin/Microsoft.Graph.Entra.psm1" + $ModulePsd1 = "bin/Microsoft.Entra.psd1" + $ModulePsm1 = "bin/Microsoft.Entra.psm1" ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" - task: powershell@2 @@ -73,7 +75,7 @@ steps: script: | . ./build/common-functions.ps1 Create-ModuleFolder - pwsh: false + pwsh: true - task: PublishBuildArtifacts@1 displayName: 'Publish Module Files Entra' inputs: @@ -86,13 +88,13 @@ steps: script: | . ./build/common-functions.ps1 Register-LocalGallery -Path $(Build.ArtifactStagingDirectory) - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Publish to Local Gallery Entra' inputs: targetType: inline script: ./build/Publish-LocalCompatModule.ps1 -Install - pwsh: false + pwsh: true - task: PublishBuildArtifacts@1 displayName: 'Publish Module Nuget File Entra' inputs: @@ -105,31 +107,31 @@ steps: script: | . ./build/common-functions.ps1 Remove-BuildDirectories - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Install Dependencies EntraBeta' inputs: targetType: inline script: | ./build/Install-Dependencies.ps1 -ModuleName EntraBeta -Verbose - pwsh: false -- task: powershell@2 - displayName: 'Create Module Help Files EntraBeta' - inputs: - targetType: inline - script: | - Import-Module PlatyPS - . ./build/common-functions.ps1 - Create-ModuleHelp -Module EntraBeta - pwsh: false + pwsh: true +# - task: powershell@2 +# displayName: 'Create Module Help Files EntraBeta' +# inputs: +# targetType: inline +# script: | +# Import-Module PlatyPS +# . ./build/common-functions.ps1 +# Create-ModuleHelp -Module EntraBeta +# pwsh: true - task: powershell@2 displayName: 'Build EntraBeta' inputs: targetType: inline script: | - $MaximumFunctionCount=32768 - ./build/Create-CompatModule.ps1 -Module EntraBeta -Verbose - pwsh: false + ./build/Create-EntraModule.ps1 -Module EntraBeta -Verbose + ./build/Create-EntraModule.ps1 -Module EntraBeta -Root -Verbose + pwsh: true - ${{ if eq(parameters.Sign, true) }}: - template: ../common-templates/esrp/codesign.yml parameters: @@ -141,8 +143,8 @@ steps: targetType: "inline" pwsh: true script: | - $ModulePsd1 = "bin/Microsoft.Graph.Entra.Beta.psd1" - $ModulePsm1 = "bin/Microsoft.Graph.Entra.Beta.psm1" + $ModulePsd1 = "bin/Microsoft.Entra.Beta.psd1" + $ModulePsm1 = "bin/Microsoft.Entra.Beta.psm1" ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" - task: powershell@2 @@ -152,7 +154,7 @@ steps: script: | . ./build/common-functions.ps1 Create-ModuleFolder - pwsh: false + pwsh: true - task: PublishBuildArtifacts@1 displayName: 'Publish Module Files EntraBeta' inputs: @@ -163,7 +165,7 @@ steps: inputs: targetType: inline script: ./build/Publish-LocalCompatModule.ps1 -Install - pwsh: false + pwsh: true - task: PublishBuildArtifacts@1 displayName: 'Publish Module Nuget File EntraBeta' inputs: @@ -176,20 +178,20 @@ steps: script: | . ./build/common-functions.ps1 Remove-BuildDirectories - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Install Pester' inputs: targetType: inline script: Install-Module Pester -scope currentuser -SkipPublisherCheck -Force - pwsh: false + pwsh: true - task: powershell@2 displayName: 'Run tests Entra' inputs: targetType: inline pwsh: true script: | - cd test/module/entra + cd test/Entra Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml - task: PublishTestResults@2 inputs: @@ -197,17 +199,17 @@ steps: testResultsFiles: "./test/results/pester-test-results-ad.xml" failTaskOnFailedTests: true - task: powershell@2 - displayName: 'Run tests EntraBeta' + displayName: 'Run tests Entra Beta' inputs: targetType: inline pwsh: true script: | - cd test/module/entrabeta - Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml + cd test/EntraBeta + Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml - task: PublishTestResults@2 inputs: testResultsFormat: NUnit - testResultsFiles: "./test/results/pester-test-results-preview.xml" + testResultsFiles: "./test/results/pester-test-results-ad.xml" failTaskOnFailedTests: true - ${{ if eq(parameters.Integration, true) }}: - task: powershell@2 @@ -243,7 +245,7 @@ steps: script: | . ./build/common-functions.ps1 Unregister-LocalGallery - pwsh: false + pwsh: true - task: PSScriptAnalyzer@1 displayName: 'Run PSScriptAnalyzer' inputs: diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json new file mode 100644 index 0000000000..112d3a3d82 --- /dev/null +++ b/.config/CredScanSuppressions.json @@ -0,0 +1,45 @@ +{ + "tool": "Credential Scanner", + "suppressions": [ + { + "file": "test_legacy\\module\\Entra\\Update-EntraSignedInUserPassword.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test_legacy\\module\\Entra\\Update-EntraUserFromFederated.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test_legacy\\module\\EntraBeta\\Update-EntraBetaSignedInUserPassword.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test_legacy\\module\\EntraBeta\\Update-EntraBetaUserFromFederated.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test\\Entra\\Users\\Update-EntraSignedInUserPassword.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test\\Entra\\Users\\Update-EntraUserFromFederated.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test\\EntraBeta\\Users\\Update-EntraBetaSignedInUserPassword.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test\\EntraBeta\\Users\\Update-EntraBetaUserFromFederated.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test_legacy\\module\\Entra\\New-EntraUser.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + }, + { + "file": "test\\Entra\\Users\\New-EntraUser.Tests.ps1", + "_justification": "Unit test file has a sample Password used in mocking." + } + ] +} \ No newline at end of file diff --git a/.openpublishing.build.ps1 b/.openpublishing.build.ps1 index aadef76202..999addd649 100644 --- a/.openpublishing.build.ps1 +++ b/.openpublishing.build.ps1 @@ -1,17 +1,17 @@ param( - [string]$buildCorePowershellUrl = "https://opbuildstorageprod.blob.core.windows.net/opps1container/.openpublishing.buildcore.ps1", + [string]$buildCorePowershellUrl = 'https://opbuildstorageprod.blob.core.windows.net/opps1container/.openpublishing.buildcore.ps1', [string]$parameters ) # Main -$errorActionPreference = 'Stop' +$ErrorActionPreference = 'Stop' # Step-1: Download buildcore script to local -echo "download build core script to local with source url: $buildCorePowershellUrl" +Write-Output "download build core script to local with source url: $buildCorePowershellUrl" $repositoryRoot = Split-Path -Parent $MyInvocation.MyCommand.Definition $buildCorePowershellDestination = "$repositoryRoot\.openpublishing.buildcore.ps1" Invoke-WebRequest $buildCorePowershellUrl -OutFile "$buildCorePowershellDestination" # Step-2: Run build core -echo "run build core script with parameters: $parameters" +Write-Output "run build core script with parameters: $parameters" & "$buildCorePowershellDestination" "$parameters" exit $LASTEXITCODE diff --git a/1 b/1 new file mode 100644 index 0000000000..ec635144f6 --- /dev/null +++ b/1 @@ -0,0 +1 @@ +9 diff --git a/build/Beta-TypeDefs.txt b/build/Beta-TypeDefs.txt new file mode 100644 index 0000000000..9edc2d468b --- /dev/null +++ b/build/Beta-TypeDefs.txt @@ -0,0 +1,970 @@ +# ------------------------------------------------------------------------------ +# Type definitios required for commands inputs +# ------------------------------------------------------------------------------ + +$def = @" + +namespace Microsoft.Open.AzureAD.Graph.PowerShell.Custom +{ + + using System.Linq; + public enum KeyType{ + Symmetric = 0, + AsymmetricX509Cert = 1, + } + public enum KeyUsage{ + Sign = 0, + Verify = 1, + Decrypt = 2, + Encrypt = 3, + } +} + +namespace Microsoft.Open.AzureAD.Model +{ + + using System.Linq; + public class AlternativeSecurityId + { + public System.String IdentityProvider; + public System.Byte[] Key; + public System.Nullable Type; + + } + public class AppRole + { + public System.Collections.Generic.List AllowedMemberTypes; + public System.String Description; + public System.String DisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Origin; + public System.String Value; + } + public class AssignedLicense + { + public System.Collections.Generic.List DisabledPlans; + public System.String SkuId; + + } + public class AssignedLicenses + { + public System.Collections.Generic.List AddLicenses; + public System.Collections.Generic.List RemoveLicenses; + + } + public class CertificateAuthorityInformation + { + public enum AuthorityTypeEnum{ + RootAuthority = 0, + IntermediateAuthority = 1, + } + public System.Nullable AuthorityType; + public System.String CrlDistributionPoint; + public System.String DeltaCrlDistributionPoint; + public System.Byte[] TrustedCertificate; + public System.String TrustedIssuer; + public System.String TrustedIssuerSki; + + } + public class CrossCloudVerificationCodeBody + { + public System.String CrossCloudVerificationCode; + public CrossCloudVerificationCodeBody() + { + } + + public CrossCloudVerificationCodeBody(System.String value) + { + CrossCloudVerificationCode = value; + } + } + public class GroupIdsForMembershipCheck + { + public System.Collections.Generic.List GroupIds; + public GroupIdsForMembershipCheck() + { + } + + public GroupIdsForMembershipCheck(System.Collections.Generic.List value) + { + GroupIds = value; + } + } + public class KeyCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDate; + public System.String KeyId; + public System.Nullable StartDate; + public System.String Type; + public System.String Usage; + public System.Byte[] Value; + + } + public class PasswordCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDate; + public System.String KeyId; + public System.Nullable StartDate; + public System.String Value; + + } + public class PasswordProfile + { + public System.String Password; + public System.Nullable ForceChangePasswordNextLogin; + public System.Nullable EnforceChangePasswordPolicy; + + } + public class PrivacyProfile + { + public System.String ContactEmail; + public System.String StatementUrl; + + } + public class RoleMemberInfo + { + public System.String DisplayName; + public System.String ObjectId; + public System.String UserPrincipalName; + + } + public class SignInName + { + public System.String Type; + public System.String Value; + + } +} + +namespace Microsoft.Open.MSGraph.Model +{ + + using System.Linq; + + public class MsRoleMemberInfo{ + public System.String Id; + } + + public class AddIn + { + public System.String Id; + public System.String Type; + public System.Collections.Generic.List Properties; + + } + public class ApiApplication + { + public System.Nullable RequestedAccessTokenVersion; + public System.Collections.Generic.List Oauth2PermissionScopes; + + } + public class ApplicationTemplateDisplayName + { + public System.String DisplayName; + public ApplicationTemplateDisplayName() + { + } + + public ApplicationTemplateDisplayName(System.String value) + { + DisplayName = value; + } + } + public class AppRole + { + public System.Collections.Generic.List AllowedMemberTypes; + public System.String Description; + public System.String DisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Value; + + } + public class AssignedLabel + { + public System.String LabelId; + public System.String DisplayName; + + } + public class AzureADMSPrivilegedRuleSetting + { + public System.String RuleIdentifier; + public System.String Setting; + + } + public class AzureADMSPrivilegedSchedule + { + public System.Nullable StartDateTime; + public System.Nullable EndDateTime; + public System.String Type; + public System.String Duration; + + } + public class ConditionalAccessApplicationCondition + { + public System.Collections.Generic.List IncludeApplications; + public System.Collections.Generic.List ExcludeApplications; + public System.Collections.Generic.List IncludeUserActions; + public System.Collections.Generic.List IncludeAuthenticationContextClassReferences; + + } + public class ConditionalAccessApplicationEnforcedRestrictions + { + public System.Nullable IsEnabled; + public ConditionalAccessApplicationEnforcedRestrictions() + { + } + + public ConditionalAccessApplicationEnforcedRestrictions(System.Nullable value) + { + IsEnabled = value; + } + } + public class ConditionalAccessCloudAppSecurity + { + public enum CloudAppSecurityTypeEnum{ + McasConfigured = 0, + MonitorOnly = 1, + BlockDownloads = 2, + } + public System.Nullable CloudAppSecurityType; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessConditionSet + { + public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition Applications; + public Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition Users; + public Microsoft.Open.MSGraph.Model.ConditionalAccessPlatformCondition Platforms; + public Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition Locations; + public enum ConditionalAccessRiskLevel{ + Low = 0, + Medium = 1, + High = 2, + Hidden = 3, + None = 4, + UnknownFutureValue = 5, + } + public System.Collections.Generic.List UserRiskLevels; + public System.Collections.Generic.List SignInRiskLevels; + public enum ConditionalAccessClientApp{ + All = 0, + Browser = 1, + MobileAppsAndDesktopClients = 2, + ExchangeActiveSync = 3, + EasSupported = 4, + Other = 5, + } + public System.Collections.Generic.List ClientAppTypes; + public Microsoft.Open.MSGraph.Model.ConditionalAccessDevicesCondition Devices; + + } + public class ConditionalAccessDevicesCondition + { + public System.Collections.Generic.List IncludeDevices; + public System.Collections.Generic.List ExcludeDevices; + public Microsoft.Open.MSGraph.Model.ConditionalAccessFilter DeviceFilter; + + } + public class ConditionalAccessFilter + { + public enum ModeEnum{ + Include = 0, + Exclude = 1, + } + public System.Nullable Mode; + public System.String Rule; + + } + public class ConditionalAccessGrantControls + { + public System.String _Operator; + public enum ConditionalAccessGrantControl{ + Block = 0, + Mfa = 1, + CompliantDevice = 2, + DomainJoinedDevice = 3, + ApprovedApplication = 4, + CompliantApplication = 5, + PasswordChange = 6, + } + public System.Collections.Generic.List BuiltInControls; + public System.Collections.Generic.List CustomAuthenticationFactors; + public System.Collections.Generic.List TermsOfUse; + + } + public class ConditionalAccessLocationCondition + { + public System.Collections.Generic.List IncludeLocations; + public System.Collections.Generic.List ExcludeLocations; + + } + public class ConditionalAccessPersistentBrowser + { + public enum ModeEnum{ + Always = 0, + Never = 1, + } + public System.Nullable Mode; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessPlatformCondition + { + public enum ConditionalAccessDevicePlatforms{ + Android = 0, + IOS = 1, + Windows = 2, + WindowsPhone = 3, + MacOS = 4, + All = 5, + } + public System.Collections.Generic.List IncludePlatforms; + public System.Collections.Generic.List ExcludePlatforms; + + } + public class ConditionalAccessSessionControls + { + public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions ApplicationEnforcedRestrictions; + public Microsoft.Open.MSGraph.Model.ConditionalAccessCloudAppSecurity CloudAppSecurity; + public Microsoft.Open.MSGraph.Model.ConditionalAccessSignInFrequency SignInFrequency; + public Microsoft.Open.MSGraph.Model.ConditionalAccessPersistentBrowser PersistentBrowser; + + } + public class ConditionalAccessSignInFrequency + { + public enum TypeEnum{ + Days = 0, + Hours = 1, + } + public System.Nullable Type; + public System.Nullable Value; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessUserCondition + { + public System.Collections.Generic.List IncludeUsers; + public System.Collections.Generic.List ExcludeUsers; + public System.Collections.Generic.List IncludeGroups; + public System.Collections.Generic.List ExcludeGroups; + public System.Collections.Generic.List IncludeRoles; + public System.Collections.Generic.List ExcludeRoles; + + } + public enum CountriesAndRegion{ + AD = 0, + AE = 1, + AF = 2, + AG = 3, + AI = 4, + AL = 5, + AM = 6, + AN = 7, + AO = 8, + AQ = 9, + AR = 10, + AS = 11, + AT = 12, + AU = 13, + AW = 14, + AX = 15, + AZ = 16, + BA = 17, + BB = 18, + BD = 19, + BE = 20, + BF = 21, + BG = 22, + BH = 23, + BI = 24, + BJ = 25, + BL = 26, + BM = 27, + BN = 28, + BO = 29, + BQ = 30, + BR = 31, + BS = 32, + BT = 33, + BV = 34, + BW = 35, + BY = 36, + BZ = 37, + CA = 38, + CC = 39, + CD = 40, + CF = 41, + CG = 42, + CH = 43, + CI = 44, + CK = 45, + CL = 46, + CM = 47, + CN = 48, + CO = 49, + CR = 50, + CU = 51, + CV = 52, + CW = 53, + CX = 54, + CY = 55, + CZ = 56, + DE = 57, + DJ = 58, + DK = 59, + DM = 60, + DO = 61, + DZ = 62, + EC = 63, + EE = 64, + EG = 65, + EH = 66, + ER = 67, + ES = 68, + ET = 69, + FI = 70, + FJ = 71, + FK = 72, + FM = 73, + FO = 74, + FR = 75, + GA = 76, + GB = 77, + GD = 78, + GE = 79, + GF = 80, + GG = 81, + GH = 82, + GI = 83, + GL = 84, + GM = 85, + GN = 86, + GP = 87, + GQ = 88, + GR = 89, + GS = 90, + GT = 91, + GU = 92, + GW = 93, + GY = 94, + HK = 95, + HM = 96, + HN = 97, + HR = 98, + HT = 99, + HU = 100, + ID = 101, + IE = 102, + IL = 103, + IM = 104, + IN = 105, + IO = 106, + IQ = 107, + IR = 108, + IS = 109, + IT = 110, + JE = 111, + JM = 112, + JO = 113, + JP = 114, + KE = 115, + KG = 116, + KH = 117, + KI = 118, + KM = 119, + KN = 120, + KP = 121, + KR = 122, + KW = 123, + KY = 124, + KZ = 125, + LA = 126, + LB = 127, + LC = 128, + LI = 129, + LK = 130, + LR = 131, + LS = 132, + LT = 133, + LU = 134, + LV = 135, + LY = 136, + MA = 137, + MC = 138, + MD = 139, + ME = 140, + MF = 141, + MG = 142, + MH = 143, + MK = 144, + ML = 145, + MM = 146, + MN = 147, + MO = 148, + MP = 149, + MQ = 150, + MR = 151, + MS = 152, + MT = 153, + MU = 154, + MV = 155, + MW = 156, + MX = 157, + MY = 158, + MZ = 159, + NA = 160, + NC = 161, + NE = 162, + NF = 163, + NG = 164, + NI = 165, + NL = 166, + NO = 167, + NP = 168, + NR = 169, + NU = 170, + NZ = 171, + OM = 172, + PA = 173, + PE = 174, + PF = 175, + PG = 176, + PH = 177, + PK = 178, + PL = 179, + PM = 180, + PN = 181, + PR = 182, + PS = 183, + PT = 184, + PW = 185, + PY = 186, + QA = 187, + RE = 188, + RO = 189, + RS = 190, + RU = 191, + RW = 192, + SA = 193, + SB = 194, + SC = 195, + SD = 196, + SE = 197, + SG = 198, + SH = 199, + SI = 200, + SJ = 201, + SK = 202, + SL = 203, + SM = 204, + SN = 205, + SO = 206, + SR = 207, + SS = 208, + ST = 209, + SV = 210, + SX = 211, + SY = 212, + SZ = 213, + TC = 214, + TD = 215, + TF = 216, + TG = 217, + TH = 218, + TJ = 219, + TK = 220, + TL = 221, + TM = 222, + TN = 223, + TO = 224, + TR = 225, + TT = 226, + TV = 227, + TW = 228, + TZ = 229, + UA = 230, + UG = 231, + UM = 232, + US = 233, + UY = 234, + UZ = 235, + VA = 236, + VC = 237, + VE = 238, + VG = 239, + VI = 240, + VN = 241, + VU = 242, + WF = 243, + WS = 244, + YE = 245, + YT = 246, + ZA = 247, + ZM = 248, + ZW = 249, + } + public class DefaultUserRolePermissions + { + public System.Nullable AllowedToCreateApps; + public System.Nullable AllowedToCreateSecurityGroups; + public System.Nullable AllowedToReadOtherUsers; + + } + public class DelegatedPermissionClassification + { + public enum ClassificationEnum{ + Low = 0, + Medium = 1, + High = 2, + } + public System.Nullable Classification; + public System.String Id; + public System.String PermissionId; + public System.String PermissionName; + + } + public class DirectoryRoleDefinition + { + public System.String Id; + public System.String OdataType; + public System.String Description; + public System.String DisplayName; + public System.Nullable IsBuiltIn; + public System.Collections.Generic.List ResourceScopes; + public System.Nullable IsEnabled; + public System.Collections.Generic.List RolePermissions; + public System.String TemplateId; + public System.String Version; + public System.Collections.Generic.List InheritsPermissionsFrom; + + } + public class DirectorySetting + { + public System.String Id; + public System.String DisplayName; + public System.String TemplateId; + public System.Collections.Generic.List Values; + + public string this[string name] + { + get + { + SettingValue setting = this.Values.FirstOrDefault(namevaluepair => namevaluepair.Name.Equals(name)); + return (setting != null) ? setting.Value : string.Empty; + } + set + { + SettingValue setting = this.Values.FirstOrDefault(namevaluepair => namevaluepair.Name.Equals(name)); + if (setting != null) + { + // Capitalize the forst character of the value. + if (string.IsNullOrEmpty(value)) + { + setting.Value = value; + } + else if (value.Length == 1) + { + setting.Value = value.ToUpper(); + } + else + { + setting.Value = char.ToUpper(value[0]) + value.Substring(1); + } + } + } + } + } + public class DirectorySettingTemplate + { + public System.String Id; + public System.String DisplayName; + public System.String Description; + public System.Collections.Generic.List Values; + + public DirectorySetting CreateDirectorySetting() + { + DirectorySetting directorySetting = new DirectorySetting(); + + directorySetting.TemplateId = this.Id; + + directorySetting.Values = new System.Collections.Generic.List(); + foreach (var definition in this.Values) + { + SettingValue item = new SettingValue(); + item.Name = definition.Name; + + string value = definition.DefaultValue; + if (string.IsNullOrEmpty(value)) + { + item.Value = value; + } + else if (value.Length == 1) + { + item.Value = value.ToUpper(); + } + else + { + item.Value = char.ToUpper(value[0]) + value.Substring(1); + } + + directorySetting.Values.Add(item); + } + + return directorySetting; + } + } + public class EmailAddress + { + public System.String Name; + public System.String Address; + + } + public class ImplicitGrantSettings + { + public System.Nullable EnableIdTokenIssuance; + public System.Nullable EnableAccessTokenIssuance; + + } + public class InformationalUrl + { + public System.String TermsOfServiceUrl; + public System.String MarketingUrl; + public System.String PrivacyStatementUrl; + public System.String SupportUrl; + public System.String LogoUrl; + + } + public class InvitedUserMessageInfo + { + public System.Collections.Generic.List CcRecipients; + public System.String CustomizedMessageBody; + public System.String MessageLanguage; + + } + public class IpRange + { + public System.String CidrAddress; + public IpRange() + { + } + + public IpRange(System.String value) + { + CidrAddress = value; + } + } + public class KeyCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDateTime; + public System.String KeyId; + public System.Nullable StartDateTime; + public System.String Type; + public System.String Usage; + public System.Byte[] Key; + + } + public class KeyValue + { + public System.String Key; + public System.String Value; + + } + public class MsDirectoryObject + { + public System.String Id; + public System.String OdataType; + + } + public class MsFeatureRolloutPolicy + { + public enum FeatureEnum{ + PassthroughAuthentication = 0, + SeamlessSso = 1, + PasswordHashSync = 2, + EmailAsAlternateId = 3, + } + public System.Nullable Feature; + public System.String Id; + public System.String DisplayName; + public System.String Description; + public System.Nullable IsEnabled; + public System.Nullable IsAppliedToOrganization; + public System.Collections.Generic.List AppliesTo; + + } + public class OptionalClaim + { + public System.String Name; + public System.String Source; + public System.Nullable Essential; + public System.Collections.Generic.List AdditionalProperties; + + } + public class OptionalClaims + { + public System.Collections.Generic.List IdToken; + public System.Collections.Generic.List AccessToken; + public System.Collections.Generic.List SamlToken; + + } + public class ParentalControlSettings + { + public enum LegalAgeGroupRuleEnum{ + Allow = 0, + RequireConsentForPrivacyServices = 1, + RequireConsentForMinors = 2, + RequireConsentForKids = 3, + BlockMinors = 4, + } + public System.Nullable LegalAgeGroupRule; + public System.Collections.Generic.List CountriesBlockedForMinors; + + } + public class PasswordCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDateTime; + public System.String KeyId; + public System.Nullable StartDateTime; + public System.String SecretText; + public System.String Hint; + + } + public class PasswordSSOCredential + { + public System.String FieldId; + public System.String Value; + public System.String Type; + + } + public class PasswordSSOCredentials + { + public System.String Id; + public System.Collections.Generic.List Credentials; + + } + public class PasswordSSOObjectId + { + public System.String Id; + public PasswordSSOObjectId() + { + } + + public PasswordSSOObjectId(System.String value) + { + Id = value; + } + } + public class PermissionScope + { + public System.String AdminConsentDescription; + public System.String AdminConsentDisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Type; + public System.String UserConsentDescription; + public System.String UserConsentDisplayName; + public System.String Value; + + } + public class PreAuthorizedApplication + { + public System.String AppId; + public System.Collections.Generic.List PermissionIds; + + } + public class PublicClientApplication + { + public System.Collections.Generic.List RedirectUris; + public PublicClientApplication() + { + } + + public PublicClientApplication(System.Collections.Generic.List value) + { + RedirectUris = value; + } + } + public class Recipient + { + public Microsoft.Open.MSGraph.Model.EmailAddress EmailAddress; + public Recipient() + { + } + + public Recipient(Microsoft.Open.MSGraph.Model.EmailAddress value) + { + EmailAddress = value; + } + } + public class RequiredResourceAccess + { + public System.String ResourceAppId; + public System.Collections.Generic.List ResourceAccess; + + } + public class ResourceAccess + { + public System.String Id; + public System.String Type; + + } + public class RolePermission + { + public System.Collections.Generic.List AllowedResourceActions; + public System.String Condition; + + } + public class SettingTemplateValue + { + public System.String Name; + public System.String Description; + public System.String Type; + public System.String DefaultValue; + + } + public class SettingValue + { + public System.String Name; + public System.String Value; + + } + public class SetVerifiedPublisherRequest + { + public System.String VerifiedPublisherId; + public SetVerifiedPublisherRequest() + { + } + + public SetVerifiedPublisherRequest(System.String value) + { + VerifiedPublisherId = value; + } + } + public class User + { + public System.String Id; + public System.String OdataType; + + } + public class WebApplication + { + public System.String LogoutUrl; + public System.Nullable Oauth2AllowImplicitFlow; + public System.Collections.Generic.List RedirectUris; + public Microsoft.Open.MSGraph.Model.ImplicitGrantSettings ImplicitGrantSettings; + + } +} +"@ + try{ Add-Type -TypeDefinition $def } + catch{} + +# ------------------------------------------------------------------------------ +# End of Type definitios required for commands inputs +# ------------------------------------------------------------------------------ \ No newline at end of file diff --git a/build/Create-EntraModule.ps1 b/build/Create-EntraModule.ps1 new file mode 100644 index 0000000000..a89765ac42 --- /dev/null +++ b/build/Create-EntraModule.ps1 @@ -0,0 +1,28 @@ + +[cmdletbinding()] +param ( + [string]$Module = "Entra", # Default to "Entra" if no argument is provided + [switch]$Root +) + +. (Join-Path $psscriptroot "/common-functions.ps1") +. (Join-Path $psscriptroot "../src/EntraModuleBuilder.ps1") + +$moduleBuilder = [EntraModuleBuilder]::new() + +if($Module -eq 'Entra'){ + + $typeDefsPath=(Join-Path $PSScriptRoot "/V1.0-Typedefs.txt") +}else{ + $typeDefsPath=(Join-Path $PSScriptRoot "/Beta-TypeDefs.txt") +} +if($Root){ + $moduleBuilder.CreateRootModuleManifest($Module) +}else{ + $moduleBuilder.CreateModuleHelp($Module) + $moduleBuilder.CreateSubModuleFile($Module, $typeDefsPath) + $moduleBuilder.CreateModuleManifest($Module) +} + + + diff --git a/build/Create-ModuleMapping.ps1 b/build/Create-ModuleMapping.ps1 new file mode 100644 index 0000000000..504e59baaf --- /dev/null +++ b/build/Create-ModuleMapping.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +#This function uses the moduleMapping.json to split the docs to subdirectories i.e. Key =SubModule name and +# Value =an array of strings representing the files in that directory + +param ( + [string]$Module = "Entra" # Default to "Entra" if no argument is provided +) + +. (Join-Path $psscriptroot "/common-functions.ps1") + +function Get-DirectoryFileMap { + param ( + [string]$Source = 'Entra' # Default to 'Entra' + ) + + + # Determine the root directory and the output based on the Source parameter + switch ($Source) { + 'Entra' { + $RootDirectory = (Join-Path $PSScriptRoot "../module/Entra/Microsoft.Entra/") + $OutputDirectory = (Join-Path $PSScriptRoot '../module/Entra/config/') + } + 'EntraBeta' { + $RootDirectory = (Join-Path $PSScriptRoot"../module/EntraBeta/Microsoft.Entra.Beta/") + $OutputDirectory = (Join-Path $PSScriptRoot"../module/EntraBeta/config/") + } + default { + Log-Message "Invalid Source specified. Use 'Entra' or 'EntraBeta'." 'Error' + throw "Invalid Source specified. Use 'Entra' or 'EntraBeta'." + } + } + + # Check if the root directory exists + if (-not (Test-Path -Path $RootDirectory -PathType Container)) { + Log-Message "Directory '$RootDirectory' does not exist." 'Error' + throw "Directory '$RootDirectory' does not exist." + } else { + Log-Message "Root directory '$RootDirectory' found." + } + + # Check if the output directory exists, create if it doesn't + if (-not (Test-Path -Path $OutputDirectory -PathType Container)) { + New-Item -Path $OutputDirectory -ItemType Directory | Out-Null + Log-Message "Output directory '$OutputDirectory' did not exist, created it." 'Warning' + } else { + Log-Message "Output directory '$OutputDirectory' exists." + } + + $fileDirectoryMap = @{} + + # Get all the subdirectories under the root directory + $subDirectories = Get-ChildItem -Path $RootDirectory -Directory + $filesToSkip=@('Enable-EntraAzureADAliases','Get-EntraUnsupportedCommand','New-EntraCustomHeaders','Enable-EntraBetaAzureADAliases','Get-EntraBetaUnsupportedCommand','New-EntraBetaCustomHeaders') + foreach ($subDir in $subDirectories) { + Log-Message "Processing subdirectory '$($subDir.Name)'." 'Info' + + # Get the files in each sub-directory without their extensions + $files = Get-ChildItem -Path $subDir.FullName -File | ForEach-Object { + $fileName = [System.IO.Path]::GetFileNameWithoutExtension($_.Name) + # Map the file name to the directory name + if($fileName -notin $filesToSkip){ + $fileDirectoryMap[$fileName] = $subDir.Name + Log-Message "Mapped file '$fileName' to directory '$($subDir.Name)'." 'Info' + } + } + } + + # Convert the file-directory map to JSON + $jsonOutput = $fileDirectoryMap | ConvertTo-Json -Depth 3 + + # Define the output file path as moduleMapping.json + $outputFilePath = Join-Path -Path $OutputDirectory -ChildPath "newModuleMapping.json" + + # Write the JSON output to moduleMapping.json + $jsonOutput | Out-File -FilePath $outputFilePath -Encoding UTF8 + + Log-Message "moduleMapping.json has been created at '$outputFilePath'." 'Info' +} + +Get-DirectoryFileMap -Source $Module \ No newline at end of file diff --git a/build/Publish-LocalCompatModule.ps1 b/build/Publish-LocalCompatModule.ps1 index 023851a7ca..284af0af67 100644 --- a/build/Publish-LocalCompatModule.ps1 +++ b/build/Publish-LocalCompatModule.ps1 @@ -10,18 +10,29 @@ param( . "$psscriptroot/common-functions.ps1" -$modulePath = Join-Path (Get-ModuleBasePath) (Get-ConfigValue -Name ModuleOutputSubdirectoryName) -$modulePath = Join-Path $modulePath (Get-ModuleName) -$fullModuleName = Get-ModuleName -if($fullModuleName -eq 'Microsoft.Graph.Entra'){ - $moduleName = 'Entra' +$fullModuleNames = @() +$modName = Get-ModuleName + +if($modName -is [array]){ + $fullModuleName = $modName[0] + $fullModuleNames = $modName } else{ + $fullModuleName = $modName + $fullModuleNames += $modName +} + +if($fullModuleName -like 'Microsoft.Entra.Beta*'){ $moduleName = 'EntraBeta' } +else{ + $moduleName = 'Entra' +} $settingPath = "$PSScriptRoot/../module/$ModuleName/config/ModuleSettings.json" $content = Get-Content -Path $settingPath | ConvertFrom-Json +$metadataPath = "$PSScriptRoot/../module/$ModuleName/config/ModuleMetadata.json" +$metadata = Get-Content -Path $metadataPath | ConvertFrom-Json if($moduleName -eq 'Entra'){ Publish-Module -Name Microsoft.Graph.Authentication -RequiredVersion $content.destinationModuleVersion -Repository (Get-LocalPSRepoName) @@ -32,8 +43,37 @@ foreach ($destinationModuleName in $content.destinationModuleName){ Publish-Module -Name $destinationModuleName -RequiredVersion $content.destinationModuleVersion -Repository (Get-LocalPSRepoName) } -Publish-Module -Path $modulePath -Repository (Get-LocalPSRepoName) +foreach($module in $fullModuleNames){ + if(($module -eq 'Microsoft.Entra') -or ($module -eq 'Microsoft.Entra.Beta')){ + continue + } + $modulePath = Join-Path (Get-ModuleBasePath) (Get-ConfigValue -Name ModuleOutputSubdirectoryName) + $modulePath = Join-Path $modulePath $module + Log-Message "[Publish Local Compat] module : $module" -Level 'INFO' + Log-Message "[Publish Local Compat] modulePath : $modulePath" -Level 'INFO' + Publish-Module -Path $modulePath -Repository (Get-LocalPSRepoName) + + if ($Install) { + Log-Message "[Publish Local Compat] Installing : $module" -Level 'INFO' + Install-Module -Name $module -Repository (Get-LocalPSRepoName) -AllowClobber + } +} + +if($moduleName -eq 'Entra'){ + $module = 'Microsoft.Entra' +} +else{ + $module = 'Microsoft.Entra.Beta' +} + +$modulePath = Join-Path (Get-ModuleBasePath) (Get-ConfigValue -Name ModuleOutputSubdirectoryName) +$modulePath = Join-Path $modulePath $module +$modulePath = Join-Path $modulePath $metadata.version +Log-Message "[Publish Local Compat] module : $module" -Level 'INFO' +Log-Message "[Publish Local Compat] modulePath : $modulePath" -Level 'INFO' +Publish-PSResource -Path $modulePath -Repository (Get-LocalPSRepoName) -SkipDependenciesCheck if ($Install) { - Install-Module -Name (Get-ModuleName) -Repository (Get-LocalPSRepoName) -AllowClobber -} \ No newline at end of file + Log-Message "[Publish Local Compat] Installing : $module" -Level 'INFO' + Install-Module -Name $module -Repository (Get-LocalPSRepoName) -AllowClobber +} diff --git a/build/Split-Docs.ps1 b/build/Split-Docs.ps1 new file mode 100644 index 0000000000..816f0bad3f --- /dev/null +++ b/build/Split-Docs.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +#This function copies the docs using the moduleMapping.json into their submodule directories +# i.e. For each entry, it will use the Key(cmdlet name) and map it to the Value(A subdirectory created in the respective docs directory) + +param ( + [string]$Module = "Entra" # Default to "Entra" if no argument is provided +) + +.(Join-Path $psscriptroot "/common-functions.ps1") + + +function Split-Docs { + param ( + [string]$Module = 'Entra' + ) + + # Determine source directories and mapping file paths based on the Source parameter + switch ($Module) { + 'Entra' { + $DocsSourceDirectory = (Join-Path $PSScriptRoot "../module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra") + $MappingFilePath = (Join-Path $PSScriptRoot '../module/Entra/config/moduleMapping.json') + $OutputDirectory= (Join-Path $PSScriptRoot '../module/docs/entra-powershell-v1.0') + } + 'EntraBeta' { + $DocsSourceDirectory = (Join-Path $PSScriptRoot "../module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta") + $MappingFilePath = (Join-Path $PSScriptRoot "../module/EntraBeta/config/moduleMapping.json") + $OutputDirectory= (Join-Path $PSScriptRoot "../module/docs/entra-powershell-beta") + } + default { + Log-Message -Message "[Split-Docs]: Invalid Source specified. Use 'Entra' or 'EntraBeta'." -Level 'ERROR' + return + } + } + + # Use the provided output directory or default to DocsSourceDirectory if none specified + $TargetRootDirectory = $OutputDirectory + + # Check if the mapping file exists + if (-not (Test-Path -Path $MappingFilePath -PathType Leaf)) { + Log-Message -Message "[Split-Docs]: Mapping file '$MappingFilePath' does not exist." -Level 'ERROR' + return + } + + # Load the JSON content from the mapping file + $moduleMapping = Get-Content -Path $MappingFilePath | ConvertFrom-Json + + # Ensure the root documentation directory exists, create if it doesn't + if (-not (Test-Path -Path $TargetRootDirectory -PathType Container)) { + New-Item -Path $TargetRootDirectory -ItemType Directory | Out-Null + Log-Message -Message "[Split-Docs]: Created directory: $TargetRootDirectory" -Level 'SUCCESS' + } + + # Ensure UnMappedDocs directory exists at the same level as the OutputDirectory + $unMappedDocsDirectory = Join-Path -Path (Split-Path $TargetRootDirectory) -ChildPath 'UnMappedDocs' + if (-not (Test-Path -Path $unMappedDocsDirectory -PathType Container)) { + New-Item -Path $unMappedDocsDirectory -ItemType Directory | Out-Null + Log-Message -Message "[Split-Docs]: Created 'UnMappedDocs' directory: $unMappedDocsDirectory" -Level 'SUCCESS' + } + + # Iterate over each file in the DocsSourceDirectory + $filesInSource = Get-ChildItem -Path $DocsSourceDirectory -Filter "*.md" + + foreach ($file in $filesInSource) { + $fileNameWithoutExtension = [System.IO.Path]::GetFileNameWithoutExtension($file.Name) + + # Check if the fileName exists in the mapping + $subDirName = $moduleMapping.PSObject.Properties.Name | Where-Object { $_ -eq $fileNameWithoutExtension } + + if ($subDirName) { + # If a subdir is mapped, proceed as before + $subDirName = $moduleMapping.$fileNameWithoutExtension + $targetSubDir = Join-Path -Path $TargetRootDirectory -ChildPath $subDirName + + if($subDirName -eq 'Migration' -or $subDirName -eq 'Invitations'){ + Log-Message "[Split-Docs]: Skipping $subDirName" -Level 'WARNING' + continue + } + if (-not (Test-Path -Path $targetSubDir -PathType Container)) { + New-Item -Path $targetSubDir -ItemType Directory | Out-Null + Log-Message -Message "[Split-Docs]: Created sub-directory: $targetSubDir" -Level 'SUCCESS' + } + + # Copy the .md file to the target sub-directory + Copy-Item -Path $file.FullName -Destination $targetSubDir + Log-Message -Message "[Split-Docs]: Copied '$file' to '$targetSubDir'" -Level 'SUCCESS' + } + else { + # If no mapping found, move it to UnMappedDocs + Copy-Item -Path $file.FullName -Destination $unMappedDocsDirectory + Log-Message -Message "[Split-Docs]: No mapping for '$fileNameWithoutExtension'. Moved to '$unMappedDocsDirectory'" -Level 'INFO' + } + } + + Log-Message -Message "[Split-Docs]: Markdown file copying complete." -Level 'INFO' +} + +Split-Docs -Module $Module diff --git a/build/Split-EntraModule.ps1 b/build/Split-EntraModule.ps1 new file mode 100644 index 0000000000..36aedac62c --- /dev/null +++ b/build/Split-EntraModule.ps1 @@ -0,0 +1,22 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +param ( + [string]$Module = "Entra" # Default to "Entra" if no argument is provided +) + +# Import the necessary scripts +. (Join-Path $psscriptroot "/common-functions.ps1") +. (Join-Path $psscriptroot "../src/EntraModuleSplitter.ps1") +.(Join-Path $psscriptroot "/Split-Docs.ps1") + + + + + +# Split the module and take into account the AzureADAliases as well +$entraModuleSplitter = [EntraModuleSplitter]::new() +$entraModuleSplitter.SplitEntraModule($Module) # Pass the module argument +$entraModuleSplitter.ProcessEntraAzureADAliases($Module) + diff --git a/build/Split-Tests.ps1 b/build/Split-Tests.ps1 new file mode 100644 index 0000000000..53d0073b34 --- /dev/null +++ b/build/Split-Tests.ps1 @@ -0,0 +1,184 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +# This function copies the docs using the moduleMapping.json into their submodule directories. +# For each entry, it uses the Key (cmdlet name) to map it to the Value (a subdirectory created in the respective docs directory). + +. ./common-functions.ps1 + +function Split-Tests { + param ( + [string]$Module = 'Entra', # Default to 'Entra' + [string]$OutputDirectory # Allow custom output directory + ) + + # Determine source directories and mapping file paths based on the Source parameter + + switch ($Module) { + 'Entra' { + $TestSourceDirectory = "../test_legacy/module/Entra" + $MappingFilePath = '../module/Entra/config/moduleMapping.json' + $OutputDirectory = '../test/Entra' + $modulePrefix = 'Microsoft.Entra' + } + 'EntraBeta' { + $TestSourceDirectory = "../test_legacy/module/EntraBeta" + $MappingFilePath = "../module/EntraBeta/config/moduleMapping.json" + $OutputDirectory = "../test/EntraBeta" + $modulePrefix = 'Microsoft.Entra.Beta' + } + default { + Log-Message -Message "Invalid Source specified. Use 'Entra' or 'EntraBeta'." -Level 'ERROR' + return + } + } + + # Check if the mapping file exists + if (-not (Test-Path -Path $MappingFilePath -PathType Leaf)) { + Log-Message -Message "Mapping file '$MappingFilePath' does not exist." -Level 'ERROR' + return + } + + # Load the JSON content from the mapping file + $moduleMapping = Get-Content -Path $MappingFilePath | ConvertFrom-Json + + # Create a set to track files that have been processed + $processedFiles = @{} + + # Ensure the root documentation directory exists + if (-not (Test-Path -Path $OutputDirectory -PathType Container)) { + New-Item -Path $OutputDirectory -ItemType Directory | Out-Null + Log-Message -Message "Created directory: $OutputDirectory" -Level 'SUCCESS' + } + + # Collect all test files in the source directory + $allTestFiles = Get-ChildItem -Path $TestSourceDirectory -Filter "*.Tests.ps1" -File + + # Define additional test files to be copied to each subdirectory + $additionalTestFiles = @("General.Test.ps1", "Invalid.Tests.ps1", "Module.Tests.ps1", "Valid.Tests.ps1", "Entra.Tests.ps1") + + # Iterate over each file-directory pair in the moduleMapping.json + foreach ($fileEntry in $moduleMapping.PSObject.Properties) { + $fileName = $fileEntry.Name # Key (file name without extension) + $subDirName = $fileEntry.Value # Value (sub-directory name) + + # Create the sub-directory under the output root directory if it doesn't exist + $targetSubDir = Join-Path -Path $OutputDirectory -ChildPath $subDirName + + # Skip specified subdirectories + if ($subDirName -eq 'Migration' -or $subDirName -eq 'Invitations') { + Log-Message "Skipping $subDirName" -Level 'WARNING' + continue + } + + if (-not (Test-Path -Path $targetSubDir -PathType Container)) { + New-Item -Path $targetSubDir -ItemType Directory | Out-Null + Log-Message -Message "Created sub-directory: $targetSubDir" -Level 'SUCCESS' + } + + # Build the full source file path for the .Tests.ps1 file + $sourceFile = Join-Path -Path $TestSourceDirectory -ChildPath "$fileName.Tests.ps1" + + if (Test-Path -Path $sourceFile -PathType Leaf) { + # Copy the file to the target sub-directory + Copy-Item -Path $sourceFile -Destination $targetSubDir + Log-Message -Message "Copied '$sourceFile' to '$targetSubDir'" -Level 'SUCCESS' + + # Track the processed file + $processedFiles[$fileName] = $true + } else { + Log-Message -Message "File '$fileName.Tests.ps1' not found in '$TestSourceDirectory'" -Level 'WARNING' + } + + # Copy additional test files to the target sub-directory + foreach ($additionalTestFile in $additionalTestFiles) { + $additionalSourceFile = Join-Path -Path $TestSourceDirectory -ChildPath $additionalTestFile + if (Test-Path -Path $additionalSourceFile -PathType Leaf) { + # Copy the additional test file + Copy-Item -Path $additionalSourceFile -Destination $targetSubDir + Log-Message -Message "Copied additional test file '$additionalSourceFile' to '$targetSubDir'" -Level 'SUCCESS' + + # Track the processed additional file + $processedFiles[$additionalTestFile] = $true + } else { + Log-Message -Message "Additional test file '$additionalTestFile' not found in '$TestSourceDirectory'" -Level 'WARNING' + } + } + + # Check if the current test file name contains "Dir" or "Application" and handle them appropriately + if ($fileName -like "*Dir*" -or $fileName -like "*Application*") { + # Prepare the modified content for Dir or Application tests + $sourceFileDir = Join-Path -Path $TestSourceDirectory -ChildPath "$fileName.Tests.ps1" + if (Test-Path -Path $sourceFileDir -PathType Leaf) { + # Copy the file to the appropriate target directory + $targetDirSubDir = if ($fileName -like "*Dir*") { + Join-Path -Path $OutputDirectory -ChildPath "DirectoryManagement" + } elseif ($fileName -like "*Application*") { + Join-Path -Path $OutputDirectory -ChildPath "Applications" + } else { + $targetSubDir + } + + if (-not (Test-Path -Path $targetDirSubDir -PathType Container)) { + New-Item -Path $targetDirSubDir -ItemType Directory | Out-Null + Log-Message -Message "Created target directory: $targetDirSubDir" -Level 'SUCCESS' + } + + # Copy the file to the determined sub-directory + Copy-Item -Path $sourceFileDir -Destination $targetDirSubDir + Log-Message -Message "Copied '$sourceFileDir' to '$targetDirSubDir'" -Level 'SUCCESS' + + # Track the processed Dir/Application file + + $processedFiles[$fileName] = $true + } + } + } + + # Process all copied files to update their contents + foreach ($subDir in Get-ChildItem -Path $OutputDirectory -Directory) { + $subDirPath = $subDir.FullName + $testFilesInSubDir = Get-ChildItem -Path $subDirPath -Filter "*.Tests.ps1" + + foreach ($testFile in $testFilesInSubDir) { + $fileContent = Get-Content -Path $testFile.FullName -Raw + $updatedContent = $fileContent -replace [regex]::Escape($modulePrefix), "$modulePrefix.$($subDir.Name)" + + + # Save the modified content back to the file + $updatedContent | Set-Content -Path $testFile.FullName + Log-Message -Message "Updated content in '$testFile.FullName'" -Level 'SUCCESS' + } + } + + + + # Handle unmapped files that do not exist in the mapping + foreach ($testFile in $allTestFiles) { + $baseName = $testFile.BaseName -replace '\.Tests$', '' # Remove '.Tests' suffix + + # Only consider unmapped files if they haven't been processed + if (-not $processedFiles.ContainsKey($baseName)) { + # Check if the test file already exists in the output directories + $isMapped = $false + + # Check for both Entra and EntraBeta directories + if (Test-Path -Path (Join-Path -Path $OutputDirectory -ChildPath $baseName)) { + $isMapped = $true + } + + # If not mapped, copy it to the root output directory + if (-not $isMapped) { + Copy-Item -Path $testFile.FullName -Destination $OutputDirectory + Log-Message -Message "Copied unmapped test '$testFile' to '$OutputDirectory'" -Level 'INFO' + } + } + } + + Log-Message -Message "Split-Tests completed for source: $Module" -Level 'SUCCESS' +} + + +Split-Tests -Module 'EntraBeta' diff --git a/build/Update-CommonFunctionsImport.ps1 b/build/Update-CommonFunctionsImport.ps1 new file mode 100644 index 0000000000..42ba66133e --- /dev/null +++ b/build/Update-CommonFunctionsImport.ps1 @@ -0,0 +1,46 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +. ./common-functions.ps1 + +function Update-CommonFunctionsImport { + param ( + [string]$Module = 'Entra' # Default to 'Entra' if no path is provided + ) + + $rootPath = if ($Module -eq 'Entra') { + "../test/Entra" + } else { + "../test/EntraBeta" + } + + # Get all .Tests.ps1 files in the specified directory and its subdirectories + $testFiles = Get-ChildItem -Path $rootPath -Recurse -Filter *.Tests.ps1 + + Log-Message "Starting common-functions import update" + + # Loop through each file + foreach ($file in $testFiles) { + # Read the content of the file + $content = Get-Content -Path $file.FullName -Raw + + Log-Message "Processing $file" + + # Check and replace all occurrences of the target string + if ($content -match 'Import-Module\s*\(\s*Join-Path\s*\$psscriptroot\s*["'']\.\.\\Common-Functions\.ps1["'']\s*\)\s*-Force') { + # Replace the old string with the new one + $newContent = $content -replace 'Import-Module\s*\(\s*Join-Path\s*\$psscriptroot\s*["'']\.\.\\Common-Functions\.ps1["'']\s*\)\s*-Force', 'Import-Module (Join-Path $PSScriptRoot "..\..\build\Common-Functions.ps1") -Force' + + # Write the updated content back to the file + Set-Content -Path $file.FullName -Value $newContent + + # Output the change + Log-Message "Updated file: $($file.FullName)" + } + } +} + +# Run the function for both modules +Update-CommonFunctionsImport -Module 'Entra' +Update-CommonFunctionsImport -Module 'EntraBeta' diff --git a/build/V1.0-TypeDefs.txt b/build/V1.0-TypeDefs.txt new file mode 100644 index 0000000000..6e1e7e8eca --- /dev/null +++ b/build/V1.0-TypeDefs.txt @@ -0,0 +1,773 @@ +# ------------------------------------------------------------------------------ +# Type definitios required for commands inputs +# ------------------------------------------------------------------------------ + +$def = @" + +namespace Microsoft.Open.AzureAD.Graph.PowerShell.Custom +{ + + using System.Linq; + public enum KeyType{ + Symmetric = 0, + AsymmetricX509Cert = 1, + } + public enum KeyUsage{ + Sign = 0, + Verify = 1, + Decrypt = 2, + Encrypt = 3, + } +} + +namespace Microsoft.Open.AzureAD.Model +{ + + using System.Linq; + public class AlternativeSecurityId + { + public System.String IdentityProvider; + public System.Byte[] Key; + public System.Nullable Type; + + } + public class AppRole + { + public System.Collections.Generic.List AllowedMemberTypes; + public System.String Description; + public System.String DisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Origin; + public System.String Value; + } + public class AssignedLicense + { + public System.Collections.Generic.List DisabledPlans; + public System.String SkuId; + + } + public class AssignedLicenses + { + public System.Collections.Generic.List AddLicenses; + public System.Collections.Generic.List RemoveLicenses; + + } + public class CertificateAuthorityInformation + { + public enum AuthorityTypeEnum{ + RootAuthority = 0, + IntermediateAuthority = 1, + } + public System.Nullable AuthorityType; + public System.String CrlDistributionPoint; + public System.String DeltaCrlDistributionPoint; + public System.Byte[] TrustedCertificate; + public System.String TrustedIssuer; + public System.String TrustedIssuerSki; + + } + public class CrossCloudVerificationCodeBody + { + public System.String CrossCloudVerificationCode; + public CrossCloudVerificationCodeBody() + { + } + + public CrossCloudVerificationCodeBody(System.String value) + { + CrossCloudVerificationCode = value; + } + } + public class GroupIdsForMembershipCheck + { + public System.Collections.Generic.List GroupIds; + public GroupIdsForMembershipCheck() + { + } + + public GroupIdsForMembershipCheck(System.Collections.Generic.List value) + { + GroupIds = value; + } + } + public class KeyCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDate; + public System.String KeyId; + public System.Nullable StartDate; + public System.String Type; + public System.String Usage; + public System.Byte[] Value; + + } + public class PasswordCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDate; + public System.String KeyId; + public System.Nullable StartDate; + public System.String Value; + + } + public class PasswordProfile + { + public System.String Password; + public System.Nullable ForceChangePasswordNextLogin; + public System.Nullable EnforceChangePasswordPolicy; + + } + public class PrivacyProfile + { + public System.String ContactEmail; + public System.String StatementUrl; + + } + public class SignInName + { + public System.String Type; + public System.String Value; + + } +} + +namespace Microsoft.Open.MSGraph.Model +{ + + using System.Linq; + public class AddIn + { + public System.String Id; + public System.String Type; + public System.Collections.Generic.List Properties; + + } + public class ApiApplication + { + public System.Nullable AcceptMappedClaims; + public System.Collections.Generic.List KnownClientApplications; + public System.Collections.Generic.List PreAuthorizedApplications; + public System.Nullable RequestedAccessTokenVersion; + public System.Collections.Generic.List Oauth2PermissionScopes; + + } + public class AppRole + { + public System.Collections.Generic.List AllowedMemberTypes; + public System.String Description; + public System.String DisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Origin; + public System.String Value; + + } + public class ConditionalAccessApplicationCondition + { + public System.Collections.Generic.List IncludeApplications; + public System.Collections.Generic.List ExcludeApplications; + public System.Collections.Generic.List IncludeUserActions; + public System.Collections.Generic.List IncludeProtectionLevels; + + } + public class ConditionalAccessApplicationEnforcedRestrictions + { + public System.Nullable IsEnabled; + public ConditionalAccessApplicationEnforcedRestrictions() + { + } + + public ConditionalAccessApplicationEnforcedRestrictions(System.Nullable value) + { + IsEnabled = value; + } + } + public class ConditionalAccessCloudAppSecurity + { + public enum CloudAppSecurityTypeEnum{ + McasConfigured = 0, + MonitorOnly = 1, + BlockDownloads = 2, + } + public System.Nullable CloudAppSecurityType; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessConditionSet + { + public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition Applications; + public Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition Users; + public Microsoft.Open.MSGraph.Model.ConditionalAccessPlatformCondition Platforms; + public Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition Locations; + public enum ConditionalAccessRiskLevel{ + Low = 0, + Medium = 1, + High = 2, + Hidden = 3, + None = 4, + UnknownFutureValue = 5, + } + public System.Collections.Generic.List SignInRiskLevels; + public enum ConditionalAccessClientApp{ + All = 0, + Browser = 1, + MobileAppsAndDesktopClients = 2, + ExchangeActiveSync = 3, + EasSupported = 4, + Other = 5, + } + public System.Collections.Generic.List ClientAppTypes; + + } + public class ConditionalAccessGrantControls + { + public System.String _Operator; + public enum ConditionalAccessGrantControl{ + Block = 0, + Mfa = 1, + CompliantDevice = 2, + DomainJoinedDevice = 3, + ApprovedApplication = 4, + CompliantApplication = 5, + PasswordChange = 6, + } + public System.Collections.Generic.List BuiltInControls; + public System.Collections.Generic.List CustomAuthenticationFactors; + public System.Collections.Generic.List TermsOfUse; + + } + public class ConditionalAccessLocationCondition + { + public System.Collections.Generic.List IncludeLocations; + public System.Collections.Generic.List ExcludeLocations; + + } + public class ConditionalAccessPersistentBrowser + { + public enum ModeEnum{ + Always = 0, + Never = 1, + } + public System.Nullable Mode; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessPlatformCondition + { + public enum ConditionalAccessDevicePlatforms{ + Android = 0, + IOS = 1, + Windows = 2, + WindowsPhone = 3, + MacOS = 4, + All = 5, + } + public System.Collections.Generic.List IncludePlatforms; + public System.Collections.Generic.List ExcludePlatforms; + + } + public class ConditionalAccessSessionControls + { + public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions ApplicationEnforcedRestrictions; + public Microsoft.Open.MSGraph.Model.ConditionalAccessCloudAppSecurity CloudAppSecurity; + public Microsoft.Open.MSGraph.Model.ConditionalAccessSignInFrequency SignInFrequency; + public Microsoft.Open.MSGraph.Model.ConditionalAccessPersistentBrowser PersistentBrowser; + + } + public class ConditionalAccessSignInFrequency + { + public enum TypeEnum{ + Days = 0, + Hours = 1, + } + public System.Nullable Type; + public System.Nullable Value; + public System.Nullable IsEnabled; + + } + public class ConditionalAccessUserCondition + { + public System.Collections.Generic.List IncludeUsers; + public System.Collections.Generic.List ExcludeUsers; + public System.Collections.Generic.List IncludeGroups; + public System.Collections.Generic.List ExcludeGroups; + public System.Collections.Generic.List IncludeRoles; + public System.Collections.Generic.List ExcludeRoles; + + } + public enum CountriesAndRegion{ + AD = 0, + AE = 1, + AF = 2, + AG = 3, + AI = 4, + AL = 5, + AM = 6, + AN = 7, + AO = 8, + AQ = 9, + AR = 10, + AS = 11, + AT = 12, + AU = 13, + AW = 14, + AX = 15, + AZ = 16, + BA = 17, + BB = 18, + BD = 19, + BE = 20, + BF = 21, + BG = 22, + BH = 23, + BI = 24, + BJ = 25, + BL = 26, + BM = 27, + BN = 28, + BO = 29, + BQ = 30, + BR = 31, + BS = 32, + BT = 33, + BV = 34, + BW = 35, + BY = 36, + BZ = 37, + CA = 38, + CC = 39, + CD = 40, + CF = 41, + CG = 42, + CH = 43, + CI = 44, + CK = 45, + CL = 46, + CM = 47, + CN = 48, + CO = 49, + CR = 50, + CU = 51, + CV = 52, + CW = 53, + CX = 54, + CY = 55, + CZ = 56, + DE = 57, + DJ = 58, + DK = 59, + DM = 60, + DO = 61, + DZ = 62, + EC = 63, + EE = 64, + EG = 65, + EH = 66, + ER = 67, + ES = 68, + ET = 69, + FI = 70, + FJ = 71, + FK = 72, + FM = 73, + FO = 74, + FR = 75, + GA = 76, + GB = 77, + GD = 78, + GE = 79, + GF = 80, + GG = 81, + GH = 82, + GI = 83, + GL = 84, + GM = 85, + GN = 86, + GP = 87, + GQ = 88, + GR = 89, + GS = 90, + GT = 91, + GU = 92, + GW = 93, + GY = 94, + HK = 95, + HM = 96, + HN = 97, + HR = 98, + HT = 99, + HU = 100, + ID = 101, + IE = 102, + IL = 103, + IM = 104, + IN = 105, + IO = 106, + IQ = 107, + IR = 108, + IS = 109, + IT = 110, + JE = 111, + JM = 112, + JO = 113, + JP = 114, + KE = 115, + KG = 116, + KH = 117, + KI = 118, + KM = 119, + KN = 120, + KP = 121, + KR = 122, + KW = 123, + KY = 124, + KZ = 125, + LA = 126, + LB = 127, + LC = 128, + LI = 129, + LK = 130, + LR = 131, + LS = 132, + LT = 133, + LU = 134, + LV = 135, + LY = 136, + MA = 137, + MC = 138, + MD = 139, + ME = 140, + MF = 141, + MG = 142, + MH = 143, + MK = 144, + ML = 145, + MM = 146, + MN = 147, + MO = 148, + MP = 149, + MQ = 150, + MR = 151, + MS = 152, + MT = 153, + MU = 154, + MV = 155, + MW = 156, + MX = 157, + MY = 158, + MZ = 159, + NA = 160, + NC = 161, + NE = 162, + NF = 163, + NG = 164, + NI = 165, + NL = 166, + NO = 167, + NP = 168, + NR = 169, + NU = 170, + NZ = 171, + OM = 172, + PA = 173, + PE = 174, + PF = 175, + PG = 176, + PH = 177, + PK = 178, + PL = 179, + PM = 180, + PN = 181, + PR = 182, + PS = 183, + PT = 184, + PW = 185, + PY = 186, + QA = 187, + RE = 188, + RO = 189, + RS = 190, + RU = 191, + RW = 192, + SA = 193, + SB = 194, + SC = 195, + SD = 196, + SE = 197, + SG = 198, + SH = 199, + SI = 200, + SJ = 201, + SK = 202, + SL = 203, + SM = 204, + SN = 205, + SO = 206, + SR = 207, + SS = 208, + ST = 209, + SV = 210, + SX = 211, + SY = 212, + SZ = 213, + TC = 214, + TD = 215, + TF = 216, + TG = 217, + TH = 218, + TJ = 219, + TK = 220, + TL = 221, + TM = 222, + TN = 223, + TO = 224, + TR = 225, + TT = 226, + TV = 227, + TW = 228, + TZ = 229, + UA = 230, + UG = 231, + UM = 232, + US = 233, + UY = 234, + UZ = 235, + VA = 236, + VC = 237, + VE = 238, + VG = 239, + VI = 240, + VN = 241, + VU = 242, + WF = 243, + WS = 244, + YE = 245, + YT = 246, + ZA = 247, + ZM = 248, + ZW = 249, + } + public class DefaultUserRolePermissions + { + public System.Nullable AllowedToCreateApps; + public System.Nullable AllowedToCreateSecurityGroups; + public System.Nullable AllowedToReadOtherUsers; + public System.Collections.Generic.List PermissionGrantPoliciesAssigned; + + } + public class DelegatedPermissionClassification + { + public enum ClassificationEnum{ + Low = 0, + Medium = 1, + High = 2, + } + public System.Nullable Classification; + public System.String Id; + public System.String PermissionId; + public System.String PermissionName; + + } + public class EmailAddress + { + public System.String Name; + public System.String Address; + + } + public class ImplicitGrantSettings + { + public System.Nullable EnableIdTokenIssuance; + public System.Nullable EnableAccessTokenIssuance; + + } + public class InformationalUrl + { + public System.String TermsOfServiceUrl; + public System.String MarketingUrl; + public System.String PrivacyStatementUrl; + public System.String SupportUrl; + public System.String LogoUrl; + + } + public class InvitedUserMessageInfo + { + public System.Collections.Generic.List CcRecipients; + public System.String CustomizedMessageBody; + public System.String MessageLanguage; + + } + public class IpRange + { + public System.String CidrAddress; + public IpRange() + { + } + + public IpRange(System.String value) + { + CidrAddress = value; + } + } + public class KeyCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.String DisplayName; + public System.Nullable EndDateTime; + public System.String KeyId; + public System.Nullable StartDateTime; + public System.String Type; + public System.String Usage; + public System.Byte[] Key; + + } + public class KeyValue + { + public System.String Key; + public System.String Value; + + } + public class MsDirectoryObject + { + public System.String Id; + public System.String OdataType; + } + + public class MsRoleMemberInfo + { + public System.String Id; + } + + public class OptionalClaim + { + public System.String Name; + public System.String Source; + public System.Nullable Essential; + public System.Collections.Generic.List AdditionalProperties; + + } + public class OptionalClaims + { + public System.Collections.Generic.List IdToken; + public System.Collections.Generic.List AccessToken; + public System.Collections.Generic.List Saml2Token; + + } + public class ParentalControlSettings + { + public enum LegalAgeGroupRuleEnum{ + Allow = 0, + RequireConsentForPrivacyServices = 1, + RequireConsentForMinors = 2, + RequireConsentForKids = 3, + BlockMinors = 4, + } + public System.Nullable LegalAgeGroupRule; + public System.Collections.Generic.List CountriesBlockedForMinors; + + } + public class PasswordCredential + { + public System.Byte[] CustomKeyIdentifier; + public System.Nullable EndDateTime; + public System.String DisplayName; + public System.String KeyId; + public System.Nullable StartDateTime; + public System.String SecretText; + public System.String Hint; + + } + public class PermissionScope + { + public System.String AdminConsentDescription; + public System.String AdminConsentDisplayName; + public System.String Id; + public System.Nullable IsEnabled; + public System.String Type; + public System.String UserConsentDescription; + public System.String UserConsentDisplayName; + public System.String Value; + + } + public class PreAuthorizedApplication + { + public System.String AppId; + public System.Collections.Generic.List DelegatedPermissionIds; + + } + public class PublicClientApplication + { + public System.Collections.Generic.List RedirectUris; + public PublicClientApplication() + { + } + + public PublicClientApplication(System.Collections.Generic.List value) + { + RedirectUris = value; + } + } + public class Recipient + { + public Microsoft.Open.MSGraph.Model.EmailAddress EmailAddress; + public Recipient() + { + } + + public Recipient(Microsoft.Open.MSGraph.Model.EmailAddress value) + { + EmailAddress = value; + } + } + public class RequiredResourceAccess + { + public System.String ResourceAppId; + public System.Collections.Generic.List ResourceAccess; + + } + public class ResourceAccess + { + public System.String Id; + public System.String Type; + + } + public class RolePermission + { + public System.Collections.Generic.List AllowedResourceActions; + public System.String Condition; + + } + public class SetVerifiedPublisherRequest + { + public System.String VerifiedPublisherId; + public SetVerifiedPublisherRequest() + { + } + + public SetVerifiedPublisherRequest(System.String value) + { + VerifiedPublisherId = value; + } + } + public class User + { + public System.String Id; + public System.String OdataType; + + } + public class WebApplication + { + public System.String HomePageUrl; + public System.String LogoutUrl; + public System.Collections.Generic.List RedirectUris; + public Microsoft.Open.MSGraph.Model.ImplicitGrantSettings ImplicitGrantSettings; + + } +} +"@ + try{ Add-Type -TypeDefinition $def } + catch{} + +# ------------------------------------------------------------------------------ +# End of Type definitios required for commands inputs +# ------------------------------------------------------------------------------ diff --git a/build/VNext-Build.md b/build/VNext-Build.md new file mode 100644 index 0000000000..b43065a2fb --- /dev/null +++ b/build/VNext-Build.md @@ -0,0 +1,146 @@ +### Building module + +Clone the module and follow the instructions described. You need **Microsoft.Graph PowerShell version 2.15.X** in order to build the module. + +```powershell +git clone https://github.com/microsoftgraph/entra-powershell.git +cd entra-powershell + +``` + +### Checkout the Modularization Feature Branch + +git pull +git checkout modularize + +### Install dependencies + +This module depends on some Microsoft Graph PowerShell modules. The following command installs the required dependencies. + +```powershell +# Install dependencies required to build the Microsoft Entra PowerShell General Availability (GA) +.\build\Install-Dependencies.ps1 -ModuleName Entra +``` + +Or + +```powershell +# Install the dependencies for the Microsoft Entra PowerShell preview +.\build\Install-Dependencies.ps1 -ModuleName EntraBeta +``` + +> [!TIP] +> If you encounter Execution Policies error, run the command `Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser`. + +### Install PlatyPS + +The module help files are generated from markdown documentation (using platyPS module). To install PlatyPS module, run the command `Install-Module -Name PlatyPS`. + +```powershell +# Install PlatyPS module +Install-Module -Name PlatyPS +``` + +### Split Legacy Module + +If you've made any changes to the legacy module e.g. Any files under `.\module` directory. + +1. Build the legacy module. + +```powershell +# Build help module for the Microsoft Entra Module +. .\build\Common-functions.ps1 +Create-ModuleHelp -Module Entra // or EntraBeta for the preview version + +# Rebuild the legacy module +.\build\Create-CompatModule.ps1 -Module Entra // or EntraBeta +``` + +2. Split the legacy module into functions .ps1 files into the respective sub-module directories. + +```powershell + .\build\Split-EntraModule.ps1 -Module 'Entra' + +``` + +If NO CHANGES have been made to the `.\module`, then proceed and build the vNext Module + +```powershell + .\build\Split-EntraModule.ps1 -Module 'Entra' + +``` + +This will ensure that the cmdlet function files are moved to the right sub-module directory under `.\moduleVNext` directory. + +### Build vNext module + +Use a clean PowerShell session when you're building the module. The building process attempts to load the required versions of the module, which fails if another version of the dependencies is already loaded. + +```powershell +.\build\Create-CreateModule.ps1 -Module Entra // or EntraBeta +``` + +The generated modules are in the output folder `./bin` + +SubModule in this case is the name of the specific sub-module you want to use. They are: `Authentication,Users,DirectoryManagement, Groups, Applications,Governance,SignIns and Reports` + +In order to import it, you need to run `Import-Module .\bin\Microsoft.Entra.psd1 -Force` + +Alternatively, import the root module(that encompases and includes all the sub-modules and their help and dependencies) `Import-Module .\bin\Microsoft.Entra.psd1 -Force` + +## Usage + +Import the module and test the generated commands. + +```powershell +Import-Module .\bin\Microsoft.Entra..psd1 -Force +Connect-MgGraph -Scopes "User.Read.All" +Get-EntraUser -Top 10 +``` + +> [!TIP] +> If you are using PowerShell 5.1, you may experience the error `Function cannot be created because function capacity 4096 has been exceeded for this scope`. To fix this error, run the command: `$MaximumFunctionCount=32768`, then retry importing the module again. + +```powershell +$MaximumFunctionCount=32768 +``` + +## Testing as AzureAD PowerShell module + +For migration scenarios (if you have a script with AzureAD commands), you can use the command `Enable-EntraAzureADAlias` to enable aliases to emulate AzureAD PowerShell module commands. You need to remove AzureAD and AzureAD Preview modules to avoid collisions via the command `Remove-Module AzureAD` or `Remove-Module AzureADPreview` + +```powershell +Enable-EntraAzureADAlias +Connect-Graph +Get-AzureADUser +``` + +## FAQs + +1. Installation error: `cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.` + +To solve this error, run the command: + +```powershell +Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser +``` + +2. Installation error: `Function cannot be created because function capacity 4096 has been exceeded for this scope.` + +To solve this error, run the command: + +```powershell +$MaximumFunctionCount=32768 +``` + +Or + +Use the latest version of PowerShell 7+ as the runtime version (highly recommended). + +3. Build Help error: `New-ExternalHelp : The term 'New-ExternalHelp' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.`. + +To solve this error, install PlatyPS module by running the command: + +```powershell +Install-Module -Name PlatyPS +``` diff --git a/build/ValidateAuthenticodeSignature.ps1 b/build/ValidateAuthenticodeSignature.ps1 new file mode 100644 index 0000000000..02207f4bd6 --- /dev/null +++ b/build/ValidateAuthenticodeSignature.ps1 @@ -0,0 +1,21 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Set-StrictMode -Version 5 + +. "$psscriptroot/common-functions.ps1" + +$moduleNames = Get-ModuleName + +foreach($moduleName in $moduleNames){ + $modulePath = Join-Path (Get-ModuleBasePath) $moduleName + $modulePsd1 = $modulePath + ".psd1" + ($modulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" + + if(($moduleName -eq 'Microsoft.Entra') -or ($moduleName -eq 'Microsoft.Entra.Beta')){ + continue + } + $modulePsm1 = $modulePath + ".psm1" + ($modulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid" +} \ No newline at end of file diff --git a/build/build.config.psd1 b/build/build.config.psd1 index 779d82f18d..bf2b1eca2d 100644 --- a/build/build.config.psd1 +++ b/build/build.config.psd1 @@ -1,6 +1,6 @@ @{ ModuleOutputSubdirectoryName = 'modules' - ModuleSubdirectoryName = 'module' + ModuleSubdirectoryName = 'module_legacy' OutputPath = 'bin' CustomizationPath = 'customizations' docsPath = 'docs' diff --git a/build/common-functions.ps1 b/build/common-functions.ps1 index efc22b2786..d41d79c661 100644 --- a/build/common-functions.ps1 +++ b/build/common-functions.ps1 @@ -28,11 +28,13 @@ function Get-ModuleBasePath { } function Get-ModuleVersion { - (Get-ModuleManifestFile).FullName | Test-ModuleManifest | Select-Object -ExpandProperty Version + # Added -ErrorAction SilentlyContinue due to validation failure on Microsoft.Entra RequiredModules + # The RequiredModules are the Microsoft.Entra.* sub-modules + (Get-ModuleManifestFile).FullName | Test-ModuleManifest -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Version } function Get-ModuleFiles { - (Get-ModuleManifestFile).FullName | Test-ModuleManifest | Select-Object -ExpandProperty FileList + (Get-ModuleManifestFile).FullName | Test-ModuleManifest -ErrorAction SilentlyContinue | Select-Object -ExpandProperty FileList } function Get-PSGalleryRepoName { @@ -82,10 +84,12 @@ function Register-LocalGallery { } $null = Register-PSRepository -Name (Get-LocalPSRepoName) -SourceLocation ($repoPath) -ScriptSourceLocation ($repoPath) -InstallationPolicy Trusted + $null = Register-PSResourceRepository -Name (Get-LocalPSRepoName) -Uri ($repoPath) } function Unregister-LocalGallery { $null = Unregister-PSRepository (Get-LocalPSRepoName) + $null = Unregister-PSResourceRepository (Get-LocalPSRepoName) } function Update-ModuleVersion { @@ -136,40 +140,67 @@ function Create-ModuleFolder { $null = Remove-Item -Recurse -Force $modulesDirectory } - $thisModuleDirectory = Join-Path $modulesDirectory (Get-ModuleName) - $targetDirectory = Join-Path $thisModuleDirectory (Get-ModuleVersion).tostring() + $modules = @() + $moduleName = Get-ModuleName + $moduleVersion = Get-ModuleVersion + if($moduleVersion -is [array]) + { + $moduleVersion = $moduleVersion[0] + } + + if($moduleName -isnot [array]){ + $modules += $moduleName + } + else{ + $modules = $moduleName + } - $null = New-Item -Path $targetDirectory -ItemType Directory + foreach($module in $modules){ + $thisModuleDirectory = Join-Path $modulesDirectory $module + $targetDirectory = Join-Path $thisModuleDirectory $moduleVersion.tostring() - $ignorableSegmentCount = ((Get-ModuleBasePath).replace("`\", '/') -split '/').count - $sourceFileList = @() - $destinationFileList = @() - Get-ModuleFiles | ForEach-Object { - $normalizedFile = $_.replace("`\", '/') - $segments = $normalizedFile -split '/' - $relativeSegments = $segments[$ignorableSegmentCount..($segments.length - 1)] - $relativePath = $relativeSegments -join '/' + $null = New-Item -Path $targetDirectory -ItemType Directory - $sourceFileList += Join-Path (Get-ModuleBasePath) $relativePath - $destinationFileList += Join-Path $targetDirectory $relativePath - } + $ignorableSegmentCount = ((Get-ModuleBasePath).replace("`\", '/') -split '/').count + $sourceFileList = @() + $destinationFileList = @() + $moduleFiles = @() - 0..($sourceFileList.length - 1) | ForEach-Object { - $parent = Split-Path -Parent $destinationFileList[ $_ ] - if ( -not (Test-Path $parent) ) { - $null = New-Item -Path $parent -ItemType Directory + if(($module -eq 'Microsoft.Entra') -or ($module -eq 'Microsoft.Entra.Beta')){ + $moduleFiles += Get-ModuleFiles | Where { $_ -like "*$module.psd1" } + $moduleFiles += Get-ModuleFiles | Where { $_ -like "*$module.psm1" } + } + else{ + $moduleFiles += Get-ModuleFiles | Where { $_ -like "*$module*" } } - $destinationName = Split-Path -Leaf $destinationFileList[ $_ ] - $syntaxOnlySourceName = Split-Path -Leaf $sourceFileList[ $_ ] - $sourceActualName = (Get-ChildItem (Split-Path -Parent $sourceFileList[ $_ ]) -Filter $syntaxOnlySourceName).name + $moduleFiles | ForEach-Object { + $normalizedFile = $_.replace("`\", '/') + $segments = $normalizedFile -split '/' + $relativeSegments = $segments[$ignorableSegmentCount..($segments.length - 1)] + $relativePath = $relativeSegments -join '/' - if ( $destinationName -cne $sourceActualName ) { - throw "The case-sensitive name of the file at source path '$($sourceFileList[$_])' is actually '$sourceActualName' and it does not match the case of the last element of destination path '$($destinationFileList[$_])' -- the case of the file names must match exactly in order to support environments with case-sensitive file systems. This can be corrected in the module manifest by specifying the case of the file exactly as it exists in the module source code directory" + $sourceFileList += Join-Path (Get-ModuleBasePath) $relativePath + $destinationFileList += Join-Path $targetDirectory $relativePath } - Copy-Item $sourceFileList[ $_ ] $destinationFileList[ $_ ] + 0..($sourceFileList.length - 1) | ForEach-Object { + $parent = Split-Path -Parent $destinationFileList[ $_ ] + if ( -not (Test-Path $parent) ) { + $null = New-Item -Path $parent -ItemType Directory + } + + $destinationName = Split-Path -Leaf $destinationFileList[ $_ ] + $syntaxOnlySourceName = Split-Path -Leaf $sourceFileList[ $_ ] + $sourceActualName = (Get-ChildItem (Split-Path -Parent $sourceFileList[ $_ ]) -Filter $syntaxOnlySourceName).name + + if ( $destinationName -cne $sourceActualName ) { + throw "The case-sensitive name of the file at source path '$($sourceFileList[$_])' is actually '$sourceActualName' and it does not match the case of the last element of destination path '$($destinationFileList[$_])' -- the case of the file names must match exactly in order to support environments with case-sensitive file systems. This can be corrected in the module manifest by specifying the case of the file exactly as it exists in the module source code directory" + } + + Copy-Item $sourceFileList[ $_ ] $destinationFileList[ $_ ] + } } } @@ -186,12 +217,12 @@ function Get-CustomizationFiles { $path = Split-Path -Parent $psscriptroot if ( -not $Directory ) { - $path = Join-Path $path 'module' + $path = Join-Path $path 'module_legacy' $path = Join-Path $path $Module $path = Join-Path $path (Get-ConfigValue -Name CustomizationPath) } else { - $path = Join-Path $path 'module' + $path = Join-Path $path 'module_legacy' $path = Join-Path $path $Module $path = Join-Path $path $Directory } @@ -204,6 +235,35 @@ function Get-CustomizationFiles { $customizationFileList } +# Reusable logging function +function Log-Message { + param ( + [string]$Message, + [string]$Level = 'INFO', # Default log level is INFO + [ConsoleColor]$Color = [ConsoleColor]::White # Default color is White + ) + + switch ($Level) { + 'INFO' { + $color = 'Cyan' + } + 'WARNING' { + $color = 'Yellow' + } + 'ERROR' { + $color = 'Red' + } + 'SUCCESS' { + $color = 'Green' + } + default { + $color = $Color + } + } + + Write-Host "[$Level] $Message" -ForegroundColor $color +} + function Create-ModuleHelp { param ( [string] diff --git a/development-docs/cmdlet-references-documentation/cmdlet-reference-example-beta.md b/development-docs/cmdlet-references-documentation/cmdlet-reference-example-beta.md index 4e02548e76..290be8e4f2 100644 --- a/development-docs/cmdlet-references-documentation/cmdlet-reference-example-beta.md +++ b/development-docs/cmdlet-references-documentation/cmdlet-reference-example-beta.md @@ -9,9 +9,9 @@ ms.author: eunicewaweru manager: CelesteDG author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser +external help file: Microsoft.Entra.Beta-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUser schema: 2.0.0 --- @@ -20,7 +20,7 @@ schema: 2.0.0 Reference -Module: **Microsoft.Graph.Entra.Beta** +Module: **Microsoft.Entra.Beta** ## Synopsis diff --git a/development-docs/cmdlet-references-documentation/cmdlet-reference-example.md b/development-docs/cmdlet-references-documentation/cmdlet-reference-example.md index 9e7ce94640..22e8dcac27 100644 --- a/development-docs/cmdlet-references-documentation/cmdlet-reference-example.md +++ b/development-docs/cmdlet-references-documentation/cmdlet-reference-example.md @@ -9,9 +9,9 @@ ms.author: eunicewaweru manager: CelesteDG author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraUser +external help file: Microsoft.Entra-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUser schema: 2.0.0 --- @@ -20,7 +20,7 @@ schema: 2.0.0 Reference -Module: **Microsoft.Graph.Entra** +Module: **Microsoft.Entra** ## Synopsis diff --git a/development-docs/cmdlet-references-documentation/cmdlet-reference-template.md b/development-docs/cmdlet-references-documentation/cmdlet-reference-template.md index bb7298141f..fc7ed97e0e 100644 --- a/development-docs/cmdlet-references-documentation/cmdlet-reference-template.md +++ b/development-docs/cmdlet-references-documentation/cmdlet-reference-template.md @@ -10,9 +10,9 @@ manager: CelesteDG author: msewaweru ms.reviewer: stevemutungi -external help file: Microsoft.Graph.Entra-Help.xml //use `Microsoft.Graph.Entra.Beta-Help.xml` for beta commands -Module Name: Microsoft.Graph.Entra //use `Microsoft.Graph.Entra.Beta` for beta commands -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/ //use `https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/` for beta commands +external help file: Microsoft.Entra-Help.xml //use `Microsoft.Entra.Beta-Help.xml` for beta commands +Module Name: Microsoft.Entra //use `Microsoft.Entra.Beta` for beta commands +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/ //use `https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/` for beta commands schema: 2.0.0 --- diff --git a/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 b/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 deleted file mode 100644 index 849b52436e..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 +++ /dev/null @@ -1,88 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraAdministrativeUnit { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Alias("ObjectId")] - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $AdministrativeUnitId, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.Nullable`1[System.Int32]] $Top, - [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [switch] $All, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Filter - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $baseUri = "/v1.0/directory/administrativeUnits" - $properties = '$select=*' - $params["Uri"] = "$baseUri/?$properties" - if($null -ne $PSBoundParameters["AdministrativeUnitId"]) - { - $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] - $params["Uri"] = "$baseUri/$($params.AdministrativeUnitId)?$properties" - } - if ($PSBoundParameters.ContainsKey("Top")) { - $topCount = $PSBoundParameters["Top"] - if ($topCount -gt 999) { - $params["Uri"] += "&`$top=999" - } - else { - $params["Uri"] += "&`$top=$topCount" - } - } - if ($null -ne $PSBoundParameters["Filter"]) { - $Filter = $PSBoundParameters["Filter"] - $f = '$' + 'Filter' - $params["Uri"] += "&$f=$Filter" - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) - $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json - - try { - $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - $all = $All.IsPresent - $increment = $topCount - $data.Count - while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { - $params["Uri"] = $response.'@odata.nextLink' - if ($increment -gt 0) { - $topValue = [Math]::Min($increment, 999) - $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") - $increment -= $topValue - } - $response = Invoke-GraphRequest @params - $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - } - } - catch {} - $data | ForEach-Object { - if ($null -ne $_) { - Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id - Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimeStamp -Value deletedDateTime - } - } - - if ($data) { - $aulist = @() - foreach ($item in $data) { - $auType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAdministrativeUnit - $item.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) - $propertyValue = $_.Value - $auType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $aulist += $auType - } - $aulist - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 b/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 deleted file mode 100644 index 7bb91f3237..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 +++ /dev/null @@ -1,87 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraAdministrativeUnitMember { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.Nullable`1[System.Int32]] $Top, - [Alias("ObjectId")] - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $AdministrativeUnitId, - [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [switch] $All - ) - - PROCESS { - $params = @{} - $topCount = $null - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $baseUri = "/v1.0/directory/administrativeUnits/$AdministrativeUnitId/members?`$select=*" - $params["Uri"] = "$baseUri" - if($null -ne $PSBoundParameters["AdministrativeUnitId"]) - { - $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] - } - if ($PSBoundParameters.ContainsKey("Top")) { - $topCount = $PSBoundParameters["Top"] - if ($topCount -gt 999) { - $minTop = 999 - $params["Uri"] += "&`$top=999" - } - else { - $params["Uri"] += "&`$top=$topCount" - } - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) - $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json - - try { - $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - $all = $All.IsPresent - $increment = $topCount - $data.Count - while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { - $params["Uri"] = $response.'@odata.nextLink' - if ($increment -gt 0) { - $topValue = [Math]::Min($increment, 999) - if ($minTop) { - $params["Uri"] = $params["Uri"].Replace("`$top=$minTop", "`$top=$topValue") - } - else { - $params["Uri"] = $params["Uri"].Replace("`$top=$topCount", "`$top=$topValue") - } - $increment -= $topValue - } - $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) - $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - } - } - catch {} - $data | ForEach-Object { - if ($null -ne $_) { - Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id - } - } - if ($data) { - $memberList = @() - foreach ($response in $data) { - $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject - if (-not ($response -is [psobject])) { - $response = [pscustomobject]@{ Value = $response } - } - $response.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $memberList += $memberType - } - $memberList - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 b/module/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 deleted file mode 100644 index cdccf1849b..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 +++ /dev/null @@ -1,44 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraAttributeSet { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [Alias("Id")] - [System.String] $AttributeSetId - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/attributeSets/" - $params["Method"] = "GET" - if ($null -ne $PSBoundParameters["AttributeSetId"]) { - $params["Uri"] += $AttributeSetId - } - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json - try { - $response = $response.value - } - catch {} - if($response) - { - $userList = @() - foreach ($data in $response) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet - $data.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 b/module/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 deleted file mode 100644 index 2b6b69b3cd..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 +++ /dev/null @@ -1,82 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraAuditDirectoryLog { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.Int32] $Top, - [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [switch] $All, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Filter - ) - - PROCESS { - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $params = @{} - $topCount = $null - $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/directoryAudits' - $params["Method"] = "GET" - $params["Uri"] = "$baseUri"+"?" - - if($PSBoundParameters.ContainsKey("Top")) - { - $topCount = $PSBoundParameters["Top"] - if ($topCount -gt 999) { - $params["Uri"] += "&`$top=999" - } - else{ - $params["Uri"] += "&`$top=$topCount" - } - } - if($null -ne $PSBoundParameters["Id"]) - { - $LogId = $PSBoundParameters["Id"] - $params["Uri"] = "$baseUri/$($LogId)" - } - if($null -ne $PSBoundParameters["Filter"]) - { - $Filter = $PSBoundParameters["Filter"] - $f = '$Filter' - $params["Uri"] += "&$f=$Filter" - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = Invoke-GraphRequest @params -Headers $customHeaders - $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json - try { - $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - $all = $All.IsPresent - $increment = $topCount - $data.Count - while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { - $params["Uri"] = $response.'@odata.nextLink' - if ($increment -gt 0) { - $topValue = [Math]::Min($increment, 999) - $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") - $increment -= $topValue - } - $response = Invoke-GraphRequest @params - $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - } - } catch {} - - $userList = @() - foreach ($response in $data) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryAudit - $response.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 b/module/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 deleted file mode 100644 index 5686e768d2..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 +++ /dev/null @@ -1,90 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraAuditSignInLog { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [Alias("Id")] - [System.String] $SignInId, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.Int32] $Top, - [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [switch] $All, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Filter - ) - - PROCESS { - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $params = @{} - $topCount = $null - $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/signIns' - $params["Method"] = "GET" - $params["Uri"] = "$baseUri" - $query = $null - - if($PSBoundParameters.ContainsKey("Top")) - { - $topCount = $PSBoundParameters["Top"] - if ($topCount -gt 999) { - $query += "&`$top=999" - } - else{ - $query += "&`$top=$topCount" - } - } - - if($null -ne $PSBoundParameters["SignInId"]) - { - $logId = $PSBoundParameters["SignInId"] - $params["Uri"] = "$baseUri/$($logId)" - } - if($null -ne $PSBoundParameters["Filter"]) - { - $Filter = $PSBoundParameters["Filter"] - $f = '$filter' - $query += "&$f=$Filter" - } - - if($null -ne $query) - { - $query = "?" + $query.TrimStart("&") - $params["Uri"] += $query - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = Invoke-GraphRequest @params -Headers $customHeaders - $data = $response | ConvertTo-Json -Depth 100 | ConvertFrom-Json - try { - $data = $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json - $all = $All.IsPresent - $increment = $topCount - $data.Count - while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { - $params["Uri"] = $response.'@odata.nextLink' - if ($increment -gt 0) { - $topValue = [Math]::Min($increment, 999) - $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") - $increment -= $topValue - } - $response = Invoke-GraphRequest @params - $data += $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json - } - } catch {} - $userList = @() - foreach ($response in $data) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphSignIn - $response.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 b/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 deleted file mode 100644 index 47113ca5ce..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 +++ /dev/null @@ -1,44 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraCustomSecurityAttributeDefinition { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id - ) - - PROCESS { - $params = @{} - $Method = "GET" - $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/" - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - - if ($null -ne $PSBoundParameters["Id"]) { - $Uri += $Id - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = (Invoke-GraphRequest -Uri $Uri -Method $Method -Headers $customHeaders) | ConvertTo-Json | ConvertFrom-Json - try { - $response = $response.value - } - catch {} - if($response){ - $userList = @() - foreach ($data in $response) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCustomSecurityAttributeDefinition - $data.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 deleted file mode 100644 index b2a2620f4b..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 +++ /dev/null @@ -1,52 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraCustomSecurityAttributeDefinitionAllowedValue { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Filter, - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $CustomSecurityAttributeDefinitionId - ) - - PROCESS { - $params = @{} - $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$CustomSecurityAttributeDefinitionId/allowedValues/" - $params["Method"] = "GET" - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - - if ($null -ne $PSBoundParameters["Id"]) { - $params["Uri"] += $Id - } - if ($null -ne $PSBoundParameters["Filter"]) { - $params["Uri"] += '?$filter=' + $Filter - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = (Invoke-GraphRequest @params -Headers $customHeaders) | ConvertTo-Json -Depth 5 | ConvertFrom-Json - try { - $response = $response.value - } - catch {} - if($response) - { - $userList = @() - foreach ($data in $response) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAllowedValue - $data.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 b/module/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 deleted file mode 100644 index 5d1d03af95..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 +++ /dev/null @@ -1,40 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraDirectoryObjectOnPremisesProvisioningError { - [CmdletBinding(DefaultParameterSetName = 'GetById')] - param ( - [Parameter(ParameterSetName = "GetById")][ValidateNotNullOrEmpty()][ValidateScript({if ($_ -is [System.Guid]) { $true } else {throw "TenantId must be of type [System.Guid]."}})][System.Guid] $TenantId - ) - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - if ($null -ne $PSBoundParameters["TenantId"]) { - $params["TenantId"] = $PSBoundParameters["TenantId"] - } - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - $Object = @("users", "groups", "contacts") - $response = @() - - try { - foreach ($obj in $object) { - $obj = ($obj | Out-String).trimend() - $uri = 'https://graph.microsoft.com/v1.0/' + $obj + '?$select=onPremisesProvisioningErrors' - $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors - } - } - catch {} - if ([string]::IsNullOrWhiteSpace($response)) { - write-host "False" - } - else { - $response - } - - } -} -Set-Alias -Name Get-EntraHasObjectsWithDirSyncProvisioningError -Value Get-EntraDirectoryObjectOnPremisesProvisioningError -Scope Global -Force - diff --git a/module/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 b/module/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 deleted file mode 100644 index 1b32be76ce..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 +++ /dev/null @@ -1,80 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraFeatureRolloutPolicy { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id, - [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $SearchString, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Filter, - [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] - [System.String[]] $Property - ) - - PROCESS { - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $params = @{} - $baseUri = 'https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies' - $params["Method"] = "GET" - $params["Uri"] = "$baseUri" - $query = $null - - if($null -ne $PSBoundParameters["Id"]) - { - $Id = $PSBoundParameters["Id"] - $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/$Id" - } - if($null -ne $PSBoundParameters["SearchString"]) - { - $FilterValue = $PSBoundParameters["SearchString"] - $filter="displayName eq '$FilterValue' or startswith(displayName,'$FilterValue')" - $f = '$' + 'Filter' - $query += "&$f=$Filter" - } - if($null -ne $PSBoundParameters["Filter"]) - { - $Filter = $PSBoundParameters["Filter"] - $f = '$' + 'Filter' - $query += "&$f=$Filter" - } - if($null -ne $PSBoundParameters["Property"]) - { - $selectProperties = $PSBoundParameters["Property"] - $selectProperties = $selectProperties -Join ',' - $query += "&`$select=$($selectProperties)" - } - if($null -ne $query) - { - $query = "?" + $query.TrimStart("&") - $params["Uri"] += $query - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $data = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json - try { - $data = $data.value | ConvertTo-Json | ConvertFrom-Json - } - catch {} - - if($data) - { - $userList = @() - foreach ($response in $data) { - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy - $response.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - $userList - } - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 b/module/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 deleted file mode 100644 index faf51a15f4..0000000000 --- a/module/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 +++ /dev/null @@ -1,99 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Get-EntraObjectSetting { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $Id, - [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.Int32] $Top, - [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [switch] $All, - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $TargetType, - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $TargetObjectId, - [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] - [System.String[]] $Property - ) - - PROCESS { - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $params = @{} - $topCount = $null - $baseUri = "https://graph.microsoft.com/v1.0/$TargetType/$TargetObjectId/settings" - $params["Method"] = "GET" - $params["Uri"] = $baseUri+'?$select=*' - if($null -ne $PSBoundParameters["Property"]) - { - $selectProperties = $PSBoundParameters["Property"] - $selectProperties = $selectProperties -Join ',' - $params["Uri"] = $baseUri+"?`$select=$($selectProperties)" - } - if($PSBoundParameters.ContainsKey("Top") -and (-not $PSBoundParameters.ContainsKey("All"))) - { - $topCount = $PSBoundParameters["Top"] - if ($topCount -gt 999) { - $params["Uri"] += "&`$top=999" - } - else{ - $params["Uri"] += "&`$top=$topCount" - } - } - if($null -ne $PSBoundParameters["Id"]) - { - $Id = $PSBoundParameters["Id"] - $params["Uri"] = "$baseUri/$($Id)" - } - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $response = Invoke-GraphRequest @params -Headers $customHeaders - $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json - try { - $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - $all = $All.IsPresent - $increment = $topCount - $data.Count - while ($response.'@odata.nextLink' -and (($all) -or ($increment -gt 0 -and -not $all))) { - $params["Uri"] = $response.'@odata.nextLink' - if (-not $all) { - $topValue = [Math]::Min($increment, 999) - $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") - $increment -= $topValue - } - $response = Invoke-GraphRequest @params - $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json - } - } catch {} - - $targetTypeList = @() - - if($TargetType.ToLower() -eq 'groups'){ - foreach($res in $data){ - $groupType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphGroupSetting - $res.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) - $propertyValue = $_.Value - $groupType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $targetTypeList += $groupType - } - } - - if($TargetType.ToLower() -eq 'users'){ - foreach($res in $data){ - $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphUserSettings - $res.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $targetTypeList += $userType - } - } - - $targetTypeList - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 b/module/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 deleted file mode 100644 index 4dab294b7c..0000000000 --- a/module/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 +++ /dev/null @@ -1,42 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Remove-EntraPolicy { - [CmdletBinding(DefaultParameterSetName = '')] - param ( - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - $policyTypes = "activityBasedTimeoutPolicies", "defaultAppManagementPolicy", "appManagementPolicies", "authenticationFlowsPolicy", "authenticationMethodsPolicy", "claimsMappingPolicies", "featureRolloutPolicies", "homeRealmDiscoveryPolicies", "permissionGrantPolicies", "tokenIssuancePolicies", "tokenLifetimePolicies" - - foreach ($policyType in $policyTypes) { - $uri = "https://graph.microsoft.com/v1.0/policies/" + $policyType + "/" + $id - try { - $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET - break - } - catch {} - } - $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' - - $policyType = $Matches[1] - - Write-Debug("============================ Matches ============================") - - Write-Debug($Matches[1]) - - if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $policyType )) { - $URI = "https://graph.microsoft.com/v1.0/policies/" + $policyType + "/" + $id - } - $Method = "DELETE" - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method - $response - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 b/module/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 deleted file mode 100644 index aa4498b836..0000000000 --- a/module/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 +++ /dev/null @@ -1,101 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -function Set-EntraPolicy { - [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] - param ( - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.String] $AlternativeIdentifier, - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [System.String] $Id, - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.Collections.Generic.List`1[System.String]] $Definition, - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.String] $DisplayName, - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.String] $Type, - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, - [Parameter(ParameterSetName = "InvokeByDynamicParameters")] - [System.Nullable`1[System.Boolean]] $IsOrganizationDefault - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - - $policyTypeMap = @{ - "ActivityBasedTimeoutPolicy" = "activityBasedTimeoutPolicies" - "ApplicationManagementPolicy" = "appManagementPolicies" - "DefaultAppManagementPolicy" = "defaultAppManagementPolicy" - "AuthenticationFlowsPolicy" = "authenticationFlowsPolicy" - "AuthenticationMethodsPolicy" = "authenticationMethodsPolicy" - "ClaimsMappingPolicy" = "claimsMappingPolicies" - "FeatureRolloutPolicy" = "featureRolloutPolicies" - "HomeRealmDiscoveryPolicy" = "homeRealmDiscoveryPolicies" - "PermissionGrantPolicy" = "permissionGrantPolicies" - "TokenIssuancePolicy" = "tokenIssuancePolicies" - "TokenLifetimePolicy" = "tokenLifetimePolicies" - } - - $policyTypes = $policyTypeMap.Values - - if ($null -ne $PSBoundParameters["type"]) { - $type = if ($policyTypeMap.ContainsKey($type)) { $policyTypeMap[$type] } else { - Write-Error "Set-EntraBetADPolicy : Error occurred while executing SetPolicy - Code: Request_BadRequest - Message: Invalid value specified for property 'type' of resource 'Policy'." - return; - } - } else { - $type = $null - } - - if(!$type) { - foreach ($pType in $policyTypes) { - $uri = "https://graph.microsoft.com/v1.0/policies/" + $pType + "/" + $id - try { - $response = Invoke-GraphRequest -Uri $uri -Method GET - break - } - catch {} - } - $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' - $type = $Matches[1] - } - - if($policyTypes -notcontains $type) { - Write-Error "Set-AzureADPolicy : Error occurred while executing SetPolicy - Code: Request_BadRequest - Message: Invalid value specified for property 'type' of resource 'Policy'." - } - else { - if ($null -ne $PSBoundParameters["Definition"]) { - $params["Definition"] = $PSBoundParameters["Definition"] - } - if ($null -ne $PSBoundParameters["DisplayName"]) { - $params["DisplayName"] = $PSBoundParameters["DisplayName"] - } - if ($null -ne $PSBoundParameters["Definition"]) { - $params["Definition"] = $PSBoundParameters["Definition"] - } - if ($null -ne $PSBoundParameters["IsOrganizationDefault"]) { - $params["IsOrganizationDefault"] = $PSBoundParameters["IsOrganizationDefault"] - } - if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $type )) { - $URI = "https://graph.microsoft.com/v1.0/policies/" + $type + "/" + $id - } - - $Method = "PATCH" - - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - - $body = $params | ConvertTo-Json - Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Body $body -Method $Method - - } - - } -} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 b/module/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 deleted file mode 100644 index 2fc79e92ac..0000000000 --- a/module/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 +++ /dev/null @@ -1,83 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Update-EntraUserFromFederated { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, - [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, - [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId - - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand - if ($null -ne $PSBoundParameters["UserPrincipalName"]) { - $UserPrincipalName = $PSBoundParameters.UserPrincipalName - $UserId = Get-MgUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual - if ($null -ne $UserId) - { - $AuthenticationMethodId = Get-MgUserAuthenticationMethod -UserId $UserId.Id - $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id - $params["UserId"] = $UserId.Id - } - } - if ($PSBoundParameters.ContainsKey("NewPassword")) { - $params["NewPassword"] = $PSBoundParameters["NewPassword"] - } - if ($PSBoundParameters.ContainsKey("Verbose")) { - $params["Verbose"] = $PSBoundParameters["Verbose"] - } - if ($PSBoundParameters.ContainsKey("Debug")) { - $params["Debug"] = $PSBoundParameters["Debug"] - } - if($null -ne $PSBoundParameters["WarningVariable"]) - { - $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] - } - if($null -ne $PSBoundParameters["InformationVariable"]) - { - $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] - } - if($null -ne $PSBoundParameters["InformationAction"]) - { - $params["InformationAction"] = $PSBoundParameters["InformationAction"] - } - if($null -ne $PSBoundParameters["OutVariable"]) - { - $params["OutVariable"] = $PSBoundParameters["OutVariable"] - } - if($null -ne $PSBoundParameters["OutBuffer"]) - { - $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] - } - if($null -ne $PSBoundParameters["ErrorVariable"]) - { - $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] - } - if($null -ne $PSBoundParameters["PipelineVariable"]) - { - $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] - } - if($null -ne $PSBoundParameters["ErrorAction"]) - { - $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] - } - if($null -ne $PSBoundParameters["WarningAction"]) - { - $params["WarningAction"] = $PSBoundParameters["WarningAction"] - } - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - if($null -ne $AuthenticationMethodId) - { - $response = Reset-MgUserAuthenticationMethodPassword @params -Headers $customHeaders - } - $response - } -} -Set-Alias -Name Convert-EntraFederatedUser -Value Update-EntraUserFromFederated -Scope Global -Force - diff --git a/module/Entra/Microsoft.Entra/Applications/Add-EntraApplicationOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Add-EntraApplicationOwner.ps1 new file mode 100644 index 0000000000..756f8ae9a7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Add-EntraApplicationOwner.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraApplicationOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + + $newOwner = @{} + + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $newOwner["@odata.id"] = "https://graph.microsoft.com/v1.0/directoryObjects/"+$PSBoundParameters["RefObjectId"] + $params["BodyParameter"] = $newOwner + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + New-MgApplicationOwnerByRef @params -Headers $customHeaders +} +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.ps1 b/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..23aea766ff --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[Microsoft.Open.MSGraph.Model.DelegatedPermissionClassification+ClassificationEnum]] $Classification, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PermissionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PermissionName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["Classification"]) + { + $params["Classification"] = $PSBoundParameters["Classification"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PermissionId"]) + { + $params["PermissionId"] = $PSBoundParameters["PermissionId"] + } + if ($null -ne $PSBoundParameters["PermissionName"]) + { + $params["PermissionName"] = $PSBoundParameters["PermissionName"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..6a69beac07 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Add-EntraServicePrincipalOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgServicePrincipalOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Applications/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..ec173d258c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Remove-AzureADApplication -Value Remove-EntraApplication -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationKey -Value New-EntraApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationVerifiedPublisher -Value Remove-EntraApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplication -Value Set-EntraApplication -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipal -Value Remove-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Remove-AzureADServiceAppRoleAssignment -Value Remove-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADDeletedApplication -Value Get-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalKeyCredential -Value Get-EntraServicePrincipalKeyCredential -Scope Global -Force + Set-Alias -Name Add-AzureADServicePrincipalOwner -Value Add-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignedTo -Value Get-EntraServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationKeyCredential -Value Get-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name New-AzureADApplicationExtensionProperty -Value New-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationPasswordCredential -Value Remove-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationExtensionProperty -Value Get-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipal -Value Get-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalMembership -Value Get-EntraServicePrincipalMembership -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignment -Value Get-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplicationVerifiedPublisher -Value Set-EntraApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalPasswordCredential -Value Remove-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationPassword -Value New-EntraApplicationPassword -Scope Global -Force + Set-Alias -Name New-AzureADApplicationPasswordCredential -Value New-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Remove-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Remove-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalCreatedObject -Value Get-EntraServicePrincipalCreatedObject -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationOwner -Value Get-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalPasswordCredential -Value Get-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Add-AzureADApplicationOwner -Value Add-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalPasswordCredential -Value New-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOAuth2PermissionGrant -Value Get-EntraServicePrincipalOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADApplication -Value Get-EntraApplication -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalOwner -Value Remove-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationKey -Value Remove-EntraApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADMSDeletedDirectoryObject -Value Remove-EntraDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name New-AzureADMSApplication -Value New-EntraApplication -Scope Global -Force + Set-Alias -Name New-AzureADApplicationKeyCredential -Value New-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwner -Value Get-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationOwner -Value Remove-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name Set-AzureADServicePrincipal -Value Set-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsServicePrincipalIsMemberOf -Value Select-EntraGroupIdsServicePrincipalIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADDeletedApplication -Value Remove-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipal -Value New-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationLogo -Value Get-EntraApplicationLogo -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationPasswordCredential -Value Get-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwnedObject -Value Get-EntraServicePrincipalOwnedObject -Scope Global -Force + Set-Alias -Name Add-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Add-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationPassword -Value Remove-EntraApplicationPassword -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationServiceEndpoint -Value Get-EntraApplicationServiceEndpoint -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationKeyCredential -Value Remove-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Restore-AzureADDeletedApplication -Value Restore-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name New-AzureADServiceAppRoleAssignment -Value New-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalKeyCredential -Value Remove-EntraServicePrincipalKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Get-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationExtensionProperty -Value Remove-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationLogo -Value Set-EntraApplicationLogo -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-EntraServiceAppRoleAssignedTo -Value Get-EntraServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Remove-EntraServiceAppRoleAssignment -Value Remove-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraServiceAppRoleAssignment -Value Get-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraServiceAppRoleAssignment -Value New-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplication.ps1 new file mode 100644 index 0000000000..3110847fa7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplication.ps1 @@ -0,0 +1,162 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ApplicationId = "Id"} + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"`$_ : `$(`$params[`$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name InformationalUrls -Value Info + $propsToConvert = @( + 'AddIns','Logo','AppRoles','GroupMembershipClaims','IdentifierUris','Info', + 'IsDeviceOnlyAuthSupported','KeyCredentials','Oauth2RequirePostResponse','OptionalClaims', + 'ParentalControlSettings','PasswordCredentials','Api','PublicClient', + 'PublisherDomain','Web','RequiredResourceAccess','SignInAudience') + try { + foreach ($prop in $propsToConvert) { + if($prop -eq 'AppRoles'){ + $myAppRoles = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.AppRole] + foreach ($appRole in $_.$prop) { + $hash = New-Object Microsoft.Open.AzureAD.Model.AppRole + foreach ($propertyName in $hash.psobject.Properties.Name) { + $hash.$propertyName = $appRole.$propertyName + } + $myAppRoles.Add($hash) + } + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($myAppRoles) -Force + } + else { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + catch {} + } + foreach ($credType in @('KeyCredentials', 'PasswordCredentials')) { + if ($null -ne $_.PSObject.Properties[$credType]) { + $_.$credType | ForEach-Object { + try { + if ($null -ne $_.EndDateTime -or $null -ne $_.StartDateTime) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name EndDate -Value $_.EndDateTime + Add-Member -InputObject $_ -MemberType NoteProperty -Name StartDate -Value $_.StartDateTime + $_.PSObject.Properties.Remove('EndDateTime') + $_.PSObject.Properties.Remove('StartDateTime') + } + } + catch {} + } + } + } + } + + $response +} +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationExtensionProperty.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..aa5c695548 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationExtensionProperty.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationKeyCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..263a3ffeed --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationKeyCredential.ps1 @@ -0,0 +1,18 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + (Get-MgApplication -Headers $customHeaders -ApplicationId $PSBoundParameters["ObjectId"]).KeyCredentials + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationLogo.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationLogo.ps1 new file mode 100644 index 0000000000..3f240e247e --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationLogo.ps1 @@ -0,0 +1,56 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationLogo { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $View, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FileName, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/v1.0/applications' + $Method = "GET" + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $URI = "$baseUri/$($params.ApplicationId)" + } + + if($null -ne $PSBoundParameters["FilePath"]){ + $params["FilePath"] = $PSBoundParameters["FilePath"] + + $imageExtensions = @(".jpg", ".jpeg", ".png", ".gif", ".bmp") + + if(-not (Test-Path $($params.FilePath) -PathType Leaf) -and $imageExtensions -notcontains [System.IO.Path]::GetExtension($($params.FilePath))){ + Write-Error -Message "Get-EntraApplicationLogo : FilePath is invalid" + break; + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $logoUrl = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).Info.logoUrl + + if($null -ne $logoUrl){ + try { + Invoke-WebRequest -Uri $logoUrl -OutFile $($params.FilePath) + } + catch { + + } + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationOwner.ps1 new file mode 100644 index 0000000000..3e5c528300 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationOwner.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/applications' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $URI = "$baseUri/$($params.ApplicationId)/owners?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.ApplicationId)/owners?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.ApplicationId)/owners?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..16f06fbeb4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationPasswordCredential.ps1 @@ -0,0 +1,34 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + # TODO : Invoke API and apply the correct Select query + + $response = (Get-MgApplication -Headers $customHeaders -ApplicationId $PSBoundParameters["ApplicationId"]).PasswordCredentials + + if($null -ne $PSBoundParameters["Property"]) + { + $response | Select-Object $PSBoundParameters["Property"] + } + else { + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationServiceEndpoint.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationServiceEndpoint.ps1 new file mode 100644 index 0000000000..c3d47523ef --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationServiceEndpoint.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationServiceEndpoint { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalEndpoint @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationTemplate.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationTemplate.ps1 new file mode 100644 index 0000000000..6962a30f8c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraApplicationTemplate.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraApplicationTemplate { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $uri = "https://graph.microsoft.com/v1.0/applicationTemplates" + $params["Method"] = "GET" + $params["Uri"] = $uri+'?$select=*' + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $params["Uri"] = $uri+"?`$select=$($selectProperties)" + } + if(($PSBoundParameters.ContainsKey("Top") -and (-not $PSBoundParameters.ContainsKey("All"))) -or ($PSBoundParameters.ContainsKey("Top") -and $null -ne $PSBoundParameters["All"])) + { + $topCount = $PSBoundParameters["Top"] + $params["Uri"] += "&`$top=$topCount" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$' + 'Filter' + $params["Uri"] += "&$f=$Filter" + } + if((-not $PSBoundParameters.ContainsKey("Top")) -and (-not $PSBoundParameters.ContainsKey("All"))) + { + $params["Uri"] += "&`$top=100" + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["ApplicationTemplateId"] = $PSBoundParameters["Id"] + $params["Uri"] = $uri + "/$Id" + } + + $response = Invoke-GraphRequest -Uri $($params.Uri) -Method GET -Headers $customHeaders + + if($response.ContainsKey('value')){ + $response = $response.value + } + + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $userList = @() + foreach ($res in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphApplicationTemplate + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraDeletedApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraDeletedApplication.ps1 new file mode 100644 index 0000000000..1c022d989f --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraDeletedApplication.ps1 @@ -0,0 +1,145 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDeletedApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryDeletedItemAsApplication @params -Headers $customHeaders + + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + $propsToConvert = @( + 'AddIns','AppRoles','GroupMembershipClaims','IdentifierUris','Info', + 'IsDeviceOnlyAuthSupported','KeyCredentials','OptionalClaims', + 'ParentalControlSettings','PasswordCredentials','Api','PublicClient', + 'PublisherDomain','Web','RequiredResourceAccess') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + + Add-Member -InputObject $_ -MemberType AliasProperty -Name AppLogoUrl -Value Logo + Add-Member -InputObject $_ -MemberType AliasProperty -Name InformationalUrls -Value Info + Add-Member -InputObject $_ -MemberType AliasProperty -Name HomePage -Value Web.HomePageUrl + Add-Member -InputObject $_ -MemberType AliasProperty -Name LogoutUrl -Value Web.LogoutUrl + Add-Member -InputObject $_ -MemberType AliasProperty -Name ReplyUrls -Value Web.RedirectUris + Add-Member -InputObject $_ -MemberType AliasProperty -Name KnownClientApplications -Value Api.KnownClientApplications + Add-Member -InputObject $_ -MemberType AliasProperty -Name PreAuthorizedApplications -Value Api.PreAuthorizedApplications + Add-Member -InputObject $_ -MemberType AliasProperty -Name Oauth2AllowImplicitFlow -Value Web.Oauth2AllowImplicitFlow + } + + } + + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipal.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipal.ps1 new file mode 100644 index 0000000000..a48b13d101 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipal.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 new file mode 100644 index 0000000000..81afb5e464 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalAppRoleAssignedTo { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalAppRoleAssignedTo @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..5d941d589c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalCreatedObject.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalCreatedObject.ps1 new file mode 100644 index 0000000000..7b18b898e3 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalCreatedObject.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalCreatedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalCreatedObject @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..617f8214a8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["DelegatedPermissionClassificationId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalKeyCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalKeyCredential.ps1 new file mode 100644 index 0000000000..670eb8b46b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalKeyCredential.ps1 @@ -0,0 +1,23 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $response = (Get-MgServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).KeyCredentials + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + $response +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalMembership.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalMembership.ps1 new file mode 100644 index 0000000000..504277060b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalTransitiveMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..f5b1434454 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalOauth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwnedObject.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwnedObject.ps1 new file mode 100644 index 0000000000..6134b20b18 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwnedObject.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalOwnedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalOwnedObject @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..4ce9fe2f33 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalOwner.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgServicePrincipalOwner @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('appRoles','oauth2PermissionScopes') + try{ + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + }catch{} + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..3438fe42cf --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,23 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraServicePrincipalPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $response = (Get-MgServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).PasswordCredentials + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + $response +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Applications/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplication.ps1 new file mode 100644 index 0000000000..56ff641707 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplication.ps1 @@ -0,0 +1,286 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TokenEncryptionKeyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.WebApplication] $Web, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]] $AppRoles, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]] $RequiredResourceAccess, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]] $AddIns, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InformationalUrl] $InformationalUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]] $PasswordCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ParentalControlSettings] $ParentalControlSettings, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GroupMembershipClaims, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SignInAudience, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.OptionalClaims] $OptionalClaims, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PublicClientApplication] $PublicClient, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ApiApplication] $Api + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["TokenEncryptionKeyId"]) + { + $params["TokenEncryptionKeyId"] = $PSBoundParameters["TokenEncryptionKeyId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDateTime + Key= $v.Key + StartDateTime= $v.StartDateTime + Type= $v.Type + Usage= $v.Usage + } + + $a += $hash + } + + $Value = $a + $params["KeyCredentials"] = $Value + } + if($null -ne $PSBoundParameters["Web"]) + { + $TmpValue = $PSBoundParameters["Web"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Web"] = $Value + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["IsDeviceOnlyAuthSupported"]) + { + $params["IsDeviceOnlyAuthSupported"] = $PSBoundParameters["IsDeviceOnlyAuthSupported"] + } + if($null -ne $PSBoundParameters["AppRoles"]) + { + $TmpValue = $PSBoundParameters["AppRoles"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $Temp = $v | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { if($null -ne $_.Value){ $hash[$_.Name] = $_.Value }} + $a += $hash + } + + $Value = $a + $params["AppRoles"] = $Value + } + if ($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if($null -ne $PSBoundParameters["RequiredResourceAccess"]) + { + $TmpValue = $PSBoundParameters["RequiredResourceAccess"] + $Value = $TmpValue | ConvertTo-Json + $params["RequiredResourceAccess"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["IsFallbackPublicClient"]) + { + $params["IsFallbackPublicClient"] = $PSBoundParameters["IsFallbackPublicClient"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["AddIns"]) + { + $TmpValue = $PSBoundParameters["AddIns"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["AddIns"] = $Value + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationalUrl"]) + { + $TmpValue = $PSBoundParameters["InformationalUrl"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Info"] = $Value + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $Temp = $v | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { if($null -ne $_.Value){ $hash[$_.Name] = $_.Value }} + $a += $hash + } + + $Value = $a + $params["PasswordCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ParentalControlSettings"]) + { + $TmpValue = $PSBoundParameters["ParentalControlSettings"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["ParentalControlSettings"] = $Value + } + if ($null -ne $PSBoundParameters["GroupMembershipClaims"]) + { + $params["GroupMembershipClaims"] = $PSBoundParameters["GroupMembershipClaims"] + } + if ($null -ne $PSBoundParameters["SignInAudience"]) + { + $params["SignInAudience"] = $PSBoundParameters["SignInAudience"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["OptionalClaims"]) + { + $TmpValue = $PSBoundParameters["OptionalClaims"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["OptionalClaims"] = $Value + } + if($null -ne $PSBoundParameters["PublicClient"]) + { + $TmpValue = $PSBoundParameters["PublicClient"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["PublicClient"] = $Value + } + if($null -ne $PSBoundParameters["Api"]) + { + $TmpValue = $PSBoundParameters["Api"] + + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Api"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationExtensionProperty.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..6510494f7d --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationExtensionProperty.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DataType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $TargetObjects, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["DataType"]) + { + $params["DataType"] = $PSBoundParameters["DataType"] + } + if ($null -ne $PSBoundParameters["TargetObjects"]) + { + $params["TargetObjects"] = $PSBoundParameters["TargetObjects"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["Name"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationFromApplicationTemplate.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationFromApplicationTemplate.ps1 new file mode 100644 index 0000000000..4ecda99cbe --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationFromApplicationTemplate.ps1 @@ -0,0 +1,50 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationFromApplicationTemplate { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["ApplicationTemplateId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $body = @{ + displayName = $DisplayName + } + + $uri = "https://graph.microsoft.com/v1.0/applicationTemplates/$Id/instantiate" + $response = invoke-graphrequest -uri $uri -Headers $customHeaders -Body $body -Method POST | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $memberList = @() + foreach($data in $response){ + $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphApplicationServicePrincipal + if (-not ($data -is [psobject])) { + $data = [pscustomobject]@{ Value = $data } + } + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $memberList += $memberType + } + $memberList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKey.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKey.ps1 new file mode 100644 index 0000000000..69f52ba5ca --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKey.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationKey { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Proof, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.MSGraph.Model.KeyCredential] $KeyCredential + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["PasswordCredential"]) + { + $params["PasswordCredential"] = $PSBoundParameters["PasswordCredential"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["Proof"]) + { + $params["Proof"] = $PSBoundParameters["Proof"] + } + if ($null -ne $PSBoundParameters["KeyCredential"]) + { + $params["KeyCredential"] = $PSBoundParameters["KeyCredential"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKeyCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..62a0ee6a5d --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationKeyCredential.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyType]] $Type, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyUsage]] $Usage + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["CustomKeyIdentifier"]) + { + $params["CustomKeyIdentifier"] = $PSBoundParameters["CustomKeyIdentifier"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["StartDate"]) + { + $params["StartDate"] = $PSBoundParameters["StartDate"] + } + if ($null -ne $PSBoundParameters["EndDate"]) + { + $params["EndDate"] = $PSBoundParameters["EndDate"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["Value"]) + { + $params["Value"] = $PSBoundParameters["Value"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["Type"]) + { + $params["Type"] = $PSBoundParameters["Type"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Usage"]) + { + $params["Usage"] = $PSBoundParameters["Usage"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPassword.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPassword.ps1 new file mode 100644 index 0000000000..7587ce592e --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPassword.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationPassword { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["PasswordCredential"]) + { + $TmpValue = $PSBoundParameters["PasswordCredential"] + $hash = @{} + $TmpValue.PSObject.Properties | ForEach-Object { + if ($_.Value) { + $hash[$_.Name] = $_.Value + } + } + + $Value = $hash + $params["PasswordCredential"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..73e7a57a93 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraApplicationPasswordCredential.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body=@{} + + if($null -ne $PSBoundParameters["StartDate"]) + { + $body["startDateTime"] = $PSBoundParameters["StartDate"] + } + if($null -ne $PSBoundParameters["EndDate"]) + { + $body["endDateTime"] = $PSBoundParameters["EndDate"] + } + if($null -ne $PSBoundParameters["CustomKeyIdentifier"]) + { + $body["displayName"] = $PSBoundParameters["CustomKeyIdentifier"] + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + $params["PasswordCredential"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Add-MgApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + If($_.DisplayName){ + $Value = [System.Text.Encoding]::ASCII.GetBytes($_.DisplayName) + Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $Value -Force + } + Add-Member -InputObject $_ -MemberType AliasProperty -Name Value -Value SecretText + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..263b4de063 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Applications | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipal.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipal.ps1 new file mode 100644 index 0000000000..dd81ff9f1b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipal.ps1 @@ -0,0 +1,229 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $AlternativeNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ErrorUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AppId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ServicePrincipalType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Homepage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ReplyUrls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PublisherName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SamlMetadataUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $LogoutUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AccountEnabled + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AlternativeNames"]) + { + $params["AlternativeNames"] = $PSBoundParameters["AlternativeNames"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ErrorUrl"]) + { + $params["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] + } + if ($null -ne $PSBoundParameters["AppId"]) + { + $params["AppId"] = $PSBoundParameters["AppId"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalNames"]) + { + $params["ServicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalType"]) + { + $params["ServicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] + } + if ($null -ne $PSBoundParameters["Homepage"]) + { + $params["Homepage"] = $PSBoundParameters["Homepage"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ReplyUrls"]) + { + $params["ReplyUrls"] = $PSBoundParameters["ReplyUrls"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) + { + $params["AppRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] + } + if ($null -ne $PSBoundParameters["PublisherName"]) + { + $params["PublisherName"] = $PSBoundParameters["PublisherName"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDate + SecretText= $v.Value + StartDateTime= $v.StartDate + } + + $a += $hash + } + $Value = $a + $params["PasswordCredentials"] = $Value + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDate + Key= $v.Value + StartDateTime= $v.StartDate + Type= $v.Type + Usage= $v.Usage + } + + $a += $hash + } + $Value = $a + $params["KeyCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["SamlMetadataUrl"]) + { + $params["SamlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] + } + if ($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["LogoutUrl"]) + { + $params["LogoutUrl"] = $PSBoundParameters["LogoutUrl"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $TmpValue = $PSBoundParameters["AccountEnabled"] + $Value = $null + + if (-not [bool]::TryParse($TmpValue, [ref]$Value)) { + throw 'Invalid input for AccountEnabled' + return + } + $params["AccountEnabled"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name AppOwnerTenantId -Value AppOwnerOrganizationId + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..642526c1a4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AppRoleId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..8efb459fef --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/New-EntraServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,37 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraServicePrincipalPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate + ) + + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{ + passwordCredential = @{ + startDateTime = $PSBoundParameters["StartDate"]; + endDateTime = $PSBoundParameters["EndDate"]; + } + } + $response = Add-MgServicePrincipalPassword -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -BodyParameter $body + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + $response +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplication.ps1 new file mode 100644 index 0000000000..034b825b95 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplication.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationExtensionProperty.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..c6456c4147 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationExtensionProperty.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionPropertyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["ExtensionPropertyId"]) + { + $params["ExtensionPropertyId"] = $PSBoundParameters["ExtensionPropertyId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKey.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKey.ps1 new file mode 100644 index 0000000000..3beb994e77 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKey.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationKey { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Proof + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["Proof"]) + { + $params["Proof"] = $PSBoundParameters["Proof"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKeyCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..cfc6f5449b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationKeyCredential.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationOwner.ps1 new file mode 100644 index 0000000000..0095bea9e7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPassword.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPassword.ps1 new file mode 100644 index 0000000000..e9bf9bb5f7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPassword.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationPassword { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $KeyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..40c064260c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationPasswordCredential.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationVerifiedPublisher.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationVerifiedPublisher.ps1 new file mode 100644 index 0000000000..ef8cf85d18 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraApplicationVerifiedPublisher.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraApplicationVerifiedPublisher { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AppObjectId"]) + { + $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Clear-MgApplicationVerifiedPublisher @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedApplication.ps1 new file mode 100644 index 0000000000..701b0274f9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedApplication.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDeletedApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedDirectoryObject.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedDirectoryObject.ps1 new file mode 100644 index 0000000000..6b49f2bcb1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraDeletedDirectoryObject.ps1 @@ -0,0 +1,28 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("Id")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryObjectId + ) + + PROCESS { + $params = @{} + $Method = "DELETE" + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["DirectoryObjectId"]) { + $params["DirectoryObjectId"] = $PSBoundParameters["DirectoryObjectId"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = "https://graph.microsoft.com/v1.0/directory/deletedItems/$DirectoryObjectId" + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipal.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipal.ps1 new file mode 100644 index 0000000000..5dc9bc5365 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipal.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipal { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..112b83fea2 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..c22fecfcfe --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,21 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS{ + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + Remove-MgServicePrincipalDelegatedPermissionClassification -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -DelegatedPermissionClassificationId $PSBoundParameters["Id"] + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalKeyCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalKeyCredential.ps1 new file mode 100644 index 0000000000..dda29fc1aa --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalKeyCredential.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipalKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgServicePrincipalKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalOwner.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..0e303328fb --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalOwner.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgServicePrincipalOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.ps1 b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..b0f31570bd --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,20 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraServicePrincipalPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS{ + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + Remove-MgServicePrincipalPassword -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -KeyId $PSBoundParameters["KeyId"] + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Restore-EntraDeletedApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Restore-EntraDeletedApplication.ps1 new file mode 100644 index 0000000000..703c5baf03 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Restore-EntraDeletedApplication.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Restore-EntraDeletedApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["ObjectId"] + } + if($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Restore-MgDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name Homepage -value $_.AdditionalProperties['web']['homePageUrl'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ReplyUrls -value $_.AdditionalProperties['web']['redirectUris'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ParentalControlSettings -value $_.AdditionalProperties['parentalControlSettings'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PasswordCredentials -value $_.AdditionalProperties['passwordCredentials'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name KeyCredentials -value $_.AdditionalProperties['keyCredentials'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AddIns -value $_.AdditionalProperties['addIns'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AppId -value $_.AdditionalProperties['appId'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AppRoles -value $_.AdditionalProperties['appRoles'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name DisplayName -value $_.AdditionalProperties['displayName'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name IdentifierUris -value $_.AdditionalProperties['identifierUris'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name KnownClientApplications -value $_.AdditionalProperties['api']['knownClientApplications'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name Oauth2Permissions -value $_.AdditionalProperties['api']['oauth2PermissionScopes'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PreAuthorizedApplications -value $_.AdditionalProperties['api']['preAuthorizedApplications'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PublicClient -value $_.AdditionalProperties['publicClient'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PublisherDomain -value $_.AdditionalProperties['publisherDomain'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name RequiredResourceAccess -value $_.AdditionalProperties['requiredResourceAccess'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name SignInAudience -value $_.AdditionalProperties['signInAudience'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ObjectType -value $_.AdditionalProperties['@odata.type'] + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 b/module/Entra/Microsoft.Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 new file mode 100644 index 0000000000..a1981bcd68 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraGroupIdsServicePrincipalIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgServicePrincipalMemberOf @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.Id + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Set-EntraApplication.ps1 b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplication.ps1 new file mode 100644 index 0000000000..a3818da5ca --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplication.ps1 @@ -0,0 +1,305 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TokenEncryptionKeyId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ApiApplication] $Api, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]] $AddIns, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ParentalControlSettings] $ParentalControlSettings, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]] $AppRoles, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PublicClientApplication] $PublicClient, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]] $RequiredResourceAccess, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.OptionalClaims] $OptionalClaims, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]] $PasswordCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GroupMembershipClaims, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.WebApplication] $Web, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InformationalUrl] $InformationalUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SignInAudience + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["Api"]) + { + $TmpValue = $PSBoundParameters["Api"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["Api"] = $Value + } + if($null -ne $PSBoundParameters["OptionalClaims"]) + { + $TmpValue = $PSBoundParameters["OptionalClaims"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["OptionalClaims"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + if($null -ne $PSBoundParameters["Web"]) + { + $TmpValue = $PSBoundParameters["Web"] + $Value = @{} + if($TmpValue.HomePageUrl) { $Value["HomePageUrl"] = $TmpValue.HomePageUrl } + if($TmpValue.LogoutUrl) { $Value["LogoutUrl"] = $TmpValue.LogoutUrl } + if($TmpValue.RedirectUris) { $Value["RedirectUris"] = $TmpValue.RedirectUris } + if($TmpValue.ImplicitGrantSettings) { $Value["ImplicitGrantSettings"] = $TmpValue.ImplicitGrantSettings } + + $params["Web"] = $Value + } + if($null -ne $PSBoundParameters["IsFallbackPublicClient"]) + { + $params["IsFallbackPublicClient"] = $PSBoundParameters["IsFallbackPublicClient"] + } + if($null -ne $PSBoundParameters["RequiredResourceAccess"]) + { + $TmpValue = $PSBoundParameters["RequiredResourceAccess"] + $Value = $TmpValue | ConvertTo-Json + $params["RequiredResourceAccess"] = $Value + } + if($null -ne $PSBoundParameters["PublicClient"]) + { + $TmpValue = $PSBoundParameters["PublicClient"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["PublicClient"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["IsDeviceOnlyAuthSupported"]) + { + $params["IsDeviceOnlyAuthSupported"] = $PSBoundParameters["IsDeviceOnlyAuthSupported"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } + if($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } + if($TmpValue.Key) { $hash["Key"] = $v.Key } + if($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } + if($TmpValue.Type) { $hash["Type"] = $v.Type } + if($TmpValue.Usage) { $hash["Usage"] = $v.Usage } + if($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } + if($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } + + $a += $hash + } + + $Value = $a + $params["KeyCredentials"] = $Value + } + if($null -ne $PSBoundParameters["TokenEncryptionKeyId"]) + { + $params["TokenEncryptionKeyId"] = $PSBoundParameters["TokenEncryptionKeyId"] + } + if($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if($null -ne $PSBoundParameters["ParentalControlSettings"]) + { + $TmpValue = $PSBoundParameters["ParentalControlSettings"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["ParentalControlSettings"] = $Value + } + if($null -ne $PSBoundParameters["GroupMembershipClaims"]) + { + $params["GroupMembershipClaims"] = $PSBoundParameters["GroupMembershipClaims"] + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["AddIns"]) + { + $TmpValue = $PSBoundParameters["AddIns"] + $Value = @() + $Properties = @() + + foreach($prop in $TmpValue.Properties) + { + $Temp = $prop | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $hash[$_.Name] = $_.Value } + $Properties += $hash + } + + foreach($data in $TmpValue) + { + $hash = @{ + Id= $data.Id + Type = $data.Type + Properties = $Properties + } + + $Value += $hash + } + $params["AddIns"] = $Value + } + if($null -ne $PSBoundParameters["AppRoles"]) + { + $TmpValue = $PSBoundParameters["AppRoles"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.AllowedMemberTypes) { $hash["AllowedMemberTypes"] = $v.AllowedMemberTypes } + if($TmpValue.Description) { $hash["Description"] = $v.Description } + if($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } + if($TmpValue.Id) { $hash["Id"] = $v.Id } + if($TmpValue.IsEnabled) { $hash["IsEnabled"] = $v.IsEnabled } + if($TmpValue.Origin) { $hash["Origin"] = $v.Origin } + if($TmpValue.Value) { $hash["Value"] = $v.Value } + + $a += $hash + } + + $Value = $a + $params["AppRoles"] = $Value + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } + if($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } + if($TmpValue.Hint) { $hash["Hint"] = $v.Hint } + if($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } + if($TmpValue.SecretText) { $hash["SecretText"] = $v.SecretText } + if($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } + if($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } + + $a += $hash + } + + $Value = $a + $params["PasswordCredentials"] = $Value + } + if($null -ne $PSBoundParameters["SignInAudience"]) + { + $params["SignInAudience"] = $PSBoundParameters["SignInAudience"] + } + if($null -ne $PSBoundParameters["InformationalUrl"]) + { + $TmpValue = $PSBoundParameters["InformationalUrl"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["Info"] = $Value + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationLogo.ps1 b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationLogo.ps1 new file mode 100644 index 0000000000..fb658ebb7c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationLogo.ps1 @@ -0,0 +1,59 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraApplicationLogo { + [CmdletBinding(DefaultParameterSetName = 'File')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Stream")] + [Parameter(ParameterSetName = "File")] + [Parameter(ParameterSetName = "ByteArray")] + [System.String] $ApplicationId, + [Parameter(ParameterSetName = "ByteArray", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Byte[]] $ImageByteArray, + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Parameter(ParameterSetName = "Stream", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.IO.Stream] $FileStream + ) + PROCESS { + try{ + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/v1.0/applications' + $Method = "PUT" + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $URI = "$baseUri/$($params.ApplicationId)/logo" + } + if($null -ne $PSBoundParameters["FilePath"]){ + $params["FilePath"] = $PSBoundParameters["FilePath"] + $isUrl = [System.Uri]::IsWellFormedUriString($($params.FilePath), [System.UriKind]::Absolute) + $isLocalFile = [System.IO.File]::Exists($($params.FilePath)) + + if($isUrl){ + $logoBytes = (Invoke-WebRequest $($params.FilePath)).Content + } + elseif($isLocalFile){ + $logoBytes = [System.IO.File]::ReadAllBytes($($params.FilePath)) + } + else{ + Write-Error -Message "FilePath is invalid" -ErrorAction Stop + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -ContentType "image/*" -Body $logoBytes + } + catch [System.Net.WebException]{ + Write-Error -Message "FilePath is invalid. Invalid or malformed url" -ErrorAction Stop + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationVerifiedPublisher.ps1 b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationVerifiedPublisher.ps1 new file mode 100644 index 0000000000..f05ff18489 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Set-EntraApplicationVerifiedPublisher.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraApplicationVerifiedPublisher { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.SetVerifiedPublisherRequest] $SetVerifiedPublisherRequest, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["SetVerifiedPublisherRequest"]) + { + $params["SetVerifiedPublisherRequest"] = $PSBoundParameters["SetVerifiedPublisherRequest"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AppObjectId"]) + { + $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgApplicationVerifiedPublisher @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Applications/Set-EntraServicePrincipal.ps1 b/module/Entra/Microsoft.Entra/Applications/Set-EntraServicePrincipal.ps1 new file mode 100644 index 0000000000..cf5ed1d7fe --- /dev/null +++ b/module/Entra/Microsoft.Entra/Applications/Set-EntraServicePrincipal.ps1 @@ -0,0 +1,169 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $AlternativeNames, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PublisherName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ReplyUrls, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $LogoutUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ErrorUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SamlMetadataUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AccountEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ServicePrincipalType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Homepage, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AppId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredSingleSignOnMode + ) + + PROCESS { + $params = @{} + $params["Uri"] = "https://graph.microsoft.com/v1.0/servicePrincipals" + $params["Method"] = "PATCH" + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $body["accountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["AlternativeNames"]) + { + $body["alternativeNames"] = $PSBoundParameters["AlternativeNames"] + } + if($null -ne $PSBoundParameters["PreferredSingleSignOnMode"]) + { + $body["preferredSingleSignOnMode"] = $PSBoundParameters["PreferredSingleSignOnMode"] + } + if($null -ne $PSBoundParameters["Tags"]) + { + $body["tags"] = $PSBoundParameters["Tags"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["displayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["AppId"]) + { + $body["appId"] = $PSBoundParameters["AppId"] + } + if($null -ne $PSBoundParameters["ErrorUrl"]) + { + $body["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $a = @() + $inpu = $PSBoundParameters["KeyCredentials"] + foreach($value in $inpu) + { + $hash = @{ + customKeyIdentifier= $value.CustomKeyIdentifier + endDateTime = $value.EndDate + key= $value.Value + startDateTime= $value.StartDate + type= $value.Type + usage= $value.Usage + } + $a += $hash + } + $body["keyCredentials"] = $a + } + if($null -ne $PSBoundParameters["ReplyUrls"]) + { + $body["replyUrls"] = $PSBoundParameters["ReplyUrls"] + } + if($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["Uri"] += "/$ServicePrincipalId" + } + if($null -ne $PSBoundParameters["LogoutUrl"]) + { + $body["logoutUrl"] = $PSBoundParameters["LogoutUrl"] + } + if($null -ne $PSBoundParameters["SamlMetadataUrl"]) + { + $body["samlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] + } + if($null -ne $PSBoundParameters["Homepage"]) + { + $body["homePage"] = $PSBoundParameters["Homepage"] + } + if($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) + { + $body["appRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $a = @() + $inpu = $PSBoundParameters["PasswordCredentials"] + foreach($value in $inpu) + { + $hash = @{ + customKeyIdentifier= $value.CustomKeyIdentifier + endDateTime = $value.EndDate + secretText= $value.Value + startDateTime= $value.StartDate + } + $a += $hash + } + + $body["passwordCredentials"] = $a + } + if($null -ne $PSBoundParameters["ServicePrincipalType"]) + { + $body["servicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] + } + if($null -ne $PSBoundParameters["PublisherName"]) + { + $body["publisherName"] = $PSBoundParameters["PublisherName"] + } + if($null -ne $PSBoundParameters["ServicePrincipalNames"]) + { + $body["servicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] + } + if($null -ne $PSBoundParameters["PreferredTokenSigningKeyThumbprint"]) + { + $body["preferredTokenSigningKeyThumbprint"] = $PSBoundParameters["PreferredTokenSigningKeyThumbprint"] + } + if($null -ne $PSBoundParameters["CustomSecurityAttributes"]) + { + $body["customSecurityAttributes"] = $PSBoundParameters["CustomSecurityAttributes"] + } + $params["Body"] = $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Add-EntraEnvironment.ps1 b/module/Entra/Microsoft.Entra/Authentication/Add-EntraEnvironment.ps1 new file mode 100644 index 0000000000..45e83afcf8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Add-EntraEnvironment.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraEnvironment { + [CmdletBinding(DefaultParameterSetName = 'AddQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AzureADEndpoint, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GraphEndpoint + ) + + PROCESS{ + $params=@{} + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Name"]){ + $params["Name"]=$PSBoundParameters["Name"] + } + + if($null -ne $PSBoundParameters["AzureADEndpoint"]){ + $params["AzureADEndpoint"]=$PSBoundParameters["AzureADEndpoint"] + } + + if($null -ne $PSBoundParameters["GraphEndpoint"]){ + $params["GraphEndpoint"]=$PSBoundParameters["GraphEndpoint"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Add-MgEnvironment @params + + } + } + diff --git a/module/Entra/Microsoft.Entra/Authentication/Connect-Entra.ps1 b/module/Entra/Microsoft.Entra/Authentication/Connect-Entra.ps1 new file mode 100644 index 0000000000..77c9e41e2e --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Connect-Entra.ps1 @@ -0,0 +1,172 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Connect-Entra { + [CmdletBinding(DefaultParameterSetName = 'UserParameterSet')] + param ( + [Parameter(ParameterSetName = "UserParameterSet",Position = 1)] + [System.String[]] $Scopes, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 1)] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Alias("AppId", "ApplicationId")][System.String] $ClientId, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet",Position = 4)] + [Alias("Audience", "Tenant")][System.String] $TenantId, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + $ContextScope, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "AccessTokenParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [ValidateNotNullOrEmpty()] + [Alias("EnvironmentName", "NationalCloud")][System.String] $Environment, + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [Switch] $EnvironmentVariable, + [Parameter(ParameterSetName = "UserParameterSet")] + [Alias("UseDeviceAuthentication", "DeviceCode", "DeviceAuth", "Device")][System.Management.Automation.SwitchParameter] $UseDeviceCode, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "AccessTokenParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [ValidateNotNullOrEmpty()] + [Double] $ClientTimeout, + [Parameter()] + [Switch] $NoWelcome, + [Parameter(ParameterSetName = "IdentityParameterSet",Position = 1)] + [Alias("ManagedIdentity", "ManagedServiceIdentity", "MSI")][System.Management.Automation.SwitchParameter] $Identity, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 2)] + [Alias("CertificateSubject", "CertificateName")][System.String] $CertificateSubjectName, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 3)] + [System.String] $CertificateThumbprint, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [System.Security.Cryptography.X509Certificates.X509Certificate2] $Certificate, + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Alias("SecretCredential", "Credential")][System.Management.Automation.PSCredential] $ClientSecretCredential, + [Parameter(ParameterSetName = "AccessTokenParameterSet",Position = 1)] + [System.Security.SecureString] $AccessToken + ) + + PROCESS { + $params = @{} + if ($null -ne $PSBoundParameters["Scopes"]) { + $params["Scopes"] = $PSBoundParameters["Scopes"] + } + + if ($null -ne $PSBoundParameters["ClientId"]) { + $params["ClientId"] = $PSBoundParameters["ClientId"] + } + + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["TenantId"] = $PSBoundParameters["TenantId"] + } + + if ($null -ne $PSBoundParameters["ContextScope"]) { + $params["ContextScope"] = $PSBoundParameters["ContextScope"] + } + + if ($null -ne $PSBoundParameters["Environment"]) { + $params["Environment"] = $PSBoundParameters["Environment"] + } + + if ($PSBoundParameters.ContainsKey("EnvironmentVariable")) { + $params["EnvironmentVariable"] = $PSBoundParameters["EnvironmentVariable"] + } + + if ($null -ne $PSBoundParameters["UseDeviceCode"]) { + $params["UseDeviceCode"] = $PSBoundParameters["UseDeviceCode"] + } + + if ($null -ne $PSBoundParameters["ClientTimeout"]) { + $params["ClientTimeout"] = $PSBoundParameters["ClientTimeout"] + } + + if ($PSBoundParameters.ContainsKey("NoWelcome")) { + $params["NoWelcome"] = $PSBoundParameters["NoWelcome"] + } + + if ($PSBoundParameters.ContainsKey("Identity")) { + $params["Identity"] = $PSBoundParameters["Identity"] + } + + if ($null -ne $PSBoundParameters["CertificateSubjectName"]) { + $params["CertificateSubjectName"] = $PSBoundParameters["CertificateSubjectName"] + } + + if ($null -ne $PSBoundParameters["CertificateThumbprint"]) { + $params["CertificateThumbprint"] = $PSBoundParameters["CertificateThumbprint"] + } + + if ($null -ne $PSBoundParameters["Certificate"]) { + $params["Certificate"] = $PSBoundParameters["Certificate"] + } + + if ($null -ne $PSBoundParameters["ClientSecretCredential"]) { + $params["ClientSecretCredential"] = $PSBoundParameters["ClientSecretCredential"] + } + + if ($null -ne $PSBoundParameters["AccessToken"]) { + $params["AccessToken"] = $PSBoundParameters["AccessToken"] + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + Connect-MgGraph @params + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Disconnect-Entra.ps1 b/module/Entra/Microsoft.Entra/Authentication/Disconnect-Entra.ps1 new file mode 100644 index 0000000000..9a8a691a44 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Disconnect-Entra.ps1 @@ -0,0 +1,10 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Disconnect-Entra { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param () + Disconnect-MgGraph +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Authentication/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..e078d85bca --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Revoke-AzureADUserAllRefreshToken -Value Revoke-EntraUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Revoke-AzureADSignedInUserAllRefreshToken -Value Revoke-EntraSignedInUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Connect-AzureAD -Value Connect-Entra -Scope Global -Force + Set-Alias -Name Disconnect-AzureAD -Value Disconnect-Entra -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Authentication/Find-EntraPermission.ps1 b/module/Entra/Microsoft.Entra/Authentication/Find-EntraPermission.ps1 new file mode 100644 index 0000000000..8706cc0b67 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Find-EntraPermission.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Find-EntraPermission { + [CmdletBinding(DefaultParameterSetName = 'Search')] + param ( + [parameter(ParameterSetName='Search', position=0, ValueFromPipeline=$true, Mandatory=$true)] + [String] $SearchString, + + [parameter(ParameterSetName='Search')] + [Switch] $ExactMatch, + + [ValidateSet('Any', 'Delegated', 'Application')] + [String] $PermissionType = 'Any', + + [Switch] $Online, + + [parameter(ParameterSetName='All')] + [Switch] $All + ) + + PROCESS { + $params = @{} + if($null -ne $PSBoundParameters["SearchString"]) + { + $params["SearchString"]=$PSBoundParameters["SearchString"] + } + if($null -ne $PSBoundParameters["PermissionType"]) + { + $params["PermissionType"]=$PSBoundParameters["PermissionType"] + } + if($null -ne $PSBoundParameters["ExactMatch"]) + { + $params["ExactMatch"] = $PSBoundParameters["ExactMatch"] + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($null -ne $PSBoundParameters["Online"]) + { + if($PSBoundParameters["Online"]) + { + $params["Online"] = $PSBoundParameters["Online"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Find-MgGraphPermission @params + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Get-EntraContext.ps1 b/module/Entra/Microsoft.Entra/Authentication/Get-EntraContext.ps1 new file mode 100644 index 0000000000..22c810597d --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Get-EntraContext.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContext { + [CmdletBinding(DefaultParameterSetName = '')] + param () + + PROCESS { + $params = @{} + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Confirm"]) + { + $params["Confirm"] = $PSBoundParameters["Confirm"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["WhatIf"]) + { + $params["WhatIf"] = $PSBoundParameters["WhatIf"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContext @params + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Authentication/Get-EntraEnvironment.ps1 b/module/Entra/Microsoft.Entra/Authentication/Get-EntraEnvironment.ps1 new file mode 100644 index 0000000000..8b3e762f45 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Get-EntraEnvironment.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraEnvironment{ + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name) + PROCESS{ + $params = @{} + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + if ($null -ne $PSBoundParameters["Name"]) { + $params["Name"] = $PSBoundParameters["Name"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Get-MgEnvironment @params + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Authentication/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Authentication/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Authentication/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..db9a73434b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Authentication | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.ps1 b/module/Entra/Microsoft.Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.ps1 new file mode 100644 index 0000000000..6647681c07 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Reset-EntraStrongAuthenticationMethodByUpn { + [CmdletBinding(DefaultParameterSetName = 'SetAccidentalDeletionThreshold')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $userId = $PSBoundParameters.UserPrincipalName + } + function DeleteAuthMethod($uid, $method){ + switch ($method.AdditionalProperties['@odata.type']) { + '#microsoft.graph.emailAuthenticationMethod' { + Remove-MgUserAuthenticationEmailMethod -UserId $uid -EmailAuthenticationMethodId $method.Id + } + '#microsoft.graph.phoneAuthenticationMethod' { + Remove-MgUserAuthenticationPhoneMethod -UserId $uid -PhoneAuthenticationMethodId $method.Id + } + Default { + + } + } + return $? # Return true if no error and false if there is an error + } + + $methods = Get-MgUserAuthenticationMethod -UserId $userId -Headers $customHeaders + # -1 to account for passwordAuthenticationMethod + + foreach ($authMethod in $methods) { + $deleted = DeleteAuthMethod -uid $userId -method $authMethod + if(!$deleted){ + # We need to use the error to identify and delete the default method. + $defaultMethod = $authMethod + } + } + + # Graph API does not support reading default method of a user. + # Plus default method can only be deleted when it is the only (last) auth method for a user. + # We need to use the error to identify and delete the default method. + try { + if($null -ne $defaultMethod){ + $result = DeleteAuthMethod -uid $userId -method $defaultMethod + } + } + catch {} + + if($null -ne $methods){ + $methods = Get-MgUserAuthenticationMethod -UserId $userId + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.ps1 b/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.ps1 new file mode 100644 index 0000000000..0366ab0b28 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.ps1 @@ -0,0 +1,25 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Revoke-EntraSignedInUserAllRefreshToken { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri 'https://graph.microsoft.com/v1.0/me/revokeSignInSessions' -Method POST).value + if($response){ + $responseType = New-Object Microsoft.Graph.PowerShell.Models.ComponentsMwc6EoResponsesRevokesigninsessionsresponseContentApplicationJsonSchema + $responseType.Value= $response + $responseType + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraUserAllRefreshToken.ps1 b/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraUserAllRefreshToken.ps1 new file mode 100644 index 0000000000..a3643f5a1a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Authentication/Revoke-EntraUserAllRefreshToken.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Revoke-EntraUserAllRefreshToken { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Revoke-MgUserSignInSession @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..7bd4691d83 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.ps1 @@ -0,0 +1,37 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + $Uri = "/v1.0/directory/administrativeUnits/$($params.AdministrativeUnitId)/members/" + '$ref' + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + Invoke-GraphRequest -Headers $customHeaders -Uri $Uri -Method "POST" -Body $Value + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..e2063fff92 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,51 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsActive, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["Id"]) { + $body["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["IsActive"]) { + $body["IsActive"] = $PSBoundParameters["IsActive"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$CustomSecurityAttributeDefinitionId/allowedValues" + $Method = "POST" + $response = Invoke-GraphRequest -Uri $Uri -Method $Method -Body $body -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + if($response) + { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAllowedValue + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..9c3aefb01c --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDeviceRegisteredOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..b49dc25c92 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDeviceRegisteredUserByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..c387fee134 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue" + $params["OdataId"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDirectoryRoleMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraScopedRoleMembership.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraScopedRoleMembership.ps1 new file mode 100644 index 0000000000..d334e16f05 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Add-EntraScopedRoleMembership.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $RoleObjectId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.MsRoleMemberInfo] $RoleMemberInfo + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + $Uri = "/v1.0/directory/administrativeUnits/$($params.AdministrativeUnitId)/scopedRoleMembers" + } + if($null -ne $PSBoundParameters["RoleObjectId"]) + { + $params["RoleId"] = $PSBoundParameters["RoleObjectId"] + $body.roleId = $PSBoundParameters["RoleObjectId"]; + } + if($null -ne $PSBoundParameters["RoleMemberInfo"]) + { + $TmpValue = $PSBoundParameters["RoleMemberInfo"] + $Value = @{ + id = ($TmpValue).Id + } + $params["RoleMemberInfo"] = $Value | ConvertTo-Json + $body.roleMemberInfo = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $Uri -Method "POST" -Body $body + $response = $response | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name AdministrativeUnitObjectId -Value AdministrativeUnitId + Add-Member -InputObject $_ -MemberType AliasProperty -Name RoleObjectId -Value RoleId + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + + $memberList = @() + foreach($data in $response){ + $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphScopedRoleMembership + if (-not ($data -is [psobject])) { + $data = [pscustomobject]@{ Value = $data } + } + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $memberList += $memberType + } + $memberList + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Confirm-EntraDomain.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Confirm-EntraDomain.ps1 new file mode 100644 index 0000000000..5e452b401a --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Confirm-EntraDomain.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Confirm-EntraDomain { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CrossCloudVerificationCodeBody] $CrossCloudVerificationCode + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["CrossCloudVerificationCode"]) + { + $params["CrossCloudVerificationCode"] = $PSBoundParameters["CrossCloudVerificationCode"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Confirm-MgDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..7180c0cd1f --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Set-AzureADDomain -Value Set-EntraDomain -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRole -Value Get-EntraDirectoryRole -Scope Global -Force + Set-Alias -Name Remove-AzureADDirectoryRoleMember -Value Remove-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Get-AzureADDomainVerificationDnsRecord -Value Get-EntraDomainVerificationDnsRecord -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredUser -Value Remove-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Get-AzureADContact -Value Get-EntraContact -Scope Global -Force + Set-Alias -Name Get-AzureADContactDirectReport -Value Get-EntraContactDirectReport -Scope Global -Force + Set-Alias -Name Confirm-AzureADDomain -Value Confirm-EntraDomain -Scope Global -Force + Set-Alias -Name Get-AzureADContactMembership -Value Get-EntraContactMembership -Scope Global -Force + Set-Alias -Name Get-AzureADDomainNameReference -Value Get-EntraDomainNameReference -Scope Global -Force + Set-Alias -Name Remove-AzureADMSAdministrativeUnit -Value Remove-EntraAdministrativeUnit -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredOwner -Value Remove-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedDirectoryObject -Value Get-EntraDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name Remove-AzureADMSAdministrativeUnitMember -Value Remove-EntraAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Enable-AzureADDirectoryRole -Value Enable-EntraDirectoryRole -Scope Global -Force + Set-Alias -Name Get-AzureADTenantDetail -Value Get-EntraTenantDetail -Scope Global -Force + Set-Alias -Name Add-AzureADDirectoryRoleMember -Value Add-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Remove-AzureADDevice -Value Remove-EntraDevice -Scope Global -Force + Set-Alias -Name Get-AzureADDomain -Value Get-EntraDomain -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADSubscribedSku -Value Get-EntraSubscribedSku -Scope Global -Force + Set-Alias -Name Get-AzureADExtensionProperty -Value Get-EntraExtensionProperty -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredOwner -Value Get-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredUser -Value Get-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredUser -Value Add-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredOwner -Value Add-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADContract -Value Get-EntraContract -Scope Global -Force + Set-Alias -Name Get-AzureADContactManager -Value Get-EntraContactManager -Scope Global -Force + Set-Alias -Name New-AzureADDomain -Value New-EntraDomain -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleMember -Value Get-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleTemplate -Value Get-EntraDirectoryRoleTemplate -Scope Global -Force + Set-Alias -Name Set-AzureADDevice -Value Set-EntraDevice -Scope Global -Force + Set-Alias -Name Remove-AzureADMSScopedRoleMembership -Value Remove-EntraScopedRoleMembership -Scope Global -Force + Set-Alias -Name Get-AzureADDomainServiceConfigurationRecord -Value Get-EntraDomainServiceConfigurationRecord -Scope Global -Force + Set-Alias -Name Get-AzureADDevice -Value Get-EntraDevice -Scope Global -Force + Set-Alias -Name Get-AzureADObjectByObjectId -Value Get-EntraObjectByObjectId -Scope Global -Force + Set-Alias -Name Remove-AzureADContact -Value Remove-EntraContact -Scope Global -Force + Set-Alias -Name New-AzureADDevice -Value New-EntraDevice -Scope Global -Force + Set-Alias -Name Set-AzureADTenantDetail -Value Set-EntraTenantDetail -Scope Global -Force + Set-Alias -Name Remove-AzureADDomain -Value Remove-EntraDomain -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-EntraRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Add-EntraCustomSecurityAttributeDefinitionAllowedValues -Value Add-EntraCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraDirectoryRole.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraDirectoryRole.ps1 new file mode 100644 index 0000000000..bd1cbeb9b1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Enable-EntraDirectoryRole.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraDirectoryRole { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $RoleTemplateId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["RoleTemplateId"]) + { + $params["RoleTemplateId"] = $PSBoundParameters["RoleTemplateId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDirectoryRole @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAccountSku.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAccountSku.ps1 new file mode 100644 index 0000000000..dd1489717b --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAccountSku.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAccountSku { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgSubscribedSku @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name ActiveUnits -Value $_.PrepaidUnits.Enabled + Add-Member -InputObject $_ -MemberType NoteProperty -Name LockedOutUnits -Value $_.PrepaidUnits.LockedOut + Add-Member -InputObject $_ -MemberType NoteProperty -Name SuspendedUnits -Value $_.PrepaidUnits.Suspended + Add-Member -InputObject $_ -MemberType NoteProperty -Name WarningUnits -Value $_.PrepaidUnits.Warning + Add-Member -InputObject $_ -MemberType NoteProperty -Name AccountObjectId -Value $_.AccountId + Add-Member -InputObject $_ -MemberType NoteProperty -Name TargetClass -Value $_.AppliesTo + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnit.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnit.ps1 new file mode 100644 index 0000000000..7a1c4671b8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnit.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias("ObjectId")] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "/v1.0/directory/administrativeUnits" + $properties = '$select=*' + $params["Uri"] = "$baseUri/?$properties" + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + $params["Uri"] = "$baseUri/$($params.AdministrativeUnitId)?$properties" + } + if ($PSBoundParameters.ContainsKey("Top")) { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $params["Uri"] += "&`$top=999" + } + else { + $params["Uri"] += "&`$top=$topCount" + } + } + if ($null -ne $PSBoundParameters["Filter"]) { + $Filter = $PSBoundParameters["Filter"] + $f = '$' + 'Filter' + $params["Uri"] += "&$f=$Filter" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } + catch {} + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimeStamp -Value deletedDateTime + } + } + + if ($data) { + $aulist = @() + foreach ($item in $data) { + $auType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAdministrativeUnit + $item.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $auType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $aulist += $auType + } + $aulist + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..89630226bf --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All + ) + + PROCESS { + $params = @{} + $topCount = $null + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "/v1.0/directory/administrativeUnits/$AdministrativeUnitId/members?`$select=*" + $params["Uri"] = "$baseUri" + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($PSBoundParameters.ContainsKey("Top")) { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $minTop = 999 + $params["Uri"] += "&`$top=999" + } + else { + $params["Uri"] += "&`$top=$topCount" + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + if ($minTop) { + $params["Uri"] = $params["Uri"].Replace("`$top=$minTop", "`$top=$topValue") + } + else { + $params["Uri"] = $params["Uri"].Replace("`$top=$topCount", "`$top=$topValue") + } + $increment -= $topValue + } + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } + catch {} + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if ($data) { + $memberList = @() + foreach ($response in $data) { + $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + if (-not ($response -is [psobject])) { + $response = [pscustomobject]@{ Value = $response } + } + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $memberList += $memberType + } + $memberList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAttributeSet.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAttributeSet.ps1 new file mode 100644 index 0000000000..38714ba526 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraAttributeSet.ps1 @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $AttributeSetId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/attributeSets/" + $params["Method"] = "GET" + if ($null -ne $PSBoundParameters["AttributeSetId"]) { + $params["Uri"] += $AttributeSetId + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } + catch {} + if($response) + { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContact.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContact.ps1 new file mode 100644 index 0000000000..6ef166f77f --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContact.ps1 @@ -0,0 +1,121 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContact { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{OrgContactId = "Id"} + if($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContact @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value Phones + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value ServiceProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value Phones + $propsToConvert = @('Addresses','Manager','Phones') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactDirectReport.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactDirectReport.ps1 new file mode 100644 index 0000000000..201b03aabe --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactDirectReport.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContactDirectReport { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContactDirectReport @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactManager.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactManager.ps1 new file mode 100644 index 0000000000..29d169c64e --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactManager.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContactManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContactManager @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactMembership.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactMembership.ps1 new file mode 100644 index 0000000000..c9f663a339 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContactMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContactMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContactMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContract.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContract.ps1 new file mode 100644 index 0000000000..9328331cd6 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraContract.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContract { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ContractId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{ObjectId = "Id"} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ContractId"]) + { + $params["ContractId"] = $PSBoundParameters["ContractId"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContract @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..9076df84fc --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $Method = "GET" + $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/" + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["Id"]) { + $Uri += $Id + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Uri $Uri -Method $Method -Headers $customHeaders) | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } + catch {} + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCustomSecurityAttributeDefinition + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}function Restore-EntraDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $AutoReconcileProxyConflict + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = 'https://graph.microsoft.com/v1.0/directory/deletedItems/' + $params["Method"] = "POST" + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] += $Id+"/microsoft.graph.restore" + } + if($PSBoundParameters.ContainsKey("AutoReconcileProxyConflict")) + { + $params["Body"] = @{ + autoReconcileProxyConflict = $true + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $data | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $userList = @() + foreach ($res in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..c4323c75f9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + $params = @{} + $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$CustomSecurityAttributeDefinitionId/allowedValues/" + $params["Method"] = "GET" + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["Id"]) { + $params["Uri"] += $Id + } + if ($null -ne $PSBoundParameters["Filter"]) { + $params["Uri"] += '?$filter=' + $Filter + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest @params -Headers $customHeaders) | ConvertTo-Json -Depth 5 | ConvertFrom-Json + try { + $response = $response.value + } + catch {} + if($response) + { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAllowedValue + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.ps1 new file mode 100644 index 0000000000..5b13f93cdc --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryObjectId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DirectoryObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["DirectoryObjectId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDevice.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDevice.ps1 new file mode 100644 index 0000000000..80895c241e --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDevice.ps1 @@ -0,0 +1,138 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ApproximateLastLogonTimestamp -Value ApproximateLastSignInDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DevicePhysicalIds -Value PhysicalIds + Add-Member -InputObject $_ -MemberType AliasProperty -Name ComplianceExpiryTime -Value ComplianceExpirationDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceOSVersion -Value OperatingSystemVersion + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceOSType -Value OperatingSystem + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceTrustType -Value TrustType + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceObjectVersion -Value DeviceVersion + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..cc5ebacb12 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.ps1 @@ -0,0 +1,79 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/devices' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + $URI = "$baseUri/$($params.DeviceId)/registeredOwners?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.DeviceId)/registeredOwners?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.DeviceId)/registeredOwners?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..62b510ae77 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.ps1 @@ -0,0 +1,79 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/devices' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + $URI = "$baseUri/$($params.DeviceId)/registeredUsers?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.DeviceId)/registeredUsers?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.DeviceId)/registeredUsers?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.ps1 new file mode 100644 index 0000000000..526feed0cd --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.ps1 @@ -0,0 +1,71 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirSyncConfiguration { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw "TenantId must be of type [System.Guid]." } })][System.guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["OnPremisesDirectorySynchronizationId"] = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = ((Get-MgDirectoryOnPremiseSynchronization @params -Headers $customHeaders).configuration | Select-Object -Property AccidentalDeletionPrevention).AccidentalDeletionPrevention + # Create a custom table + $customTable = [PSCustomObject]@{ + "AccidentalDeletionThreshold" = $response.AlertThreshold + "DeletionPreventionType" = $response.SynchronizationPreventionType + } + $customTable + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncFeature.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncFeature.ps1 new file mode 100644 index 0000000000..0d767d67e0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirSyncFeature.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirSyncFeature { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String]$Feature + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Feature"]) { + $Feature = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["OnPremisesDirectorySynchronizationId"] = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $jsonData = Get-MgDirectoryOnPremiseSynchronization @params -Headers $customHeaders | ConvertTo-Json + $object = ConvertFrom-Json $jsonData + $table =@() + foreach ($featureName in $object.Features.PSObject.Properties.Name) { + $row = New-Object PSObject -Property @{ + 'DirSyncFeature' = $featureName -replace "Enabled", "" + 'Enabled' = $object.Features.$featureName + } + $table += $row + } + if([string]::IsNullOrWhiteSpace($Feature)) { + $table | Format-Table -AutoSize + } + else { + $output = $table | Where-Object {$_.dirsyncFeature -eq $Feature} + if($null -eq $output) { + Write-Error "Get-EntraDirSyncfeature : Invalid value for parameter. Parameter Name: Feature." + } + else { + $output + } + } + } + }# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 new file mode 100644 index 0000000000..245e90f10f --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 @@ -0,0 +1,46 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryObjectOnPremisesProvisioningError { + [CmdletBinding(DefaultParameterSetName = 'GetById')] + [OutputType([System.Object])] + param ( + [Parameter(ParameterSetName = 'GetById')] + [ValidateNotNullOrEmpty()] + [ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw 'TenantId must be of type [System.Guid].' } })] + [System.Guid] $TenantId + ) + begin { } + + process { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters['TenantId']) { + $params['TenantId'] = $PSBoundParameters['TenantId'] + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $Object = @('users', 'groups', 'contacts') + $response = @() + + try { + foreach ($obj in $object) { + $obj = ($obj | Out-String).TrimEnd() + $uri = 'https://graph.microsoft.com/v1.0/' + $obj + '?$select=onPremisesProvisioningErrors' + $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors + } + } catch { + Write-Error $_.Exception.Message + } + } + + end { + if ([string]::IsNullOrWhiteSpace($response)) { + Write-Output 'False' + } else { + $response + } + } +} diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRole.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRole.ps1 new file mode 100644 index 0000000000..1948552233 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRole.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryRole { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{ObjectId = "Id"} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryRole @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..b9a13d4dd4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/v1.0/directoryRoles' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + $URI = "$baseUri/$($params.DirectoryRoleId)/members?$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value ServiceProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value businessPhones + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.ps1 new file mode 100644 index 0000000000..2c6d9a4dc3 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryRoleTemplate { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryRoleTemplate @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomain.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomain.ps1 new file mode 100644 index 0000000000..0f274b828e --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomain.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDomain { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value Id + $propsToConvert = @('State') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + + $response + } + +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainFederationSettings.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainFederationSettings.ps1 new file mode 100644 index 0000000000..b977f3bab3 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainFederationSettings.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDomainFederationSettings { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param( + [Parameter(Mandatory=$true,Position=0,ValueFromPipelineByPropertyName=$true)][string]$DomainName, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw "TenantId must be of type [System.Guid]." } })][System.guid] $TenantId + ) + process { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("TenantId")) { + $params["TenantId"] = $TenantId + } + if ($PSBoundParameters.ContainsKey("DomainName")) { + $params["DomainId"] = $DomainName + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgDomainFederationConfiguration -Headers $customHeaders -DomainId $params["DomainId"] | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $customTable = [PSCustomObject]@{ + "ActiveLogOnUri" = $response.ActiveSignInUri + #"DefaultInteractiveAuthenticationMethod" = $response. + "FederationBrandName" = $response.DisplayName + "IssuerUri" = $response.IssuerUri + "LogOffUri" = $response.SignOutUri + "MetadataExchangeUri" = $response.MetadataExchangeUri + "NextSigningCertificate" = $response.NextSigningCertificate + #"OpenIdConnectDiscoveryEndpoint" = $response. + "PassiveLogOnUri" = $response.PassiveSignInUri + #"PasswordChangeUri" = $response. + #"PasswordResetUri" = $response. + "PreferredAuthenticationProtocol" = $response.PreferredAuthenticationProtocol + "PromptLoginBehavior" = $response.PromptLoginBehavior + "SigningCertificate" = $response.SigningCertificate + "SigningCertificateUpdateStatus" = $response.SigningCertificateUpdateStatus + #"SupportsMfa" = $response. + } + $customTable + + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainNameReference.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainNameReference.ps1 new file mode 100644 index 0000000000..03a2ee898f --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainNameReference.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDomainNameReference { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/v1.0/domains' + $properties = '$select=*' + $Method = "GET" + $keysChanged = @{ObjectId = "Id"} + if($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + $URI = "$baseUri/$($params.DomainId)/domainNameReferences?$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value deletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value onPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value businessPhones + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value externalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value externalUserStateChangeDate + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.ps1 new file mode 100644 index 0000000000..22520b34d7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDomainServiceConfigurationRecord { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDomainServiceConfigurationRecord @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name DnsRecordId -Value Id + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.ps1 new file mode 100644 index 0000000000..2fb8bf249d --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDomainVerificationDnsRecord { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDomainVerificationDnsRecord @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name DnsRecordId -Value Id + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraExtensionProperty.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraExtensionProperty.ps1 new file mode 100644 index 0000000000..2bf29bae9a --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraExtensionProperty.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraExtensionProperty { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsSyncedFromOnPremises + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["IsSyncedFromOnPremises"]) + { + $params["IsSyncedFromOnPremises"] = $PSBoundParameters["IsSyncedFromOnPremises"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryObjectAvailableExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraFederationProperty.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraFederationProperty.ps1 new file mode 100644 index 0000000000..7e2501fe98 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraFederationProperty.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraFederationProperty { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][System.String] $DomainName, + [Parameter(ParameterSetName = "GetQuery", Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][Switch] $SupportMultipleDomain + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DomainName"]) { + $params["DomainId"] = $PSBoundParameters["DomainName"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgDomainFederationConfiguration @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ActiveClientSignInUrl -Value ActiveSignInUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationServiceDisplayName -Value DisplayName + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationServiceIdentifier -Value IssuerUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationMetadataUrl -Value MetadataExchangeUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name PassiveClientSignInUrl -Value PassiveSignInUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name PassiveClientSignOutUrl -Value SignOutUri + } + } + $response + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraObjectByObjectId.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraObjectByObjectId.ps1 new file mode 100644 index 0000000000..7f635f2e2d --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraObjectByObjectId.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraObjectByObjectId { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Types, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[System.String]] $ObjectIds, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + $URI = 'https://graph.microsoft.com/v1.0/directoryObjects/microsoft.graph.getByIds?$select=*' + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $URI = "https://graph.microsoft.com/v1.0/directoryObjects/microsoft.graph.getByIds?$properties" + } + if($null -ne $PSBoundParameters["Types"]) + { + $body["Types"] = $PSBoundParameters["Types"] + } + if($null -ne $PSBoundParameters["ObjectIds"]) + { + $body["Ids"] = $PSBoundParameters["ObjectIds"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Uri $URI -Method POST -Body $body -Headers $customHeaders | ConvertTo-Json -depth 10 | ConvertFrom-Json + try { + $response = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + catch {} + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPartnerInformation.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPartnerInformation.ps1 new file mode 100644 index 0000000000..cecc0cec27 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPartnerInformation.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraPartnerInformation { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["TenantID"] = $PSBoundParameters["TenantId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $TenantID = ((invoke-mggraphrequest -Method GET -Uri "https://graph.microsoft.com/v1.0/organization").value).id + } + $response = invoke-mggraphrequest -Headers $customHeaders -Method GET -Uri "https://graph.microsoft.com/v1.0/organization/$TenantID/partnerInformation" + # Create a custom table + $customTable = [PSCustomObject]@{ + "PartnerCompanyName" = $response.companyName + "companyType" = $response.companyType + "PartnerSupportTelephones" = $response.supportTelephones + "PartnerSupportEmails" = $response.supportEmails + "PartnerHelpUrl" = $response.helpUrl + "PartnerCommerceUrl" = $response.commerceUrl + "PartnerSupportUrl" = $response.supportUrl + "ObjectID" = $response.partnerTenantId + } + $customTable + } + }# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPasswordPolicy.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPasswordPolicy.ps1 new file mode 100644 index 0000000000..bdbd0122a9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraPasswordPolicy.ps1 @@ -0,0 +1,71 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraPasswordPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $DomainName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DomainName"]) { + $params["DomainId"] = $PSBoundParameters["DomainName"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgDomain @params -Headers $customHeaders + # Create a custom table + $customTable = [PSCustomObject]@{ + "NotificationDays" = $response.PasswordNotificationWindowInDays + "ValidityPeriod" = $response.PasswordValidityPeriodInDays + } + $customTable + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraScopedRoleMembership.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraScopedRoleMembership.ps1 new file mode 100644 index 0000000000..b01f1052eb --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraScopedRoleMembership.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ScopedRoleMembershipId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $isList = $false + $baseUri = "https://graph.microsoft.com/v1.0/directory/administrativeUnits" + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + $uri = $baseUri + "/$($params.AdministrativeUnitId)/scopedRoleMembers" + $params["Uri"] = $uri + $isList = $true + } + if($null -ne $PSBoundParameters["ScopedRoleMembershipId"]) + { + $isList = $false + $params["ScopedRoleMembershipId"] = $PSBoundParameters["ScopedRoleMembershipId"] + $uri = $uri + "/$($params.ScopedRoleMembershipId)" + $params["Uri"] = $uri + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + $response = (Invoke-GraphRequest -Uri $uri -Headers $customHeaders -Method GET) | ConvertTo-Json -Depth 5 | ConvertFrom-Json + if($isList){ + $response = $response.value + } + + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name AdministrativeUnitObjectId -Value AdministrativeUnitId + Add-Member -InputObject $_ -MemberType AliasProperty -Name RoleObjectId -Value RoleId + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + + $memberList = @() + foreach($data in $response){ + $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphScopedRoleMembership + if (-not ($data -is [psobject])) { + $data = [pscustomobject]@{ Value = $data } + } + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $memberList += $memberType + } + $memberList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraSubscribedSku.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraSubscribedSku.ps1 new file mode 100644 index 0000000000..93244d40ea --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraSubscribedSku.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraSubscribedSku { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SubscribedSkuId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["SubscribedSkuId"]) + { + $params["SubscribedSkuId"] = $PSBoundParameters["SubscribedSkuId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgSubscribedSku @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('PrepaidUnits') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraTenantDetail.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraTenantDetail.ps1 new file mode 100644 index 0000000000..8882e1bc99 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraTenantDetail.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraTenantDetail { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgOrganization @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name CompanyLastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + $propsToConvert = @('AssignedPlans','ProvisionedPlans','VerifiedDomains','PrivacyProfile') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUserAuthenticationMethod.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUserAuthenticationMethod.ps1 new file mode 100644 index 0000000000..f06128c377 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Get-EntraUserAuthenticationMethod.ps1 @@ -0,0 +1,57 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserAuthenticationMethod { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Enter the User ID (ObjectId or UserPrincipalName) of the user whose authentication requirements you want to update.")] + [Alias("ObjectId")] + [System.String] $UserId + ) + + PROCESS { + try { + # Initialize headers and URI + $params = @{ } + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserId"]) { + $params["UserId"] = $PSBoundParameters["UserId"] + } + + $params["Url"] = "https://graph.microsoft.com/v1.0/users/$($params.UserId)/authentication/methods" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + # Make the API call + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.Url -Method GET + + if ($response.ContainsKey('value')) { + $response = $response.value + } + + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $authMethodList = @() + foreach ($res in $data) { + $authMethodType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAuthenticationMethod + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $authMethodType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $authMethodType | Add-Member -MemberType AliasProperty -Name AuthenticationMethodType -Value '@odata.type' + $authMethodList += $authMethodType + } + + return $authMethodList + } + catch { + Write-Error "An error occurred while retrieving user authentication methods: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAdministrativeUnit.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAdministrativeUnit.ps1 new file mode 100644 index 0000000000..cc89ffe44b --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAdministrativeUnit.ps1 @@ -0,0 +1,51 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + $body["Description"] = $PSBoundParameters["Description"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + $uri = "/v1.0/directory/administrativeUnits" + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method POST -Body $body + $response = $response | ConvertTo-Json | ConvertFrom-Json + $auList = @() + foreach($data in $response){ + $auType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAdministrativeUnit + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $auType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $auList += $auType + } + $auList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAttributeSet.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAttributeSet.ps1 new file mode 100644 index 0000000000..7e8b6bd707 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraAttributeSet.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Alias("Id")] + [System.String] $AttributeSetId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $MaxAttributesPerSet + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/attributeSets" + $params["Method"] = "POST" + + if ($null -ne $PSBoundParameters["AttributeSetId"]) { + $body["id"] = $PSBoundParameters["AttributeSetId"] + } + if ($null -ne $PSBoundParameters["Description"]) { + $body["description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["MaxAttributesPerSet"]) { + $body["maxAttributesPerSet"] = $PSBoundParameters["MaxAttributesPerSet"] + } + $params["Body"] = $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + if ($response) { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..3594a208f6 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.DirectoryManagement | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..7c13174761 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'NewCustomSecurityAttributeDefinition')] + param ( + [Parameter()] + [System.String] $Description, + [Parameter(Mandatory = $true)] + [System.String] $Name, + [Parameter(Mandatory = $true)] + [System.String] $AttributeSet, + [Parameter(Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $UsePreDefinedValuesOnly, + [Parameter(Mandatory = $true)] + [System.String] $Type, + [Parameter(Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsCollection, + [Parameter(Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsSearchable, + [Parameter(Mandatory = $true)] + [System.String] $Status + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions" + $Method = "POST" + + if($null -ne $PSBoundParameters["AttributeSet"]) + { + $body["attributeSet"] = $PSBoundParameters["AttributeSet"] + } + if($null -ne $PSBoundParameters["Description"]) + { + $body["description"] = $PSBoundParameters["Description"] + } + if($null -ne $PSBoundParameters["IsCollection"]) + { + $body["isCollection"] = $PSBoundParameters["IsCollection"] + } + if($null -ne $PSBoundParameters["IsSearchable"]) + { + $body["isSearchable"] = $PSBoundParameters["IsSearchable"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["name"] = $PSBoundParameters["Name"] + } + if($null -ne $PSBoundParameters["Status"]) + { + $body["status"] = $PSBoundParameters["Status"] + } + if($null -ne $PSBoundParameters["Type"]) + { + $body["type"] = $PSBoundParameters["Type"] + } + if($null -ne $PSBoundParameters["UsePreDefinedValuesOnly"]) + { + $body["usePreDefinedValuesOnly"] = $PSBoundParameters["UsePreDefinedValuesOnly"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $type= [Microsoft.Graph.PowerShell.Models.MicrosoftGraphCustomSecurityAttributeDefinition] + $response = Invoke-GraphRequest -Uri $Uri -Method $Method -Body $body -Headers $customHeaders | ConvertTo-Json -Depth 20 | ConvertFrom-Json + $targetList = @() + foreach ($item in $response) { + $targetObject = [Activator]::CreateInstance($type) + foreach ($property in $item.PSObject.Properties) { + if ($targetObject.PSObject.Properties[$property.Name]) { + $targetObject.PSObject.Properties[$property.Name].Value = $property.Value + } + } + $targetList += $targetObject + } + $targetList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDevice.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDevice.ps1 new file mode 100644 index 0000000000..3772708fff --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDevice.ps1 @@ -0,0 +1,182 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraDevice { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $DevicePhysicalIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId]] $AlternativeSecurityIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceTrustType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceMetadata, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SystemLabels, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ProfileType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsManaged, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceOSVersion, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceOSType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompliant, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.DateTime]] $ApproximateLastLogonTimeStamp, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $DeviceObjectVersion + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["DevicePhysicalIds"]) + { + $params["DevicePhysicalIds"] = $PSBoundParameters["DevicePhysicalIds"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["AlternativeSecurityIds"]) + { + $params["AlternativeSecurityIds"] = $PSBoundParameters["AlternativeSecurityIds"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["DeviceTrustType"]) + { + $params["DeviceTrustType"] = $PSBoundParameters["DeviceTrustType"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceMetadata"]) + { + $params["DeviceMetadata"] = $PSBoundParameters["DeviceMetadata"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["SystemLabels"]) + { + $params["SystemLabels"] = $PSBoundParameters["SystemLabels"] + } + if ($null -ne $PSBoundParameters["ProfileType"]) + { + $params["ProfileType"] = $PSBoundParameters["ProfileType"] + } + if ($null -ne $PSBoundParameters["IsManaged"]) + { + $params["IsManaged"] = $PSBoundParameters["IsManaged"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["DeviceOSVersion"]) + { + $params["DeviceOSVersion"] = $PSBoundParameters["DeviceOSVersion"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["DeviceOSType"]) + { + $params["DeviceOSType"] = $PSBoundParameters["DeviceOSType"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["IsCompliant"]) + { + $params["IsCompliant"] = $PSBoundParameters["IsCompliant"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["ApproximateLastLogonTimeStamp"]) + { + $params["ApproximateLastLogonTimeStamp"] = $PSBoundParameters["ApproximateLastLogonTimeStamp"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if ($null -ne $PSBoundParameters["DeviceObjectVersion"]) + { + $params["DeviceObjectVersion"] = $PSBoundParameters["DeviceObjectVersion"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDomain.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDomain.ps1 new file mode 100644 index 0000000000..203eee97d1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/New-EntraDomain.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraDomain { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefault, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SupportedServices, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefaultForCloudRedirections + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["IsDefault"]) + { + $params["IsDefault"] = $PSBoundParameters["IsDefault"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["SupportedServices"]) + { + $params["SupportedServices"] = $PSBoundParameters["SupportedServices"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["Id"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["IsDefaultForCloudRedirections"]) + { + $params["IsDefaultForCloudRedirections"] = $PSBoundParameters["IsDefaultForCloudRedirections"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.ps1 new file mode 100644 index 0000000000..680367605a --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.ps1 @@ -0,0 +1,37 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $uri = "/v1.0/directory/administrativeUnits/$($params.AdministrativeUnitId)" + $params["Uri"] = $uri + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method DELETE + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..bc070f282a --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $uri = "/v1.0/directory/administrativeUnits/$AdministrativeUnitId/members/$MemberId/`$ref" + $params["Uri"] = $uri + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method DELETE + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraContact.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraContact.ps1 new file mode 100644 index 0000000000..712df911e7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraContact.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraContact { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgContact @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDevice.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDevice.ps1 new file mode 100644 index 0000000000..98958e7c0b --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDevice.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDevice { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..f844392df8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDeviceRegisteredOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..b80193caed --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["UserId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDeviceRegisteredUserByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..1199394718 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDirectoryRoleMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDomain.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDomain.ps1 new file mode 100644 index 0000000000..822f466e26 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraDomain.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDomain { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.ps1 new file mode 100644 index 0000000000..00d796052b --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ScopedRoleMembershipId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($null -ne $PSBoundParameters["ScopedRoleMembershipId"]) + { + $params["ScopedRoleMembershipId"] = $PSBoundParameters["ScopedRoleMembershipId"] + } + + $uri = "/v1.0/directory/administrativeUnits/$($params.AdministrativeUnitId)/scopedRoleMembers/$($params.ScopedRoleMembershipId)" + $params["Uri"] = $uri + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method DELETE + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.ps1 new file mode 100644 index 0000000000..bcef60d8a7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + + + +function Restore-EntraDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $AutoReconcileProxyConflict + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = 'https://graph.microsoft.com/v1.0/directory/deletedItems/' + $params["Method"] = "POST" + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] += $Id+"/microsoft.graph.restore" + } + if($PSBoundParameters.ContainsKey("AutoReconcileProxyConflict")) + { + $params["Body"] = @{ + autoReconcileProxyConflict = $true + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $data | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $userList = @() + foreach ($res in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +}# ------------------------------------------------------------------------------ \ No newline at end of file diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAdministrativeUnit.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAdministrativeUnit.ps1 new file mode 100644 index 0000000000..bd805fa8b7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAdministrativeUnit.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + + + +function Set-EntraAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + $body["Description"] = $PSBoundParameters["Description"] + } + + $uri = "/v1.0/directory/administrativeUnits/$($params.AdministrativeUnitId)" + $params["Uri"] = $uri + + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method PATCH -Body $body + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAttributeSet.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAttributeSet.ps1 new file mode 100644 index 0000000000..10eb598c95 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraAttributeSet.ps1 @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Alias("Id")] + [System.String] $AttributeSetId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $MaxAttributesPerSet + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/directory/attributeSets/" + $params["Method"] = "PATCH" + if($null -ne $PSBoundParameters["AttributeSetId"]) + { + $params["Uri"] += $AttributeSetId + } + if($null -ne $PSBoundParameters["Description"]) + { + $body["description"] = $PSBoundParameters["Description"] + } + if($null -ne $PSBoundParameters["MaxAttributesPerSet"]) + { + $body["maxAttributesPerSet"] = $PSBoundParameters["MaxAttributesPerSet"] + } + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..f5f381e76c --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,50 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $UsePreDefinedValuesOnly, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Status + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$Id" + $Method = "PATCH" + + if($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["Description"]) + { + $body["description"] = $PSBoundParameters["Description"] + } + if($null -ne $PSBoundParameters["UsePreDefinedValuesOnly"]) + { + $body["usePreDefinedValuesOnly"] = $PSBoundParameters["UsePreDefinedValuesOnly"] + } + if($null -ne $PSBoundParameters["Status"]) + { + $body["status"] = $PSBoundParameters["Status"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Uri $Uri -Method $Method -Body $body -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..e8f5f16bcb --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,46 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsActive, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + + $params = @{} + $body = @{} + + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $Uri = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$CustomSecurityAttributeDefinitionId/allowedValues/$Id" + $Method = "PATCH" + + if($null -ne $PSBoundParameters["CustomSecurityAttributeDefinitionId"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["CustomSecurityAttributeDefinitionId"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["IsActive"]) + { + $body["IsActive"] = $PSBoundParameters["IsActive"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Uri $Uri -Method $Method -Body $body -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDevice.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDevice.ps1 new file mode 100644 index 0000000000..1f40091ff8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDevice.ps1 @@ -0,0 +1,185 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDevice { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $DeviceObjectVersion, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceOSVersion, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId]] $AlternativeSecurityIds, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.DateTime]] $ApproximateLastLogonTimeStamp, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $DevicePhysicalIds, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompliant, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceTrustType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsManaged, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ProfileType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceOSType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceMetadata, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceObjectId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SystemLabels + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["DeviceObjectVersion"]) + { + $params["DeviceVersion"] = $PSBoundParameters["DeviceObjectVersion"] + } + if($null -ne $PSBoundParameters["DeviceOSVersion"]) + { + $params["OperatingSystemVersion"] = $PSBoundParameters["DeviceOSVersion"] + } + if($null -ne $PSBoundParameters["AlternativeSecurityIds"]) + { + $TmpValue = $PSBoundParameters["AlternativeSecurityIds"] + $key = [System.Text.Encoding]::UTF8.GetString($TmpValue.key) + $Temp = @{ + alternativeSecurityIds = @( + @{ + type = $TmpValue.type + key = [System.Text.Encoding]::ASCII.GetBytes($key) + } + ) + } + $Value = $Temp + $params["BodyParameter"] = $Value + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId1"] = $PSBoundParameters["DeviceId"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ApproximateLastLogonTimeStamp"]) + { + $params["ApproximateLastSignInDateTime"] = $PSBoundParameters["ApproximateLastLogonTimeStamp"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["DevicePhysicalIds"]) + { + $params["PhysicalIds"] = $PSBoundParameters["DevicePhysicalIds"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["IsCompliant"]) + { + $params["IsCompliant"] = $PSBoundParameters["IsCompliant"] + } + if($null -ne $PSBoundParameters["DeviceTrustType"]) + { + $params["TrustType"] = $PSBoundParameters["DeviceTrustType"] + } + if($null -ne $PSBoundParameters["IsManaged"]) + { + $params["IsManaged"] = $PSBoundParameters["IsManaged"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["ProfileType"]) + { + $params["ProfileType"] = $PSBoundParameters["ProfileType"] + } + if($null -ne $PSBoundParameters["DeviceOSType"]) + { + $params["OperatingSystem"] = $PSBoundParameters["DeviceOSType"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["DeviceMetadata"]) + { + $params["DeviceMetadata"] = $PSBoundParameters["DeviceMetadata"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["DeviceObjectId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceObjectId"] + } + if($null -ne $PSBoundParameters["SystemLabels"]) + { + $params["SystemLabels"] = $PSBoundParameters["SystemLabels"] + } + if($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.ps1 new file mode 100644 index 0000000000..690b8eae82 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDirSyncConfiguration { + [CmdletBinding(DefaultParameterSetName = 'SetAccidentalDeletionThreshold')] + param ( + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true, Mandatory = $true)][System.UInt32] $AccidentalDeletionThreshold, + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [switch] $Force + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AccidentalDeletionThreshold"]) { + $AccidentalDeletionThreshold = $PSBoundParameters["AccidentalDeletionThreshold"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $TenantId = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if ($Force) { + $decision = 0 + } + else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = New-Object System.Management.Automation.Host.ChoiceDescription "&Suspend", "S" + $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Y" + $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No", "S" + $choices = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + + if ($decision -eq 0) { + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OnPremisesDirectorySynchronizationId = (Get-MgDirectoryOnPremiseSynchronization).Id + } + else { + $OnPremisesDirectorySynchronizationId = $TenantId + } + $params = @{ + configuration = @{ + accidentalDeletionPrevention = @{ + synchronizationPreventionType = "enabledForCount" + alertThreshold = $AccidentalDeletionThreshold + } + } + } + $response = Update-MgDirectoryOnPremiseSynchronization -Headers $customHeaders -OnPremisesDirectorySynchronizationId $OnPremisesDirectorySynchronizationId -BodyParameter $params + $response + } + else { + return + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncEnabled.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncEnabled.ps1 new file mode 100644 index 0000000000..f07475edb5 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncEnabled.ps1 @@ -0,0 +1,48 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDirSyncEnabled { + [CmdletBinding(DefaultParameterSetName = 'All')] + param ( + [Parameter(ParameterSetName = "All", ValueFromPipelineByPropertyName = $true, Mandatory = $true)][System.Boolean] $EnableDirsync, + [Parameter(ParameterSetName = "All", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [switch] $Force + ) + + PROCESS { + $params = @{} + $body = @{} + $OrganizationId='' + $params["Method"] = "PATCH" + $URL = "https://graph.microsoft.com/v1.0/organization/" + $TenantId + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($EnableDirsync -or (-not($EnableDirsync))) { + $body["OnPremisesSyncEnabled"] =$PSBoundParameters["EnableDirsync"] + } + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OrganizationId = ((invoke-mggraphrequest -Method GET -Uri "https://graph.microsoft.com/v1.0/directory/onPremisesSynchronization/").value).id + $URL = "https://graph.microsoft.com/v1.0/organization/" + $OrganizationId + } + + $params["Uri"] = $URL + $params["Body"] = $body + + if ($Force) { + $decision = 0 + } + else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = New-Object System.Management.Automation.Host.ChoiceDescription "&Suspend", "S" + $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Y" + $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No", "S" + $choices = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncFeature.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncFeature.ps1 new file mode 100644 index 0000000000..be4c90efc1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDirSyncFeature.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDirSyncFeature { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", Mandatory = $true, ValueFromPipelineByPropertyName = $true)][System.String] $Feature, + [Parameter(ParameterSetName = "GetQuery", Mandatory = $true, ValueFromPipelineByPropertyName = $true)][System.Boolean] $Enabled, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipelineByPropertyName = $true)][ValidateNotNullOrEmpty()][ValidateScript({if ($_ -is [System.Guid]) { $true } else {throw "TenantId must be of type [System.Guid]."}})][System.Guid] $TenantId, + [switch] $Force + ) + PROCESS { + + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Feature"]) { + $Feature = $PSBoundParameters["Feature"] + "Enabled" + } + if ($null -ne $PSBoundParameters["Enabled"]) { + $Enabled = $PSBoundParameters["Enabled"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OnPremisesDirectorySynchronizationId = (Get-MgDirectoryOnPremiseSynchronization).Id + } + else { + $OnPremisesDirectorySynchronizationId = $TenantId + } + $body = @{ + features = @{ $Feature = $Enabled } + } + $body = $body | ConvertTo-Json + if ($Force) { + # If -Force is used, skip confirmation and proceed with the action. + $decision = 0 + } + else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = new-Object System.Management.Automation.Host.ChoiceDescription "&Suspend", "S" + $Yes = new-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Y" + $No = new-Object System.Management.Automation.Host.ChoiceDescription "&No", "N" + $choices = [System.Management.Automation.Host.ChoiceDescription[]]( $Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + if ($decision -eq 0) { + $response = Update-MgDirectoryOnPremiseSynchronization -Headers $customHeaders -OnPremisesDirectorySynchronizationId $OnPremisesDirectorySynchronizationId -BodyParameter $body + $response + } + else { + return + } + + + } + }# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomain.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomain.ps1 new file mode 100644 index 0000000000..709a9b133f --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomain.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDomain { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefault, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SupportedServices, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefaultForCloudRedirections + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["IsDefault"]) + { + $params["IsDefault"] = $PSBoundParameters["IsDefault"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["SupportedServices"]) + { + $params["SupportedServices"] = $PSBoundParameters["SupportedServices"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["IsDefaultForCloudRedirections"]) + { + $params["IsDefaultForCloudRedirections"] = $PSBoundParameters["IsDefaultForCloudRedirections"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomainFederationSettings.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomainFederationSettings.ps1 new file mode 100644 index 0000000000..d48d71e173 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraDomainFederationSettings.ps1 @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDomainFederationSettings { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param( + [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)][string]$DomainName, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$SigningCertificate, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$NextSigningCertificate, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$LogOffUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PassiveLogOnUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$ActiveLogOnUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$IssuerUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$FederationBrandName, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$MetadataExchangeUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PreferredAuthenticationProtocol, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]$SigningCertificateUpdateStatus, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PromptLoginBehavior + ) + process { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DomainName"]) + { + $params["DomainId"] = $PSBoundParameters["DomainName"] + $Id = $PSBoundParameters["DomainName"] + if($null -ne $Id) + { + $params["InternalDomainFederationId"] = (Get-MgDomainFederationConfiguration -DomainId $Id).Id + } + } + if($null -ne $PSBoundParameters["SigningCertificate"]) + { + $params["SigningCertificate"] = $PSBoundParameters["SigningCertificate"] + } + if($null -ne $PSBoundParameters["NextSigningCertificate"]) + { + $params["NextSigningCertificate"] = $PSBoundParameters["NextSigningCertificate"] + } + if($null -ne $PSBoundParameters["LogOffUri"]) + { + $params["SignOutUri"] = $PSBoundParameters["LogOffUri"] + } + if($null -ne $PSBoundParameters["PassiveLogOnUri"]) + { + $params["PassiveSignInUri"] = $PSBoundParameters["PassiveLogOnUri"] + } + if($null -ne $PSBoundParameters["ActiveLogOnUri"]) + { + $params["ActiveSignInUri"] = $PSBoundParameters["ActiveLogOnUri"] + } + if($null -ne $PSBoundParameters["IssuerUri"]) + { + $params["IssuerUri"] = $PSBoundParameters["IssuerUri"] + } + if($null -ne $PSBoundParameters["FederationBrandName"]) + { + $params["DisplayName"] = $PSBoundParameters["FederationBrandName"] + } + if($null -ne $PSBoundParameters["MetadataExchangeUri"]) + { + $params["MetadataExchangeUri"] = $PSBoundParameters["MetadataExchangeUri"] + } + if($null -ne $PSBoundParameters["PreferredAuthenticationProtocol"]) + { + $params["PreferredAuthenticationProtocol"] = $PSBoundParameters["PreferredAuthenticationProtocol"] + } + if($null -ne $PSBoundParameters["SigningCertificateUpdateStatus"]) + { + $params["SigningCertificateUpdateStatus"] = $PSBoundParameters["SigningCertificateUpdateStatus"] + } + if($null -ne $PSBoundParameters["PromptLoginBehavior"]) + { + $params["PromptLoginBehavior"] = $PSBoundParameters["PromptLoginBehavior"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $params.InternalDomainFederationId) + { + $response = Update-MgDomainFederationConfiguration @params -Headers $customHeaders + $response + } + } + } + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraPartnerInformation.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraPartnerInformation.ps1 new file mode 100644 index 0000000000..b55dc4dfeb --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraPartnerInformation.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraPartnerInformation { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter( ValueFromPipelineByPropertyName = $true)] + [System.Guid] $ObjectId, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $CompanyType, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerCommerceUrl, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerCompanyName, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerHelpUrl, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string[]] $PartnerSupportEmails, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string[]] $PartnerSupportTelephones, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerSupportUrl, + [Parameter(ValueFromPipelineByPropertyName = $true)] + [System.Guid] $TenantId + ) + + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TenantId"]) { + $body["partnerTenantId"] = $PSBoundParameters["TenantId"] + } + if ($null -ne $PSBoundParameters["CompanyType"]) { + $body["companyType"] = $PSBoundParameters["CompanyType"] + } + if ($null -ne $PSBoundParameters["PartnerCommerceUrl"]) { + $body["commerceUrl"] = $PSBoundParameters["PartnerCommerceUrl"] + } + if ($null -ne $PSBoundParameters["PartnerCompanyName"]) { + $body["companyName"] = $PSBoundParameters["PartnerCompanyName"] + } + if ($null -ne $PSBoundParameters["PartnerHelpUrl"]) { + $body["helpUrl"] = $PSBoundParameters["PartnerHelpUrl"] + } + if ($null -ne $PSBoundParameters["PartnerSupportEmails"]) { + $body["supportEmails"] = @($PSBoundParameters["PartnerSupportEmails"]) + } + if ($null -ne $PSBoundParameters["PartnerSupportTelephones"]) { + $body["supportTelephones"] = @($PSBoundParameters["PartnerSupportTelephones"] -as [string[]]) + } + if ($null -ne $PSBoundParameters["PartnerSupportUrl"]) { + $body["supportUrl"] = $PSBoundParameters["PartnerSupportUrl"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $TenantID = ((Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/organization").value).id + } + Invoke-MgGraphRequest -Headers $customHeaders -Method PATCH -Uri "https://graph.microsoft.com/v1.0/organization/$TenantID/partnerInformation" -Body $body + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraTenantDetail.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraTenantDetail.ps1 new file mode 100644 index 0000000000..2c7e61e798 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Set-EntraTenantDetail.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraTenantDetail { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $TechnicalNotificationMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $MarketingNotificationEmails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SecurityComplianceNotificationMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SecurityComplianceNotificationPhones, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.AzureAD.Model.PrivacyProfile] $PrivacyProfile + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["MarketingNotificationEmails"]) + { + $params["MarketingNotificationEmails"] = $PSBoundParameters["MarketingNotificationEmails"] + } + + if($null -ne $PSBoundParameters["SecurityComplianceNotificationMails"]) + { + $params["SecurityComplianceNotificationMails"] = $PSBoundParameters["SecurityComplianceNotificationMails"] + } + + if($null -ne $PSBoundParameters["SecurityComplianceNotificationPhones"]) + { + $params["SecurityComplianceNotificationPhones"] = $PSBoundParameters["SecurityComplianceNotificationPhones"] + } + + if($null -ne $PSBoundParameters["TechnicalNotificationMails"]) + { + $params["TechnicalNotificationMails"] = $PSBoundParameters["TechnicalNotificationMails"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + $params["OrganizationId"] = (Get-MgOrganization).Id + Update-MgOrganization @params -Headers $customHeaders + } +} + diff --git a/module/Entra/Microsoft.Entra/DirectoryManagement/Update-EntraOauth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/DirectoryManagement/Update-EntraOauth2PermissionGrant.ps1 new file mode 100644 index 0000000000..aed509d2d1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/DirectoryManagement/Update-EntraOauth2PermissionGrant.ps1 @@ -0,0 +1,41 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraOauth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OAuth2PermissionGrantId, + + [Parameter(Mandatory = $false)] + [System.String] $Scope + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/oauth2PermissionGrants/" + $params["Method"] = "PATCH" + + if ($null -ne $PSBoundParameters["OAuth2PermissionGrantId"]) { + $params["Uri"] += $OAuth2PermissionGrantId + } + + if ($null -ne $PSBoundParameters["Scope"]) { + $body["scope"] = $PSBoundParameters["Scope"] + } + + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Enable-EntraAzureADAlias.ps1 b/module/Entra/Microsoft.Entra/Enable-EntraAzureADAlias.ps1 new file mode 100644 index 0000000000..b7d9ca05c1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Enable-EntraAzureADAlias.ps1 @@ -0,0 +1,236 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAlias { + Set-Alias -Name Remove-AzureADApplication -Value Remove-EntraApplication -Scope Global -Force + Set-Alias -Name Set-AzureADDomain -Value Set-EntraDomain -Scope Global -Force + Set-Alias -Name New-AzureADTrustedCertificateAuthority -Value New-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationKey -Value New-EntraApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationVerifiedPublisher -Value Remove-EntraApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Get-AzureADMSIdentityProvider -Value Get-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplication -Value Set-EntraApplication -Scope Global -Force + Set-Alias -Name Revoke-AzureADUserAllRefreshToken -Value Revoke-EntraUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipal -Value Remove-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name New-AzureADMSNamedLocationPolicy -Value New-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADUserOwnedDevice -Value Get-EntraUserOwnedDevice -Scope Global -Force + Set-Alias -Name Remove-AzureADUserManager -Value Remove-EntraUserManager -Scope Global -Force + Set-Alias -Name New-AzureADMSInvitation -Value New-EntraInvitation -Scope Global -Force + Set-Alias -Name Remove-AzureADServiceAppRoleAssignment -Value Remove-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsContactIsMemberOf -Value Select-EntraGroupIdsContactIsMemberOf -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRole -Value Get-EntraDirectoryRole -Scope Global -Force + Set-Alias -Name Remove-AzureADUserExtension -Value Remove-EntraUserExtension -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedGroup -Value Get-EntraDeletedGroup -Scope Global -Force + Set-Alias -Name Get-AzureADDeletedApplication -Value Get-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalKeyCredential -Value Get-EntraServicePrincipalKeyCredential -Scope Global -Force + Set-Alias -Name Remove-AzureADMSLifecyclePolicyGroup -Value Remove-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Remove-AzureADDirectoryRoleMember -Value Remove-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Add-AzureADServicePrincipalOwner -Value Add-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADUserAppRoleAssignment -Value Remove-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADUserAppRoleAssignment -Value Get-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADUser -Value Set-EntraUser -Scope Global -Force + Set-Alias -Name Get-AzureADDomainVerificationDnsRecord -Value Get-EntraDomainVerificationDnsRecord -Scope Global -Force + Set-Alias -Name Get-AzureADMSConditionalAccessPolicy -Value Get-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredUser -Value Remove-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignedTo -Value Get-EntraServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Get-AzureADMSNamedLocationPolicy -Value Get-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADContact -Value Get-EntraContact -Scope Global -Force + Set-Alias -Name Set-AzureADUserPassword -Value Set-EntraUserPassword -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationKeyCredential -Value Get-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADContactDirectReport -Value Get-EntraContactDirectReport -Scope Global -Force + Set-Alias -Name New-AzureADApplicationExtensionProperty -Value New-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Remove-AzureADMSConditionalAccessPolicy -Value Remove-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADGroup -Value Get-EntraGroup -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationPasswordCredential -Value Remove-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Remove-AzureADOAuth2PermissionGrant -Value Remove-EntraOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name New-AzureADMSGroup -Value New-EntraGroup -Scope Global -Force + Set-Alias -Name Add-AzureADGroupOwner -Value Add-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADMSRoleAssignment -Value Remove-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADMSIdentityProvider -Value Remove-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Confirm-AzureADDomain -Value Confirm-EntraDomain -Scope Global -Force + Set-Alias -Name Remove-AzureADMSNamedLocationPolicy -Value Remove-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationExtensionProperty -Value Get-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsGroupIsMemberOf -Value Select-EntraGroupIdsGroupIsMemberOf -Scope Global -Force + Set-Alias -Name Get-AzureADTrustedCertificateAuthority -Value Get-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Get-AzureADGroupOwner -Value Get-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipal -Value Get-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalMembership -Value Get-EntraServicePrincipalMembership -Scope Global -Force + Set-Alias -Name Get-AzureADUser -Value Get-EntraUser -Scope Global -Force + Set-Alias -Name Get-AzureADUserLicenseDetail -Value Get-EntraUserLicenseDetail -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignment -Value Get-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADGroup -Value Remove-EntraGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupPermissionGrant -Value Get-EntraGroupPermissionGrant -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplicationVerifiedPublisher -Value Set-EntraApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Set-AzureADUserExtension -Value Set-EntraUserExtension -Scope Global -Force + Set-Alias -Name Get-AzureADContactMembership -Value Get-EntraContactMembership -Scope Global -Force + Set-Alias -Name Get-AzureADDomainNameReference -Value Get-EntraDomainNameReference -Scope Global -Force + Set-Alias -Name Remove-AzureADMSAdministrativeUnit -Value Remove-EntraAdministrativeUnit -Scope Global -Force + Set-Alias -Name Set-AzureADMSIdentityProvider -Value Set-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalPasswordCredential -Value Remove-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Set-AzureADTrustedCertificateAuthority -Value Set-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredOwner -Value Remove-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name New-AzureADUserAppRoleAssignment -Value New-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupLifecyclePolicy -Value Get-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleDefinition -Value New-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedDirectoryObject -Value Get-EntraDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationPassword -Value New-EntraApplicationPassword -Scope Global -Force + Set-Alias -Name Remove-AzureADMSAdministrativeUnitMember -Value Remove-EntraAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Set-AzureADMSAuthorizationPolicy -Value Set-EntraAuthorizationPolicy -Scope Global -Force + Set-Alias -Name New-AzureADApplicationPasswordCredential -Value New-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Add-AzureADGroupMember -Value Add-EntraGroupMember -Scope Global -Force + Set-Alias -Name Set-AzureADUserLicense -Value Set-EntraUserLicense -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupAppRoleAssignment -Value Remove-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroup -Value Set-EntraGroup -Scope Global -Force + Set-Alias -Name Remove-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Remove-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Enable-AzureADDirectoryRole -Value Enable-EntraDirectoryRole -Scope Global -Force + Set-Alias -Name Get-AzureADTenantDetail -Value Get-EntraTenantDetail -Scope Global -Force + Set-Alias -Name Add-AzureADDirectoryRoleMember -Value Add-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Get-AzureADUserThumbnailPhoto -Value Get-EntraUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name New-AzureADGroupAppRoleAssignment -Value New-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalCreatedObject -Value Get-EntraServicePrincipalCreatedObject -Scope Global -Force + Set-Alias -Name Remove-AzureADDevice -Value Remove-EntraDevice -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantPolicy -Value New-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleAssignment -Value New-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name New-AzureADMSIdentityProvider -Value New-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Revoke-AzureADSignedInUserAllRefreshToken -Value Revoke-EntraSignedInUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationOwner -Value Get-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalPasswordCredential -Value Get-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Add-AzureADApplicationOwner -Value Add-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name Get-AzureADGroupMember -Value Get-EntraGroupMember -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantConditionSet -Value New-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalPasswordCredential -Value New-EntraServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name New-AzureADMSConditionalAccessPolicy -Value New-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsUserIsMemberOf -Value Select-EntraGroupIdsUserIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantConditionSet -Value Remove-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOAuth2PermissionGrant -Value Get-EntraServicePrincipalOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADDomain -Value Get-EntraDomain -Scope Global -Force + Set-Alias -Name Get-AzureADApplication -Value Get-EntraApplication -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalOwner -Value Remove-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Get-AzureADSubscribedSku -Value Get-EntraSubscribedSku -Scope Global -Force + Set-Alias -Name Get-AzureADUserMembership -Value Get-EntraUserMembership -Scope Global -Force + Set-Alias -Name Set-AzureADMSConditionalAccessPolicy -Value Set-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationKey -Value Remove-EntraApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADMSDeletedDirectoryObject -Value Remove-EntraDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name Get-AzureADExtensionProperty -Value Get-EntraExtensionProperty -Scope Global -Force + Set-Alias -Name Set-AzureADUserManager -Value Set-EntraUserManager -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredOwner -Value Get-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADMSRoleDefinition -Value Remove-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name New-AzureADMSApplication -Value New-EntraApplication -Scope Global -Force + Set-Alias -Name New-AzureADApplicationKeyCredential -Value New-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADUserCreatedObject -Value Get-EntraUserCreatedObject -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwner -Value Get-EntraServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Get-AzureADUserOwnedObject -Value Get-EntraUserOwnedObject -Scope Global -Force + Set-Alias -Name Get-AzureADUserManager -Value Get-EntraUserManager -Scope Global -Force + Set-Alias -Name Reset-AzureADMSLifeCycleGroup -Value Reset-EntraLifeCycleGroup -Scope Global -Force + Set-Alias -Name Get-AzureADUserExtension -Value Get-EntraUserExtension -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationOwner -Value Remove-EntraApplicationOwner -Scope Global -Force + Set-Alias -Name Set-AzureADServicePrincipal -Value Set-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroupLifecyclePolicy -Value Set-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupMember -Value Remove-EntraGroupMember -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupOwner -Value Remove-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsServicePrincipalIsMemberOf -Value Select-EntraGroupIdsServicePrincipalIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADTrustedCertificateAuthority -Value Remove-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Add-AzureADMSLifecyclePolicyGroup -Value Add-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredUser -Value Get-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Remove-AzureADDeletedApplication -Value Remove-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name Set-AzureADUserThumbnailPhoto -Value Set-EntraUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name Remove-AzureADUser -Value Remove-EntraUser -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredUser -Value Add-EntraDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredOwner -Value Add-EntraDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADContract -Value Get-EntraContract -Scope Global -Force + Set-Alias -Name Get-AzureADContactManager -Value Get-EntraContactManager -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantPolicy -Value Remove-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name New-AzureADDomain -Value New-EntraDomain -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipal -Value New-EntraServicePrincipal -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationLogo -Value Get-EntraApplicationLogo -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantPolicy -Value Set-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationPasswordCredential -Value Get-EntraApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwnedObject -Value Get-EntraServicePrincipalOwnedObject -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleMember -Value Get-EntraDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantConditionSet -Value Set-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleTemplate -Value Get-EntraDirectoryRoleTemplate -Scope Global -Force + Set-Alias -Name Add-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Add-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Set-AzureADDevice -Value Set-EntraDevice -Scope Global -Force + Set-Alias -Name Remove-AzureADMSScopedRoleMembership -Value Remove-EntraScopedRoleMembership -Scope Global -Force + Set-Alias -Name Get-AzureADDomainServiceConfigurationRecord -Value Get-EntraDomainServiceConfigurationRecord -Scope Global -Force + Set-Alias -Name Get-AzureADGroupAppRoleAssignment -Value Get-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADDevice -Value Get-EntraDevice -Scope Global -Force + Set-Alias -Name Get-AzureADObjectByObjectId -Value Get-EntraObjectByObjectId -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationPassword -Value Remove-EntraApplicationPassword -Scope Global -Force + Set-Alias -Name Update-AzureADSignedInUserPassword -Value Update-EntraSignedInUserPassword -Scope Global -Force + Set-Alias -Name Set-AzureADMSNamedLocationPolicy -Value Set-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantPolicy -Value Get-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationServiceEndpoint -Value Get-EntraApplicationServiceEndpoint -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationKeyCredential -Value Remove-EntraApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Restore-AzureADDeletedApplication -Value Restore-EntraDeletedApplication -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantConditionSet -Value Get-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADUserRegisteredDevice -Value Get-EntraUserRegisteredDevice -Scope Global -Force + Set-Alias -Name New-AzureADServiceAppRoleAssignment -Value New-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADContact -Value Remove-EntraContact -Scope Global -Force + Set-Alias -Name Get-AzureADUserOAuth2PermissionGrant -Value Get-EntraUserOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADUserDirectReport -Value Get-EntraUserDirectReport -Scope Global -Force + Set-Alias -Name New-AzureADDevice -Value New-EntraDevice -Scope Global -Force + Set-Alias -Name Get-AzureADOAuth2PermissionGrant -Value Get-EntraOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Set-AzureADMSRoleDefinition -Value Set-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalKeyCredential -Value Remove-EntraServicePrincipalKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADMSLifecyclePolicyGroup -Value Get-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Get-EntraServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationExtensionProperty -Value Remove-EntraApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name New-AzureADUser -Value New-EntraUser -Scope Global -Force + Set-Alias -Name New-AzureADMSGroupLifecyclePolicy -Value New-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Set-AzureADTenantDetail -Value Set-EntraTenantDetail -Scope Global -Force + Set-Alias -Name Remove-AzureADMSGroupLifecyclePolicy -Value Remove-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationLogo -Value Set-EntraApplicationLogo -Scope Global -Force + Set-Alias -Name Remove-AzureADDomain -Value Remove-EntraDomain -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Connect-AzureAD -Value Connect-Entra -Scope Global -Force + Set-Alias -Name Disconnect-AzureAD -Value Disconnect-Entra -Scope Global -Force + Set-Alias -Name Remove-EntraRoleAssignment -Value Remove-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraRoleAssignment -Value New-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Set-EntraRoleDefinition -Value Set-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-EntraRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-EntraRoleDefinition -Value Remove-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name New-EntraRoleDefinition -Value New-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-EntraServiceAppRoleAssignedTo -Value Get-EntraServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Remove-EntraServiceAppRoleAssignment -Value Remove-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraServiceAppRoleAssignment -Value Get-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraServiceAppRoleAssignment -Value New-EntraServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Add-EntraCustomSecurityAttributeDefinitionAllowedValues -Value Add-EntraCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + Set-Alias -Name Get-EntraAuditDirectoryLogs -Value Get-EntraAuditDirectoryLog -Scope Global -Force + Set-Alias -Name Get-EntraAuditSignInLogs -Value Get-EntraAuditSignInLog -Scope Global -Force +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Governance/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..01bcea93fd --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Remove-AzureADMSRoleAssignment -Value Remove-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleDefinition -Value New-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleAssignment -Value New-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADMSRoleDefinition -Value Remove-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Set-AzureADMSRoleDefinition -Value Set-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-EntraRoleAssignment -Value Remove-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraRoleAssignment -Value Get-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraRoleAssignment -Value New-EntraDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Set-EntraRoleDefinition -Value Set-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-EntraRoleDefinition -Value Get-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-EntraRoleDefinition -Value Remove-EntraDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name New-EntraRoleDefinition -Value New-EntraDirectoryRoleDefinition -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..2cdff2a36c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleAssignment.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleAssignmentId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleAssignmentId"]) + { + $params["UnifiedRoleAssignmentId"] = $PSBoundParameters["UnifiedRoleAssignmentId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["SearchString"]) + { + $params["SearchString"] = $PSBoundParameters["SearchString"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleDefinition.ps1 b/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..84a2e4b23b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Get-EntraDirectoryRoleDefinition.ps1 @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"} + if($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + $propsToConvert = @('RolePermissions') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Governance/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Governance/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Governance/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..e8c74abe06 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Governance | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..20927b2fd4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleAssignment.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DirectoryScopeId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $RoleDefinitionId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if ($null -ne $PSBoundParameters["DirectoryScopeId"]) + { + $params["DirectoryScopeId"] = $PSBoundParameters["DirectoryScopeId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["RoleDefinitionId"]) + { + $params["RoleDefinitionId"] = $PSBoundParameters["RoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleDefinition.ps1 b/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..03fc9441f9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/New-EntraDirectoryRoleDefinition.ps1 @@ -0,0 +1,132 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission]] $RolePermissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ResourceScopes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Version, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TemplateId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["RolePermissions"]) + { + $TmpValue = $PSBoundParameters["RolePermissions"] + $Temp = @{ + allowedResourceActions = $TmpValue.allowedResourceActions + condition = $TmpValue.condition + } + $Value = $Temp + $params["RolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["ResourceScopes"]) + { + $params["ResourceScopes"] = $PSBoundParameters["ResourceScopes"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Version"]) + { + $params["Version"] = $PSBoundParameters["Version"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["TemplateId"]) + { + $params["TemplateId"] = $PSBoundParameters["TemplateId"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..28cbd2d2d0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleAssignment.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleAssignmentId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleAssignmentId"]) + { + $params["UnifiedRoleAssignmentId"] = $PSBoundParameters["UnifiedRoleAssignmentId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleDefinition.ps1 b/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..c8942a535a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Remove-EntraDirectoryRoleDefinition.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Governance/Set-EntraDirectoryRoleDefinition.ps1 b/module/Entra/Microsoft.Entra/Governance/Set-EntraDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..5cc9f96d14 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Governance/Set-EntraDirectoryRoleDefinition.ps1 @@ -0,0 +1,143 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission]] $RolePermissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ResourceScopes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Version, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TemplateId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["RolePermissions"]) + { + $TmpValue = $PSBoundParameters["RolePermissions"] + $Value = @() + foreach($val in $TmpValue) + { + $Temp = $val | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $hash[$_.Name] = $_.Value } + $Value += $hash + } + $params["RolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["ResourceScopes"]) + { + $params["ResourceScopes"] = $PSBoundParameters["ResourceScopes"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["Version"]) + { + $params["Version"] = $PSBoundParameters["Version"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["TemplateId"]) + { + $params["TemplateId"] = $PSBoundParameters["TemplateId"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupMember.ps1 b/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupMember.ps1 new file mode 100644 index 0000000000..5e27297609 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraGroupMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["RefObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["RefObjectId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgGroupMember @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupOwner.ps1 b/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupOwner.ps1 new file mode 100644 index 0000000000..3e068a8736 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Add-EntraGroupOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraGroupOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/beta/users/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgGroupOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Add-EntraLifecyclePolicyGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Add-EntraLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..28154f349a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Add-EntraLifecyclePolicyGroup.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $GroupId, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgGroupToLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Groups/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..e3ca2ac1c3 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Select-AzureADGroupIdsContactIsMemberOf -Value Select-EntraGroupIdsContactIsMemberOf -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedGroup -Value Get-EntraDeletedGroup -Scope Global -Force + Set-Alias -Name Remove-AzureADMSLifecyclePolicyGroup -Value Remove-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Get-AzureADGroup -Value Get-EntraGroup -Scope Global -Force + Set-Alias -Name New-AzureADMSGroup -Value New-EntraGroup -Scope Global -Force + Set-Alias -Name Add-AzureADGroupOwner -Value Add-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsGroupIsMemberOf -Value Select-EntraGroupIdsGroupIsMemberOf -Scope Global -Force + Set-Alias -Name Get-AzureADGroupOwner -Value Get-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADGroup -Value Remove-EntraGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupPermissionGrant -Value Get-EntraGroupPermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupLifecyclePolicy -Value Get-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Add-AzureADGroupMember -Value Add-EntraGroupMember -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupAppRoleAssignment -Value Remove-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroup -Value Set-EntraGroup -Scope Global -Force + Set-Alias -Name New-AzureADGroupAppRoleAssignment -Value New-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADGroupMember -Value Get-EntraGroupMember -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsUserIsMemberOf -Value Select-EntraGroupIdsUserIsMemberOf -Scope Global -Force + Set-Alias -Name Reset-AzureADMSLifeCycleGroup -Value Reset-EntraLifeCycleGroup -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroupLifecyclePolicy -Value Set-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupMember -Value Remove-EntraGroupMember -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupOwner -Value Remove-EntraGroupOwner -Scope Global -Force + Set-Alias -Name Add-AzureADMSLifecyclePolicyGroup -Value Add-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Get-AzureADGroupAppRoleAssignment -Value Get-EntraGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADMSLifecyclePolicyGroup -Value Get-EntraLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name New-AzureADMSGroupLifecyclePolicy -Value New-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSGroupLifecyclePolicy -Value Remove-EntraGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraDeletedGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraDeletedGroup.ps1 new file mode 100644 index 0000000000..d75feb5084 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraDeletedGroup.ps1 @@ -0,0 +1,131 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + + + +function Get-EntraDeletedGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"} + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "mailNickName eq '$TmpValue' or (mail eq '$TmpValue' or (displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')))" + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgDirectoryDeletedItemAsGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroup.ps1 new file mode 100644 index 0000000000..08bf6047d9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroup.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "mailNickName eq '$TmpValue' or (mail eq '$TmpValue' or (displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')))" + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..04b7f0f76f --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupLifecyclePolicy.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..65fc95b4f7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupLifecyclePolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupMember.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupMember.ps1 new file mode 100644 index 0000000000..6ab247754a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupMember.ps1 @@ -0,0 +1,134 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroupMember { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/groups' + $properties = '$select=*' + $Method = "GET" + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + $URI = "$baseUri/$($params.GroupId)/members?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.GroupId)/members?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $minTop = 999 + $URI = "$baseUri/$($params.GroupId)/members?`$top=999&$properties" + } + else{ + $URI = "$baseUri/$($params.GroupId)/members?`$top=$topCount&$properties" + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $data = $response + try { + $data = @($response.value) + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $URI = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + if($minTop){ + $URI = $URI.Replace("`$top=$minTop", "`$top=$topValue") + } + else{ + $URI = $URI.Replace("`$top=$topCount", "`$top=$topValue") + } + $increment -= $topValue + } + $response = Invoke-GraphRequest -Uri $URI -Method $Method + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + $data | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $serviceprincipal = @() + if (($data.count -eq 0) -or $data.'@odata.type' -notcontains 'microsoft.graph.servicePrincipal') { + $URI = "$baseUri/$($params.GroupId)/members/microsoft.graph.servicePrincipal?$properties" + $topCount = $Top - $data.count + if ($PSBoundParameters.ContainsKey("Top") -and $topCount -gt 0) { + $increment = $topCount - $data.Count + $increment = 1 + $hasNextLink = $false + + do { + $topValue = [Math]::Min($topCount, 999) + $URI = "$baseUri/$($params.GroupId)/members/microsoft.graph.servicePrincipal?`$top=$topValue&$properties" + $response = Invoke-GraphRequest -Uri $URI -Method $Method -Headers $customHeaders + $serviceprincipal += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $hasNextLink = $null -ne $response.PSObject.Properties.Match('@odata.nextLink') + $increment-- + } while ($increment -gt 0 -and $hasNextLink) + } + elseif($null -eq $PSBoundParameters["Top"]){ + $response = Invoke-GraphRequest -Uri $URI -Method $Method -Headers $customHeaders + $serviceprincipal += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + try{ + $serviceprincipal | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name '@odata.type' -Value '#microsoft.graph.servicePrincipal' -Force + } + } + $data += $serviceprincipal + } + catch {} + } + if($data){ + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + if (-not ($response -is [psobject])) { + $response = [pscustomobject]@{ Value = $response } + } + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupOwner.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupOwner.ps1 new file mode 100644 index 0000000000..ef3434e3b8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupOwner.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroupOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/groups' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + $URI = "$baseUri/$($params.GroupId)/owners?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.GroupId)/owners?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.GroupId)/owners?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupPermissionGrant.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupPermissionGrant.ps1 new file mode 100644 index 0000000000..c753a32539 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraGroupPermissionGrant.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraGroupPermissionGrant { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgGroupPermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraLifecyclePolicyGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..57d878f4a0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraLifecyclePolicyGroup.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgGroupLifecyclePolicyByGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraObjectSetting.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraObjectSetting.ps1 new file mode 100644 index 0000000000..854d36fda7 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraObjectSetting.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraObjectSetting { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $Id, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = "https://graph.microsoft.com/v1.0/$TargetType/$TargetObjectId/settings" + $params["Method"] = "GET" + $params["Uri"] = $baseUri+'?$select=*' + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $params["Uri"] = $baseUri+"?`$select=$($selectProperties)" + } + if($PSBoundParameters.ContainsKey("Top") -and (-not $PSBoundParameters.ContainsKey("All"))) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $params["Uri"] += "&`$top=999" + } + else{ + $params["Uri"] += "&`$top=$topCount" + } + } + if($null -ne $PSBoundParameters["Id"]) + { + $Id = $PSBoundParameters["Id"] + $params["Uri"] = "$baseUri/$($Id)" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while ($response.'@odata.nextLink' -and (($all) -or ($increment -gt 0 -and -not $all))) { + $params["Uri"] = $response.'@odata.nextLink' + if (-not $all) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + + $targetTypeList = @() + + if($TargetType.ToLower() -eq 'groups'){ + foreach($res in $data){ + $groupType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphGroupSetting + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $groupType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $groupType + } + } + + if($TargetType.ToLower() -eq 'users'){ + foreach($res in $data){ + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphUserSettings + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $userType + } + } + + $targetTypeList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Groups/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Groups/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Groups/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Groups/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..2026850d4b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Groups | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Groups/New-EntraGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/New-EntraGroup.ps1 new file mode 100644 index 0000000000..69159d4b1e --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/New-EntraGroup.ps1 @@ -0,0 +1,133 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $SecurityEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $MailEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $GroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $MailNickname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAssignableToRole, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Visibility, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["SecurityEnabled"]) + { + $params["SecurityEnabled"] = $PSBoundParameters["SecurityEnabled"] + } + if ($null -ne $PSBoundParameters["MailEnabled"]) + { + $params["MailEnabled"] = $PSBoundParameters["MailEnabled"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["GroupTypes"]) + { + $params["GroupTypes"] = $PSBoundParameters["GroupTypes"] + } + if ($null -ne $PSBoundParameters["MailNickname"]) + { + $params["MailNickname"] = $PSBoundParameters["MailNickname"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IsAssignableToRole"]) + { + $params["IsAssignableToRole"] = $PSBoundParameters["IsAssignableToRole"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["Visibility"]) + { + $params["Visibility"] = $PSBoundParameters["Visibility"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/New-EntraGroupAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Groups/New-EntraGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..f308a89e76 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/New-EntraGroupAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId, + [Alias('Id')] + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AppRoleId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AppRoleId"]) + { + $params["AppRoleId"] = $PSBoundParameters["AppRoleId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/New-EntraGroupLifecyclePolicy.ps1 b/module/Entra/Microsoft.Entra/Groups/New-EntraGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..33c46424f0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/New-EntraGroupLifecyclePolicy.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AlternateNotificationEmails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ManagedGroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Int32]] $GroupLifetimeInDays + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AlternateNotificationEmails"]) + { + $params["AlternateNotificationEmails"] = $PSBoundParameters["AlternateNotificationEmails"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["ManagedGroupTypes"]) + { + $params["ManagedGroupTypes"] = $PSBoundParameters["ManagedGroupTypes"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupLifetimeInDays"]) + { + $params["GroupLifetimeInDays"] = $PSBoundParameters["GroupLifetimeInDays"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroup.ps1 new file mode 100644 index 0000000000..328c849e79 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroup.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraGroup { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..6f10cffa19 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupLifecyclePolicy.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..37e3d7bcb4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupLifecyclePolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupMember.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupMember.ps1 new file mode 100644 index 0000000000..bab08a9e50 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraGroupMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroupMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupOwner.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupOwner.ps1 new file mode 100644 index 0000000000..8bb26c2d5f --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraGroupOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraGroupOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroupOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Remove-EntraLifecyclePolicyGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Remove-EntraLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..dad7549f1f --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Remove-EntraLifecyclePolicyGroup.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $GroupId, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgGroupFromLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Reset-EntraLifeCycleGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Reset-EntraLifeCycleGroup.ps1 new file mode 100644 index 0000000000..5ec5c1069e --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Reset-EntraLifeCycleGroup.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Reset-EntraLifeCycleGroup { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["GroupId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-MgRenewGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.ps1 b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.ps1 new file mode 100644 index 0000000000..7641c0ef00 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraGroupIdsContactIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["OrgContactId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgContactMemberOfAsGroup @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.Id + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.ps1 b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.ps1 new file mode 100644 index 0000000000..e7201dc21d --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraGroupIdsGroupIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["GroupId"] = $PSBoundParameters["ObjectId"] + } + if($null -ne $PSBoundParameters["GroupIdsForMembershipCheck"]) + { + $GroupIdData = Get-EntraGroup -All + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgGroupMemberOf @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + $result=@() + if($response){ + $result = $response.Id + } + $notMember = $GroupIdsForMembershipCheck.GroupIds | Where-Object -Filterscript { $_ -notin $result } + foreach ($Id in $notMember) { + if ($GroupIdData.Id -notcontains $Id) { + Write-Error "Error occurred while executing SelectEntraGroupIdsGroupIsMemberOf +Code: Request_BadRequest +Message: Invalid GUID:$Id" + return + } + } + if($response){ + $response.Id + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.ps1 b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.ps1 new file mode 100644 index 0000000000..a4e66f7749 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraGroupIdsUserIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgUserMemberOfAsGroup -Headers $customHeaders -UserId $params["UserId"] + $response = $initalResponse | Where-Object -Filterscript {$_.ID -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.ID + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Set-EntraGroup.ps1 b/module/Entra/Microsoft.Entra/Groups/Set-EntraGroup.ps1 new file mode 100644 index 0000000000..08b77bb0b4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Set-EntraGroup.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $SecurityEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $MailEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $GroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickname, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAssignableToRole, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Visibility, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["SecurityEnabled"]) + { + $params["SecurityEnabled"] = $PSBoundParameters["SecurityEnabled"] + } + if ($null -ne $PSBoundParameters["MailEnabled"]) + { + $params["MailEnabled"] = $PSBoundParameters["MailEnabled"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["GroupTypes"]) + { + $params["GroupTypes"] = $PSBoundParameters["GroupTypes"] + } + if ($null -ne $PSBoundParameters["MailNickname"]) + { + $params["MailNickname"] = $PSBoundParameters["MailNickname"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["IsAssignableToRole"]) + { + $params["IsAssignableToRole"] = $PSBoundParameters["IsAssignableToRole"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["Visibility"]) + { + $params["Visibility"] = $PSBoundParameters["Visibility"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Groups/Set-EntraGroupLifecyclePolicy.ps1 b/module/Entra/Microsoft.Entra/Groups/Set-EntraGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..ea18dc3203 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Groups/Set-EntraGroupLifecyclePolicy.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AlternateNotificationEmails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ManagedGroupTypes, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $GroupLifetimeInDays + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AlternateNotificationEmails"]) + { + $params["AlternateNotificationEmails"] = $PSBoundParameters["AlternateNotificationEmails"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["ManagedGroupTypes"]) + { + $params["ManagedGroupTypes"] = $PSBoundParameters["ManagedGroupTypes"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["GroupLifetimeInDays"]) + { + $params["GroupLifetimeInDays"] = $PSBoundParameters["GroupLifetimeInDays"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Reports/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Reports/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..b2ff67a700 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Reports/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,41 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-EntraAuditDirectoryLogs -Value Get-EntraAuditDirectoryLog -Scope Global -Force + Set-Alias -Name Get-EntraAuditSignInLogs -Value Get-EntraAuditSignInLog -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditDirectoryLog.ps1 b/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditDirectoryLog.ps1 new file mode 100644 index 0000000000..3f129fc7c3 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditDirectoryLog.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAuditDirectoryLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/directoryAudits' + $params["Method"] = "GET" + $params["Uri"] = "$baseUri"+"?" + + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $params["Uri"] += "&`$top=999" + } + else{ + $params["Uri"] += "&`$top=$topCount" + } + } + if($null -ne $PSBoundParameters["Id"]) + { + $LogId = $PSBoundParameters["Id"] + $params["Uri"] = "$baseUri/$($LogId)" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$Filter' + $params["Uri"] += "&$f=$Filter" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryAudit + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditSignInLog.ps1 b/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditSignInLog.ps1 new file mode 100644 index 0000000000..bfb5dfd323 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Reports/Get-EntraAuditSignInLog.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAuditSignInLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $SignInId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/signIns' + $params["Method"] = "GET" + $params["Uri"] = "$baseUri" + $query = $null + + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $query += "&`$top=999" + } + else{ + $query += "&`$top=$topCount" + } + } + + if($null -ne $PSBoundParameters["SignInId"]) + { + $logId = $PSBoundParameters["SignInId"] + $params["Uri"] = "$baseUri/$($logId)" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$filter' + $query += "&$f=$Filter" + } + + if($null -ne $query) + { + $query = "?" + $query.TrimStart("&") + $params["Uri"] += $query + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 100 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json + } + } catch {} + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphSignIn + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Reports/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Reports/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Reports/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Reports/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Reports/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..82fbc5069b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Reports/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Reports | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/SignIns/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/SignIns/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..756282ab4c --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Enable-EntraAzureADAliases { + Set-Alias -Name New-AzureADMSInvitation -Value New-EntraInvitation -Scope Global -Force + Set-Alias -Name New-AzureADTrustedCertificateAuthority -Value New-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Get-AzureADMSIdentityProvider -Value Get-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name New-AzureADMSNamedLocationPolicy -Value New-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSConditionalAccessPolicy -Value Get-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSNamedLocationPolicy -Value Get-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSConditionalAccessPolicy -Value Remove-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADOAuth2PermissionGrant -Value Remove-EntraOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Remove-AzureADMSIdentityProvider -Value Remove-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Remove-AzureADMSNamedLocationPolicy -Value Remove-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADTrustedCertificateAuthority -Value Get-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Set-AzureADMSIdentityProvider -Value Set-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name Set-AzureADTrustedCertificateAuthority -Value Set-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Set-AzureADMSAuthorizationPolicy -Value Set-EntraAuthorizationPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantPolicy -Value New-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSIdentityProvider -Value New-EntraIdentityProvider -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantConditionSet -Value New-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name New-AzureADMSConditionalAccessPolicy -Value New-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantConditionSet -Value Remove-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Set-AzureADMSConditionalAccessPolicy -Value Set-EntraConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADTrustedCertificateAuthority -Value Remove-EntraTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantPolicy -Value Remove-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantPolicy -Value Set-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantConditionSet -Value Set-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Set-AzureADMSNamedLocationPolicy -Value Set-EntraNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantPolicy -Value Get-EntraPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantConditionSet -Value Get-EntraPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADOAuth2PermissionGrant -Value Get-EntraOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraAuthorizationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraAuthorizationPolicy.ps1 new file mode 100644 index 0000000000..fb32dbffdc --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraAuthorizationPolicy.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraAuthorizationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/authorizationPolicy?" + $params["Method"] = "GET" + + if($null -ne $PSBoundParameters["Id"]) + { + $Id = $Id.Substring(0, 1).ToLower() + $Id.Substring(1) + $Filter = "Id eq '$Id'" + $f = '$' + 'Filter' + $params["Uri"] += "&$f=$Filter" + } + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $params["Uri"] += "&$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + if($response){ + $policyList = @() + foreach ($data in $response) { + $policyType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAuthorizationPolicy + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $policyType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $policyList += $policyType + } + $policyList + } + } +} diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraConditionalAccessPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..628166cf24 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraConditionalAccessPolicy.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + + + +function Get-EntraConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraFeatureRolloutPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..ac44918a20 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraFeatureRolloutPolicy.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $baseUri = 'https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies' + $params["Method"] = "GET" + $params["Uri"] = "$baseUri" + $query = $null + + if($null -ne $PSBoundParameters["Id"]) + { + $Id = $PSBoundParameters["Id"] + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/$Id" + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $FilterValue = $PSBoundParameters["SearchString"] + $filter="displayName eq '$FilterValue' or startswith(displayName,'$FilterValue')" + $f = '$' + 'Filter' + $query += "&$f=$Filter" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$' + 'Filter' + $query += "&$f=$Filter" + } + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $query += "&`$select=$($selectProperties)" + } + if($null -ne $query) + { + $query = "?" + $query.TrimStart("&") + $params["Uri"] += $query + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $data = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $data = $data.value | ConvertTo-Json | ConvertFrom-Json + } + catch {} + + if($data) + { + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraIdentityProvider.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraIdentityProvider.ps1 new file mode 100644 index 0000000000..9b7704a367 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraIdentityProvider.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name Type -Value identityProviderType + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value DisplayName + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraNamedLocationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..e24ca7a7d0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraNamedLocationPolicy.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('ipRanges') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraOAuth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..87ec9b4fa2 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraOAuth2PermissionGrant.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantConditionSet.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..433d7c8353 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantConditionSet.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if("$conditionalSet" -eq "includes"){ + $response = Get-MgPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Get-MgPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..e863de72fc --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPermissionGrantPolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPolicy.ps1 new file mode 100644 index 0000000000..5d7476e370 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraPolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUrl = "https://graph.microsoft.com/v1.0/policies/" + $endpoints = @("homeRealmDiscoveryPolicies", "claimsMappingPolicies", "tokenIssuancePolicies", "tokenLifetimePolicies", "activityBasedTimeoutPolicies", "featureRolloutPolicies", "defaultAppManagementPolicy", "appManagementPolicies", "authenticationFlowsPolicy", "authenticationMethodsPolicy", "permissionGrantPolicies") + + if($PSBoundParameters.ContainsKey("Top") -and ($null -eq $Top -or $Top -eq 0)){ + Write-Error "Invalid page size specified: '0'. Must be between 1 and 999 inclusive. +Status: 400 (BadRequest) +ErrorCode: Request_UnsupportedQuery" + break + } + $response = @() + foreach ($endpoint in $endpoints) { + $url = "${baseUrl}${endpoint}" + try { + $policies = (Invoke-GraphRequest -Headers $customHeaders -Uri $url -Method GET).value + } + catch { + $policies = (Invoke-GraphRequest -Headers $customHeaders -Uri $url -Method GET) + } + $policies | ForEach-Object { + $_.Type = ($endpoint.Substring(0, 1).ToUpper() + $endpoint.Substring(1) -replace "ies", "y") + $response += $_ + if ($Top -and ($response.Count -ge $Top)) { + break + } + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + if ($PSBoundParameters.ContainsKey("ID")) { + $response = $response | Where-Object { $_.id -eq $Id } + if($Null -eq $response ) { + Write-Error "Get-EntraPolicy : Error occurred while executing Get-Policy + Code: Request_BadRequest + Message: Invalid object identifier '$Id' ." + } + } elseif (-not $All -and $Top) { + $response = $response | Select-Object -First $Top + } + + $data = $response | ConvertTo-Json -Depth 50 | ConvertFrom-Json + $respList = @() + + foreach ($res in $data) { + switch ($res.type) { + "ActivityBasedTimeoutPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphActivityBasedTimeoutPolicy } + "AppManagementPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAppManagementPolicy } + "ClaimsMappingPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphClaimsMappingPolicy } + "FeatureRolloutPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy } + "HomeRealmDiscoveryPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphHomeRealmDiscoveryPolicy } + "TokenIssuancePolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphTokenIssuancePolicy } + "TokenLifetimePolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphTokenLifetimePolicy } + "PermissionGrantPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphPermissionGrantPolicy } + "DefaultAppManagementPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphappManagementPolicy } + "AuthenticationFlowsPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphauthenticationFlowsPolicy } + "AuthenticationMethodsPolicy" { $respType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphauthenticationMethodsPolicy} + default { Write-Error "Unknown type: " + $res.type} + } + + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $respList += $respType + } + $respList + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraTrustedCertificateAuthority.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..954f948652 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraTrustedCertificateAuthority.ps1 @@ -0,0 +1,113 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TrustedIssuer, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TrustedIssuerSki, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["OrganizationId"] = (Get-MgContext).TenantId + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["TrustedIssuerSki"]) + { + $trustedIssuerSki = $PSBoundParameters["TrustedIssuerSki"] + } + if($null -ne $PSBoundParameters["TrustedIssuer"]) + { + $trustedIssuer = $PSBoundParameters["TrustedIssuer"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $responseData = Get-MgOrganizationCertificateBasedAuthConfiguration @params -Headers $customHeaders + $response= @() + if($responseData){ + $responseData.CertificateAuthorities | ForEach-Object { + if ( + ([string]::IsNullOrEmpty($TrustedIssuer) -and [string]::IsNullOrEmpty($TrustedIssuerSki)) -or + (![string]::IsNullOrEmpty($TrustedIssuer) -and ![string]::IsNullOrEmpty($TrustedIssuerSki) -and $_.Issuer -eq $TrustedIssuer -and $_.IssuerSki -eq $TrustedIssuerSki) -or + (![string]::IsNullOrEmpty($TrustedIssuer) -and [string]::IsNullOrEmpty($TrustedIssuerSki) -and $_.Issuer -eq $TrustedIssuer) -or + (![string]::IsNullOrEmpty($TrustedIssuerSki) -and [string]::IsNullOrEmpty($TrustedIssuer) -and $_.IssuerSki -eq $TrustedIssuerSki)) + { + $data = @{ + AuthorityType = "IntermediateAuthority" + TrustedCertificate = $_.Certificate + CrlDistributionPoint = $_.CertificateRevocationListUrl + DeltaCrlDistributionPoint = $_.DeltaCertificateRevocationListUrl + TrustedIssuer = $_.Issuer + TrustedIssuerSki = $_.IssuerSki + } + + if($_.IsRootAuthority){ + $data.AuthorityType = "RootAuthority" + } + $dataJson = ConvertTo-Json $data + $response += [Newtonsoft.Json.JsonConvert]::DeserializeObject($dataJson, [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation]) + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/SignIns/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraConditionalAccessPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..c85ba513c1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraConditionalAccessPolicy.ps1 @@ -0,0 +1,160 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls] $GrantControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls] $SessionControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet] $Conditions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["GrantControls"]) + { + $TmpValue = $PSBoundParameters["GrantControls"] + $hash = @{} + if($TmpValue._Operator) { $hash["Operator"] = $TmpValue._Operator } + if($null -ne $TmpValue.BuiltInControls) { $hash["BuiltInControls"] = $TmpValue.BuiltInControls } + if($TmpValue.CustomAuthenticationFactors) { $hash["CustomAuthenticationFactors"] = $TmpValue.CustomAuthenticationFactors } + if($TmpValue.TermsOfUse) { $hash["TermsOfUse"] = $TmpValue.TermsOfUse } + + $Value = $hash + $params["GrantControls"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["SessionControls"]) + { + $TmpValue = $PSBoundParameters["SessionControls"] + $Value = @{} + $TmpValue.PSObject.Properties | foreach { + $propName = $_.Name + $propValue = $_.Value + if ($propValue -is [System.Object]) { + $nestedProps = @{} + $propValue.PSObject.Properties | foreach { + $nestedPropName = $_.Name + $nestedPropValue = $_.Value + $nestedProps[$nestedPropName] = $nestedPropValue + } + $Value[$propName] = $nestedProps + } + } + $params["SessionControls"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Conditions"]) + { + $TmpValue = $PSBoundParameters["Conditions"] + $Value = @{} + $TmpValue.PSObject.Properties | foreach { + $propName = $_.Name + $propValue = $_.Value + if ($propName -eq 'clientAppTypes') { + $Value[$propName] = $propValue + } + elseif ($propValue -is [System.Object]) { + $nestedProps = @{} + $propValue.PSObject.Properties | foreach { + $nestedPropName = $_.Name + $nestedPropValue = $_.Value + $nestedProps[$nestedPropName] = $nestedPropValue + } + $Value[$propName] = $nestedProps + } + } + $params["Conditions"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..ff4a8b0be1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.SignIns | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraFeatureRolloutPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..b46dcee128 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraFeatureRolloutPolicy.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAppliedToOrganization, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Feature, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject]] $AppliesTo + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $body = @{} + $params["Uri"] = 'https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/' + $params["Method"] = "POST" + + if ($null -ne $PSBoundParameters["Description"]) { + $body["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["IsAppliedToOrganization"]) { + $body["IsAppliedToOrganization"] = $PSBoundParameters["IsAppliedToOrganization"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["Feature"]) { + $body["Feature"] = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) { + $body["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["AppliesTo"]) { + $body["AppliesTo"] = $PSBoundParameters["AppliesTo"] + } + + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $data = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + if ($data) { + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraIdentityProvider.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraIdentityProvider.ps1 new file mode 100644 index 0000000000..00003a84db --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraIdentityProvider.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ClientSecret, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Type, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ClientId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["Id"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["Type"]) + { + $body["identityProviderType"] = $PSBoundParameters["Type"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["displayName"] = $PSBoundParameters["Name"] + } + if($null -ne $PSBoundParameters["ClientId"]) + { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if($null -ne $PSBoundParameters["ClientSecret"]) + { + $body["clientSecret"] = $PSBoundParameters["ClientSecret"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + $body["@odata.type"] = "#microsoft.graph.socialIdentityProvider" + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value DisplayName + Add-Member -InputObject $_ -MemberType AliasProperty -Name Type -Value identityProviderType + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraInvitation.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraInvitation.ps1 new file mode 100644 index 0000000000..324b88fd01 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraInvitation.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraInvitation { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $InvitedUserEmailAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $InvitedUserDisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $InviteRedirectUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InvitedUserMessageInfo] $InvitedUserMessageInfo, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.User] $InvitedUser, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $SendInvitationMessage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $InvitedUserType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["InvitedUser"]) + { + $TmpValue = $PSBoundParameters["InvitedUser"] + $Temp = @{} + foreach ($property in $TmpValue.PSObject.Properties) { + $Temp[$property.Name] = $property.Value + } + $params["InvitedUser"] = $Temp + } + if($null -ne $PSBoundParameters["InvitedUserMessageInfo"]) + { + $TmpValue = $PSBoundParameters["InvitedUserMessageInfo"] + $Temp = @{} + $Temp["CustomizedMessageBody"] = $TmpValue.CustomizedMessageBody + $Temp["MessageLanguage"] = $TmpValue.MessageLanguage + $Temp["CcRecipients"] = $TmpValue.CcRecipients + $Value = $Temp + $params["InvitedUserMessageInfo"] = $Value + } + if($null -ne $PSBoundParameters["InvitedUserType"]) + { + $params["InvitedUserType"] = $PSBoundParameters["InvitedUserType"] + } + if($null -ne $PSBoundParameters["SendInvitationMessage"]) + { + $params["SendInvitationMessage"] = $PSBoundParameters["SendInvitationMessage"] + } + if($null -ne $PSBoundParameters["InvitedUserEmailAddress"]) + { + $params["InvitedUserEmailAddress"] = $PSBoundParameters["InvitedUserEmailAddress"] + } + if($null -ne $PSBoundParameters["InvitedUserDisplayName"]) + { + $params["InvitedUserDisplayName"] = $PSBoundParameters["InvitedUserDisplayName"] + } + if($null -ne $PSBoundParameters["InviteRedirectUrl"]) + { + $params["InviteRedirectUrl"] = $PSBoundParameters["InviteRedirectUrl"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = New-MgInvitation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraNamedLocationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..41a33f63f0 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraNamedLocationPolicy.ps1 @@ -0,0 +1,137 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IncludeUnknownCountriesAndRegions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion]] $CountriesAndRegions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange]] $IpRanges, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsTrusted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $OdataType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $body = @{} + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["IncludeUnknownCountriesAndRegions"]) + { + $body["IncludeUnknownCountriesAndRegions"] = $PSBoundParameters["IncludeUnknownCountriesAndRegions"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $body["Id"] = $PSBoundParameters["Id"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["IsTrusted"]) + { + $body["IsTrusted"] = $PSBoundParameters["IsTrusted"] + } + if($null -ne $PSBoundParameters["OdataType"]) + { + $body["@odata.type"] = $PSBoundParameters["OdataType"] + } + if($null -ne $PSBoundParameters["CountriesAndRegions"]) + { + $body["CountriesAndRegions"] = $PSBoundParameters["CountriesAndRegions"] + } + if($null -ne $PSBoundParameters["IpRanges"]) + { + $Tmp = $PSBoundParameters["IpRanges"] + $hash =@() + foreach($i in $Tmp){ + $hash += @{cidrAddress=$i.CidrAddress} + } + $body["IpRanges"] = $hash + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('ipRanges') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraOauth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraOauth2PermissionGrant.ps1 new file mode 100644 index 0000000000..58333f12fa --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraOauth2PermissionGrant.ps1 @@ -0,0 +1,63 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraOauth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'CreateExpanded')] + param ( + [Parameter(ParameterSetName = "CreateExpanded", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ClientId, + [Parameter(ParameterSetName = "CreateExpanded", Mandatory = $true)] + [System.String] $ConsentType, + [Parameter(ParameterSetName = "CreateExpanded")] + [System.String] $PrincipalId, + [Parameter(ParameterSetName = "CreateExpanded", Mandatory = $true)] + [System.String] $ResourceId, + [Parameter(ParameterSetName = "CreateExpanded")] + [System.String] $Scope + ) + + PROCESS { + $params = @{} + $body = @{} + $params["Uri"] = "https://graph.microsoft.com/v1.0/oauth2PermissionGrants" + $params["Method"] = "POST" + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ClientId"]) { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if ($null -ne $PSBoundParameters["ConsentType"]) { + $body["consentType"] = $PSBoundParameters["ConsentType"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) { + $body["principalId"] = $PSBoundParameters["PrincipalId"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) { + $body["resourceId"] = $PSBoundParameters["ResourceId"] + } + if ($null -ne $PSBoundParameters["Scope"]) { + $body["scope"] = $PSBoundParameters["Scope"] + } + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + if ($response) { + $response = $response | ConvertTo-Json | ConvertFrom-Json + $response | ForEach-Object { + if ($null -ne $_) { + $userData = [Microsoft.Graph.PowerShell.Models.MicrosoftGraphOAuth2PermissionGrant]::new() + $_.PSObject.Properties | ForEach-Object { + $userData | Add-Member -MemberType NoteProperty -Name $_.Name -Value $_.Value -Force + } + } + } + $userData + } + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantConditionSet.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..e67b53f4e8 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantConditionSet.ps1 @@ -0,0 +1,149 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ClientApplicationsFromVerifiedPublisherOnly, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationTenantIds, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationPublisherIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Permissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResourceApplication, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionClassification + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["PermissionType"]) + { + $params["PermissionType"] = $PSBoundParameters["PermissionType"] + } + if($null -ne $PSBoundParameters["PermissionClassification"]) + { + $params["PermissionClassification"] = $PSBoundParameters["PermissionClassification"] + } + if($null -ne $PSBoundParameters["ResourceApplication"]) + { + $params["ResourceApplication"] = $PSBoundParameters["ResourceApplication"] + } + if($null -ne $PSBoundParameters["Permissions"]) + { + $params["Permissions"] = $PSBoundParameters["Permissions"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ClientApplicationTenantIds"]) + { + $params["ClientApplicationTenantIds"] = $PSBoundParameters["ClientApplicationTenantIds"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"]) + { + $params["ClientApplicationsFromVerifiedPublisherOnly"] = $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"] + } + if($null -ne $PSBoundParameters["ClientApplicationPublisherIds"]) + { + $params["ClientApplicationPublisherIds"] = $PSBoundParameters["ClientApplicationPublisherIds"] + } + if($null -ne $PSBoundParameters["ClientApplicationIds"]) + { + $params["ClientApplicationIds"] = $PSBoundParameters["ClientApplicationIds"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + if("$conditionalSet" -eq "includes"){ + $response = New-MgPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = New-MgPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..2b446ffef6 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraPermissionGrantPolicy.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraPolicy.ps1 new file mode 100644 index 0000000000..26c107e31b --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraPolicy.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = 'NewPolicy')] + param ( + [Parameter(ParameterSetName = "NewPolicy", Mandatory = $true)] + [System.Collections.Generic.List`1[System.String]] $Definition, + [Parameter(ParameterSetName = "NewPolicy", Mandatory = $true)] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "NewPolicy", Mandatory = $true)] + [System.String] $Type, + [Parameter(ParameterSetName = "NewPolicy")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "NewPolicy")] + [System.Nullable`1[System.Boolean]] $IsOrganizationDefault, + [Parameter(ParameterSetName = "NewPolicy")] + [System.String] $AlternativeIdentifier + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Type"] = $Type + $respType = $null + + if($params.type -eq "activityBasedTimeoutPolicy" ) { + $params.type = "activityBasedTimeoutPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphActivityBasedTimeoutPolicy + } + elseif ($params.type -eq "ApplicationManagementPolicy") { + $params.type = "appManagementPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphAppManagementPolicy + } + elseif ($params.type -eq "claimsMappingPolicies") { + $params.type = "claimsMappingPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphClaimsMappingPolicy + } + elseif ($params.type -eq "featureRolloutPolicy") { + $params.type = "featureRolloutPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy + } + elseif ($params.type -eq "HomeRealmDiscoveryPolicy") { + $params.type = "homeRealmDiscoveryPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphHomeRealmDiscoveryPolicy + } + elseif ($params.type -eq "tokenIssuancePolicy") { + $params.type = "tokenIssuancePolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphTokenIssuancePolicy + } + elseif ($params.type -eq "tokenLifetimePolicy") { + $params.type = "tokenLifetimePolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphTokenLifetimePolicy + } + elseif ($params.type -eq "permissionGrantPolicy") { + $params.type = "permissionGrantPolicies" + $respType = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPermissionGrantPolicy + } + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/" + $params.type + $Definition =$PSBoundParameters["Definition"] + $DisplayName=$PSBoundParameters["DisplayName"] + $AlternativeIdentifier = $PSBoundParameters["AlternativeIdentifier"] + $KeyCredentials = $PSBoundParameters["KeyCredentials"] + $IsOrganizationDefault =$PSBoundParameters["IsOrganizationDefault"] + $params["Method"] = "POST" + + $body = @{ + Definition = $Definition + DisplayName = $DisplayName + IsOrganizationDefault = $IsOrganizationDefault + AlternativeIdentifier =$AlternativeIdentifier + KeyCredentials = $KeyCredentials + Type = $Type + } + $body = $body | ConvertTo-Json + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.uri -Method $params.method -Body $body | ConvertTo-Json | ConvertFrom-Json + + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + + $respType + + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/New-EntraTrustedCertificateAuthority.ps1 b/module/Entra/Microsoft.Entra/SignIns/New-EntraTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..cbbd1d4589 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/New-EntraTrustedCertificateAuthority.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/v1.0/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $newCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previousCerts = @() + Get-EntraTrustedCertificateAuthority | ForEach-Object { + $previousCerts += $_ + if(($_.TrustedIssuer -eq $newCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $newCert.TrustedIssuerSki)){ + Throw [System.Management.Automation.PSArgumentException] "A certificate already exists on the server with associated trustedIssuer and trustedIssuerSki fields." + } + } + $previousCerts += $newCert + $body = @{ + certificateAuthorities = @() + } + $previousCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders + $customObject = [PSCustomObject]@{ + "@odata.context" = $response["@odata.context"] + certificateAuthorities = @{ + AuthorityType = if ($response.certificateAuthorities.isRootAuthority) { "RootAuthority" } else { "" } + CrlDistributionPoint = $response.certificateAuthorities.certificateRevocationListUrl + DeltaCrlDistributionPoint = $response.certificateAuthorities.deltaCertificateRevocationListUrl + TrustedCertificate = [Convert]::FromBase64String($response.certificateAuthorities.certificate) + TrustedIssuer = $response.certificateAuthorities.issuer + TrustedIssuerSki = $response.certificateAuthorities.issuerSki + } + Id = $response.id + } + $customObject = $customObject | ConvertTo-Json -depth 5 | ConvertFrom-Json + $certificateList = @() + foreach ($certAuthority in $customObject) { + $certificateType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $certAuthority.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + Add-Member -InputObject $certificateType -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraConditionalAccessPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..b97615367b --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraConditionalAccessPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..186f7cade4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicy.ps1 @@ -0,0 +1,27 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/$Id" + $params["Method"] = "DELETE" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 new file mode 100644 index 0000000000..4a791d5238 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraFeatureRolloutPolicyDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $params["Uri"] = 'https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/{0}/appliesTo/{1}/$ref' -f $Id,$ObjectId + $params["Method"] = "DELETE" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraIdentityProvider.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraIdentityProvider.ps1 new file mode 100644 index 0000000000..28fb095e5e --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraIdentityProvider.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraIdentityProvider { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraNamedLocationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..b96e02746b --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraNamedLocationPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraOAuth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..4e943dcd54 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraOAuth2PermissionGrant.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["OAuth2PermissionGrantId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantConditionSet.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..0be4f3aeba --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantConditionSet.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + if("$conditionalSet" -eq "includes"){ + $response = Remove-MgPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Remove-MgPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..eb36b7399e --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPermissionGrantPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPolicy.ps1 new file mode 100644 index 0000000000..23a142077c --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraPolicy.ps1 @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $policyTypes = "activityBasedTimeoutPolicies", "defaultAppManagementPolicy", "appManagementPolicies", "authenticationFlowsPolicy", "authenticationMethodsPolicy", "claimsMappingPolicies", "featureRolloutPolicies", "homeRealmDiscoveryPolicies", "permissionGrantPolicies", "tokenIssuancePolicies", "tokenLifetimePolicies" + + foreach ($policyType in $policyTypes) { + $uri = "https://graph.microsoft.com/v1.0/policies/" + $policyType + "/" + $id + try { + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET + break + } + catch {} + } + $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + + $policyType = $Matches[1] + + Write-Debug("============================ Matches ============================") + + Write-Debug($Matches[1]) + + if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $policyType )) { + $URI = "https://graph.microsoft.com/v1.0/policies/" + $policyType + "/" + $id + } + $Method = "DELETE" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + + diff --git a/module/Entra/Microsoft.Entra/SignIns/Remove-EntraTrustedCertificateAuthority.ps1 b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..08ab2a2558 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Remove-EntraTrustedCertificateAuthority.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/v1.0/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $certNotFound = $true + $modifiedCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previousCerts = @() + Get-EntraTrustedCertificateAuthority | ForEach-Object { + if(($_.TrustedIssuer -eq $modifiedCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $modifiedCert.TrustedIssuerSki)){ + $certNotFound = $false + } + else{ + $previousCerts += $_ + } + } + if($certNotFound){ + Throw [System.Management.Automation.PSArgumentException] "Provided certificate authority not found on the server. Please make sure you have provided the correct information in trustedIssuer and trustedIssuerSki fields." + } + $body = @{ + certificateAuthorities = @() + } + $previousCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $certificateList = @() + foreach ($data in $response) { + $certificateType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $certificateType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraAuthorizationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraAuthorizationPolicy.ps1 new file mode 100644 index 0000000000..d7859bd11f --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraAuthorizationPolicy.ps1 @@ -0,0 +1,134 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraAuthorizationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowEmailVerifiedUsersToJoinOrganization, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions] $DefaultUserRolePermissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowedToSignUpEmailBasedSubscriptions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $BlockMsolPowerShell, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowedToUseSSPR, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AllowEmailVerifiedUsersToJoinOrganization"]) + { + $params["AllowEmailVerifiedUsersToJoinOrganization"] = $PSBoundParameters["AllowEmailVerifiedUsersToJoinOrganization"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["DefaultUserRolePermissions"]) + { + $TmpValue = $PSBoundParameters["DefaultUserRolePermissions"] + $hash = @{} + $hash["AllowedToCreateApps"] = $TmpValue.AllowedToCreateApps + $hash["AllowedToCreateSecurityGroups"] = $TmpValue.AllowedToCreateSecurityGroups + $hash["AllowedToReadOtherUsers"] = $TmpValue.AllowedToReadOtherUsers + $hash["PermissionGrantPoliciesAssigned"] = $TmpValue.PermissionGrantPoliciesAssigned + + $Value = $hash + $params["DefaultUserRolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["AllowedToSignUpEmailBasedSubscriptions"]) + { + $params["AllowedToSignUpEmailBasedSubscriptions"] = $PSBoundParameters["AllowedToSignUpEmailBasedSubscriptions"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["BlockMsolPowerShell"]) + { + $params["BlockMsolPowerShell"] = $PSBoundParameters["BlockMsolPowerShell"] + } + if ($null -ne $PSBoundParameters["AllowedToUseSSPR"]) + { + $params["AllowedToUseSSPR"] = $PSBoundParameters["AllowedToUseSSPR"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgPolicyAuthorizationPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraConditionalAccessPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..5dd4da2d99 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraConditionalAccessPolicy.ps1 @@ -0,0 +1,197 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls] $GrantControls, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls] $SessionControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet] $Conditions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["GrantControls"]) + { + $TmpValue = $PSBoundParameters["GrantControls"] + $hash = @{} + if($TmpValue._Operator) { $hash["Operator"] = $TmpValue._Operator } + if($TmpValue.BuiltInControls) { $hash["BuiltInControls"] = $TmpValue.BuiltInControls } + if($TmpValue.CustomAuthenticationFactors) { $hash["CustomAuthenticationFactors"] = $TmpValue.CustomAuthenticationFactors } + if($TmpValue.TermsOfUse) { $hash["TermsOfUse"] = $TmpValue.TermsOfUse } + $Value = $hash + $params["GrantControls"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["SessionControls"]) + { + $TmpValue = $PSBoundParameters["SessionControls"] + if($TmpValue.ApplicationEnforcedRestrictions){ + $ApplicationEnforcedRestrictions = @{} + $ApplicationEnforcedRestrictions["IsEnabled"] = $TmpValue.ApplicationEnforcedRestrictions.IsEnabled + } + if($TmpValue.CloudAppSecurity){ + $CloudAppSecurity = @{} + $CloudAppSecurity["IsEnabled"] = $TmpValue.CloudAppSecurity.IsEnabled + $CloudAppSecurity["CloudAppSecurityType"] = $TmpValue.CloudAppSecurity.CloudAppSecurityType + } + if($TmpValue.PersistentBrowser){ + $PersistentBrowser = @{} + $PersistentBrowser["IsEnabled"] = $TmpValue.PersistentBrowser.IsEnabled + $PersistentBrowser["Mode"] = $TmpValue.PersistentBrowser.Mode + } + if($TmpValue.SignInFrequency){ + $SignInFrequency = @{} + $SignInFrequency["IsEnabled"] = $TmpValue.SignInFrequency.IsEnabled + $SignInFrequency["Type"] = $TmpValue.SignInFrequency.Type + $SignInFrequency["Value"] = $TmpValue.SignInFrequency.Value + } + + $hash = @{} + if($TmpValue.ApplicationEnforcedRestrictions) { $hash["ApplicationEnforcedRestrictions"] = $ApplicationEnforcedRestrictions } + if($TmpValue.CloudAppSecurity) { $hash["CloudAppSecurity"] = $CloudAppSecurity } + if($TmpValue.SignInFrequency) { $hash["SignInFrequency"] = $SignInFrequency } + if($TmpValue.PersistentBrowser) { $hash["PersistentBrowser"] = $PersistentBrowser } + $Value = $hash + $params["SessionControls"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Conditions"]) + { + $TmpValue = $PSBoundParameters["Conditions"] + if($TmpValue.Applications){ + $Applications=@{} + $Applications["IncludeApplications"] = $TmpValue.Applications.IncludeApplications + $Applications["ExcludeApplications"] = $TmpValue.Applications.ExcludeApplications + $Applications["IncludeUserActions"] = $TmpValue.Applications.IncludeUserActions + $Applications["IncludeProtectionLevels"] = $TmpValue.Applications.IncludeProtectionLevels + } + if($TmpValue.Locations){ + $Locations = @{} + $Locations["IncludeLocations"] = $TmpValue.Locations.IncludeLocations + $Locations["ExcludeLocations"] = $TmpValue.Locations.ExcludeLocations + } + if($TmpValue.Platforms){ + $Platforms = @{} + $Platforms["IncludePlatforms"] = $TmpValue.Platforms.IncludePlatforms + $Platforms["ExcludePlatforms"] = $TmpValue.Platforms.ExcludePlatforms + } + if($TmpValue.Users){ + $Users = @{} + $Users["IncludeUsers"] = $TmpValue.Users.IncludeUsers + $Users["ExcludeUsers"] = $TmpValue.Users.ExcludeUsers + $Users["IncludeGroups"] = $TmpValue.Users.IncludeGroups + $Users["ExcludeGroups"] = $TmpValue.Users.ExcludeGroups + $Users["IncludeRoles"] = $TmpValue.Users.IncludeRoles + $Users["ExcludeRoles"] = $TmpValue.Users.ExcludeRoles + } + + $hash = @{} + if($TmpValue.Applications) {$hash["Applications"] = $Applications } + if($TmpValue.ClientAppTypes) { $hash["ClientAppTypes"] = $TmpValue.ClientAppTypes } + if($TmpValue.Locations) { $hash["Locations"] = $Locations } + if($TmpValue.Platforms) { $hash["Platforms"] = $Platforms } + if($TmpValue.SignInRiskLevels) { $hash["SignInRiskLevels"] = $TmpValue.SignInRiskLevels } + if($TmpValue.Users) { $hash["Users"] = $Users } + $Value = $hash + $params["Conditions"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraFeatureRolloutPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..6c260f26e1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraFeatureRolloutPolicy.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAppliedToOrganization, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Feature, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject]] $AppliesTo + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $body = @{} + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/$Id" + $params["Method"] = "PATCH" + + if ($null -ne $PSBoundParameters["Description"]) { + $body["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["IsAppliedToOrganization"]) { + $body["IsAppliedToOrganization"] = $PSBoundParameters["IsAppliedToOrganization"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["Feature"]) { + $body["Feature"] = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) { + $body["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["AppliesTo"]) { + $body["AppliesTo"] = $PSBoundParameters["AppliesTo"] + } + + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraIdentityProvider.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraIdentityProvider.ps1 new file mode 100644 index 0000000000..93c2ca0ada --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraIdentityProvider.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ClientId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Type, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ClientSecret, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if($null -ne $PSBoundParameters["Type"]) + { + $body["identityProviderType"] = $PSBoundParameters["Type"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["displayName"] = $PSBoundParameters["Name"] + } + if($null -ne $PSBoundParameters["ClientId"]) + { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if($null -ne $PSBoundParameters["ClientSecret"]) + { + $body["clientSecret"] = $PSBoundParameters["ClientSecret"] + } + $body["@odata.type"] = "#microsoft.graph.socialIdentityProvider" + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraNamedLocationPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..35a9f59aec --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraNamedLocationPolicy.ps1 @@ -0,0 +1,135 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IncludeUnknownCountriesAndRegions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion]] $CountriesAndRegions, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange]] $IpRanges, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsTrusted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $OdataType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["IncludeUnknownCountriesAndRegions"]) + { + $body["IncludeUnknownCountriesAndRegions"] = $PSBoundParameters["IncludeUnknownCountriesAndRegions"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $body["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["IsTrusted"]) + { + $body["IsTrusted"] = $PSBoundParameters["IsTrusted"] + } + if($null -ne $PSBoundParameters["OdataType"]) + { + $body["@odata.type"] = $PSBoundParameters["OdataType"] + } + if($null -ne $PSBoundParameters["CountriesAndRegions"]) + { + $body["CountriesAndRegions"] = $PSBoundParameters["CountriesAndRegions"] + } + if($null -ne $PSBoundParameters["IpRanges"]) + { + $Tmp = $PSBoundParameters["IpRanges"] + $hash =@() + foreach($i in $Tmp){ + $hash += @{cidrAddress=$i.CidrAddress} + } + $body["IpRanges"] = $hash + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantConditionSet.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..127e66d38b --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantConditionSet.ps1 @@ -0,0 +1,155 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Set-EntraPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ClientApplicationsFromVerifiedPublisherOnly, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionType, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationTenantIds, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationPublisherIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Permissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResourceApplication, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionClassification + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ClientApplicationTenantIds"]) + { + $params["ClientApplicationTenantIds"] = $PSBoundParameters["ClientApplicationTenantIds"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"]) + { + $params["ClientApplicationsFromVerifiedPublisherOnly"] = $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"] + } + if($null -ne $PSBoundParameters["ClientApplicationPublisherIds"]) + { + $params["ClientApplicationPublisherIds"] = $PSBoundParameters["ClientApplicationPublisherIds"] + } + if($null -ne $PSBoundParameters["PermissionType"]) + { + $params["PermissionType"] = $PSBoundParameters["PermissionType"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["Permissions"]) + { + $params["Permissions"] = $PSBoundParameters["Permissions"] + } + if($null -ne $PSBoundParameters["ClientApplicationIds"]) + { + $params["ClientApplicationIds"] = $PSBoundParameters["ClientApplicationIds"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["ResourceApplication"]) + { + $params["ResourceApplication"] = $PSBoundParameters["ResourceApplication"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["PermissionClassification"]) + { + $params["PermissionClassification"] = $PSBoundParameters["PermissionClassification"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if("$conditionalSet" -eq "includes"){ + $response = Update-MgPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Update-MgPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..e50ff2081b --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPermissionGrantPolicy.ps1 @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Set-EntraPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraPolicy.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPolicy.ps1 new file mode 100644 index 0000000000..a242080201 --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraPolicy.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Set-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AlternativeIdentifier, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Definition, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Type, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsOrganizationDefault + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + $policyTypeMap = @{ + "ActivityBasedTimeoutPolicy" = "activityBasedTimeoutPolicies" + "ApplicationManagementPolicy" = "appManagementPolicies" + "DefaultAppManagementPolicy" = "defaultAppManagementPolicy" + "AuthenticationFlowsPolicy" = "authenticationFlowsPolicy" + "AuthenticationMethodsPolicy" = "authenticationMethodsPolicy" + "ClaimsMappingPolicy" = "claimsMappingPolicies" + "FeatureRolloutPolicy" = "featureRolloutPolicies" + "HomeRealmDiscoveryPolicy" = "homeRealmDiscoveryPolicies" + "PermissionGrantPolicy" = "permissionGrantPolicies" + "TokenIssuancePolicy" = "tokenIssuancePolicies" + "TokenLifetimePolicy" = "tokenLifetimePolicies" + } + + $policyTypes = $policyTypeMap.Values + + if ($null -ne $PSBoundParameters["type"]) { + $type = if ($policyTypeMap.ContainsKey($type)) { $policyTypeMap[$type] } else { + Write-Error "Set-EntraBetADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + return; + } + } else { + $type = $null + } + + if(!$type) { + foreach ($pType in $policyTypes) { + $uri = "https://graph.microsoft.com/v1.0/policies/" + $pType + "/" + $id + try { + $response = Invoke-GraphRequest -Uri $uri -Method GET + break + } + catch {} + } + $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + $type = $Matches[1] + } + + if($policyTypes -notcontains $type) { + Write-Error "Set-AzureADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + } + else { + if ($null -ne $PSBoundParameters["Definition"]) { + $params["Definition"] = $PSBoundParameters["Definition"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["Definition"]) { + $params["Definition"] = $PSBoundParameters["Definition"] + } + if ($null -ne $PSBoundParameters["IsOrganizationDefault"]) { + $params["IsOrganizationDefault"] = $PSBoundParameters["IsOrganizationDefault"] + } + if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $type )) { + $URI = "https://graph.microsoft.com/v1.0/policies/" + $type + "/" + $id + } + + $Method = "PATCH" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $body = $params | ConvertTo-Json + Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Body $body -Method $Method + + } + + } +} \ No newline at end of file diff --git a/module/Entra/Microsoft.Entra/SignIns/Set-EntraTrustedCertificateAuthority.ps1 b/module/Entra/Microsoft.Entra/SignIns/Set-EntraTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..2bb7c9dd7c --- /dev/null +++ b/module/Entra/Microsoft.Entra/SignIns/Set-EntraTrustedCertificateAuthority.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/v1.0/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $certNotFound = $true + $modifiedCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previusCerts = @() + Get-EntraTrustedCertificateAuthority | ForEach-Object { + if(($_.TrustedIssuer -eq $modifiedCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $modifiedCert.TrustedIssuerSki)){ + $previusCerts += $modifiedCert + $certNotFound = $false + } + else{ + $previusCerts += $_ + } + } + if($certNotFound){ + Throw [System.Management.Automation.PSArgumentException] "Provided certificate authority not found on the server. Please make sure you have provided the correct information in trustedIssuer and trustedIssuerSki fields." + } + $body = @{ + certificateAuthorities = @() + } + $previusCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders + $customObject = [PSCustomObject]@{ + "@odata.context" = $response["@odata.context"] + certificateAuthorities = @{ + AuthorityType = if ($response.certificateAuthorities.isRootAuthority) { "RootAuthority" } else { "" } + CrlDistributionPoint = $response.certificateAuthorities.certificateRevocationListUrl + DeltaCrlDistributionPoint = $response.certificateAuthorities.deltaCertificateRevocationListUrl + TrustedCertificate = [Convert]::FromBase64String($response.certificateAuthorities.certificate) + TrustedIssuer = $response.certificateAuthorities.issuer + TrustedIssuerSki = $response.certificateAuthorities.issuerSki + } + Id = $response.id + } + $customObject = $customObject | ConvertTo-Json -depth 5 | ConvertFrom-Json + $certificateList = @() + foreach ($certAuthority in $customObject) { + $certificateType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $certAuthority.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + Add-Member -InputObject $certificateType -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/Entra/Microsoft.Entra/UnMappedAliases.psd1 b/module/Entra/Microsoft.Entra/UnMappedAliases.psd1 new file mode 100644 index 0000000000..4ebcdbf908 --- /dev/null +++ b/module/Entra/Microsoft.Entra/UnMappedAliases.psd1 @@ -0,0 +1 @@ + Set-Alias -Name New-AzureADMSInvitation -Value New-EntraInvitation -Scope Global -Force diff --git a/module/Entra/Microsoft.Entra/Users/Enable-EntraAzureADAliases.ps1 b/module/Entra/Microsoft.Entra/Users/Enable-EntraAzureADAliases.ps1 new file mode 100644 index 0000000000..8c07562888 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Enable-EntraAzureADAliases.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAliases { + Set-Alias -Name Get-AzureADUserOwnedDevice -Value Get-EntraUserOwnedDevice -Scope Global -Force + Set-Alias -Name Remove-AzureADUserManager -Value Remove-EntraUserManager -Scope Global -Force + Set-Alias -Name Remove-AzureADUserExtension -Value Remove-EntraUserExtension -Scope Global -Force + Set-Alias -Name Remove-AzureADUserAppRoleAssignment -Value Remove-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADUserAppRoleAssignment -Value Get-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADUser -Value Set-EntraUser -Scope Global -Force + Set-Alias -Name Set-AzureADUserPassword -Value Set-EntraUserPassword -Scope Global -Force + Set-Alias -Name Get-AzureADUser -Value Get-EntraUser -Scope Global -Force + Set-Alias -Name Get-AzureADUserLicenseDetail -Value Get-EntraUserLicenseDetail -Scope Global -Force + Set-Alias -Name Set-AzureADUserExtension -Value Set-EntraUserExtension -Scope Global -Force + Set-Alias -Name New-AzureADUserAppRoleAssignment -Value New-EntraUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Set-AzureADUserLicense -Value Set-EntraUserLicense -Scope Global -Force + Set-Alias -Name Get-AzureADUserThumbnailPhoto -Value Get-EntraUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name Get-AzureADUserMembership -Value Get-EntraUserMembership -Scope Global -Force + Set-Alias -Name Set-AzureADUserManager -Value Set-EntraUserManager -Scope Global -Force + Set-Alias -Name Get-AzureADUserCreatedObject -Value Get-EntraUserCreatedObject -Scope Global -Force + Set-Alias -Name Get-AzureADUserOwnedObject -Value Get-EntraUserOwnedObject -Scope Global -Force + Set-Alias -Name Get-AzureADUserManager -Value Get-EntraUserManager -Scope Global -Force + Set-Alias -Name Get-AzureADUserExtension -Value Get-EntraUserExtension -Scope Global -Force + Set-Alias -Name Set-AzureADUserThumbnailPhoto -Value Set-EntraUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name Remove-AzureADUser -Value Remove-EntraUser -Scope Global -Force + Set-Alias -Name Update-AzureADSignedInUserPassword -Value Update-EntraSignedInUserPassword -Scope Global -Force + Set-Alias -Name Get-AzureADUserRegisteredDevice -Value Get-EntraUserRegisteredDevice -Scope Global -Force + Set-Alias -Name Get-AzureADUserOAuth2PermissionGrant -Value Get-EntraUserOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADUserDirectReport -Value Get-EntraUserDirectReport -Scope Global -Force + Set-Alias -Name New-AzureADUser -Value New-EntraUser -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSScopedRoleMembership -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADMSAdministrativeUnitMember -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + +} diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUnsupportedCommand.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUser.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUser.ps1 new file mode 100644 index 0000000000..5fdeb777b5 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUser.ps1 @@ -0,0 +1,132 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUser { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias("ObjectId")] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $upnPresent = $false + $baseUri = 'https://graph.microsoft.com/v1.0/users' + $properties = '$select=Id,AccountEnabled,AgeGroup,OfficeLocation,AssignedLicenses,AssignedPlans,City,CompanyName,ConsentProvidedForMinor,Country,CreationType,Department,DisplayName,GivenName,OnPremisesImmutableId,JobTitle,LegalAgeGroupClassification,Mail,MailNickName,MobilePhone,OnPremisesSecurityIdentifier,OtherMails,PasswordPolicies,PasswordProfile,PostalCode,PreferredLanguage,ProvisionedPlans,OnPremisesProvisioningErrors,ProxyAddresses,RefreshTokensValidFromDateTime,ShowInAddressList,State,StreetAddress,Surname,BusinessPhones,UsageLocation,UserPrincipalName,ExternalUserState,ExternalUserStateChangeDateTime,UserType,OnPremisesLastSyncDateTime,ImAddresses,SecurityIdentifier,OnPremisesUserPrincipalName,ServiceProvisioningErrors,IsResourceAccount,OnPremisesExtensionAttributes,DeletedDateTime,OnPremisesSyncEnabled,EmployeeType,EmployeeHireDate,CreatedDateTime,EmployeeOrgData,preferredDataLocation,Identities,onPremisesSamAccountName,EmployeeId,EmployeeLeaveDateTime,AuthorizationInfo,FaxNumber,OnPremisesDistinguishedName,OnPremisesDomainName,IsLicenseReconciliationNeeded,signInSessionsValidFromDateTime' + $params["Method"] = "GET" + $params["Uri"] = "$baseUri/?$properties" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $params["Uri"] = "$baseUri/?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $params["Uri"] += "&`$top=999" + } + else{ + $params["Uri"] += "&`$top=$topCount" + } + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $SearchString = "`$search=`"userprincipalname:$TmpValue`" OR `"state:$TmpValue`" OR `"mailNickName:$TmpValue`" OR `"mail:$TmpValue`" OR `"jobTitle:$TmpValue`" OR `"displayName:$TmpValue`" OR `"department:$TmpValue`" OR `"country:$TmpValue`" OR `"city:$TmpValue`"" + $params["Uri"] += "&$SearchString" + $customHeaders['ConsistencyLevel'] = 'eventual' + } + if($null -ne $PSBoundParameters["UserId"]) + { + $UserId = $PSBoundParameters["UserId"] + if ($UserId -match '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'){ + $f = '$' + 'Filter' + $Filter = "UserPrincipalName eq '$UserId'" + $params["Uri"] += "&$f=$Filter" + $upnPresent = $true + } + else{ + $params["Uri"] = "$baseUri/$($UserId)?$properties" + } + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$' + 'Filter' + $params["Uri"] += "&$f=$Filter" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + if ($upnPresent -and ($null -eq $response.value -or $response.value.Count -eq 0)) + { + Write-Error "Resource '$UserId' does not exist or one of its queried reference-property objects are not present. + Status: 404 (NotFound) + ErrorCode: Request_ResourceNotFound" + } + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + } + } + if($data){ + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..62e109ae37 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserCreatedObject.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserCreatedObject.ps1 new file mode 100644 index 0000000000..947fa53659 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserCreatedObject.ps1 @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserCreatedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserCreatedObject @params -Headers $customHeaders + $properties = @{ + ObjectId = "Id" + DeletionTimestamp = "deletedDateTime" + AppOwnerTenantId = "appOwnerOrganizationId" + } + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + foreach ($prop in $properties.GetEnumerator()) { + $propertyName = $prop.Name + $propertyValue = $prop.Value + if ($_.PSObject.Properties.Match($propertyName)) { + $_ | Add-Member -MemberType AliasProperty -Name $propertyName -Value $propertyValue + } + } + $propsToConvert = @('keyCredentials','passwordCredentials','requiredResourceAccess') + foreach ($prop in $propsToConvert) { + try { + if($_.PSObject.Properties.Match($prop)) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserDirectReport.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserDirectReport.ps1 new file mode 100644 index 0000000000..19a459cb87 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserDirectReport.ps1 @@ -0,0 +1,79 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserDirectReport { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/users' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + $URI = "$baseUri/$($params.UserId)/directReports?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.UserId)/directReports?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.UserId)/directReports?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserExtension.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserExtension.ps1 new file mode 100644 index 0000000000..7705eea62a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserExtension.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "https://graph.microsoft.com/v1.0/users/$UserId" + $properties = '$select=Identities,OnPremisesDistinguishedName,EmployeeId,CreatedDateTime' + $params["Uri"] = "$baseUri/?$properties" + + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $params["Uri"] = "$baseUri/?$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $data = Invoke-GraphRequest -Uri $($params.Uri) -Method GET -Headers $customHeaders | Convertto-json | convertfrom-json + $data | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name userIdentities -Value identities + } + } + $data + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserLicenseDetail.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserLicenseDetail.ps1 new file mode 100644 index 0000000000..c6d9c47a7f --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserLicenseDetail.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserLicenseDetail { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserLicenseDetail @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserManager.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserManager.ps1 new file mode 100644 index 0000000000..294dad008d --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserManager.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $Method = "GET" + $keysChanged = @{UserId = "Id"} + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + $URI = "https://graph.microsoft.com/v1.0/users/$($params.UserId)/manager?`$select=*" + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $URI = "https://graph.microsoft.com/v1.0/users/$($params.UserId)/manager?$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -ErrorAction Stop + try { + $response = $response | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } + catch {} + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserMembership.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserMembership.ps1 new file mode 100644 index 0000000000..14bf77e18a --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserOAuth2PermissionGrant.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..4d2caee0d5 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOAuth2PermissionGrant.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedDevice.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedDevice.ps1 new file mode 100644 index 0000000000..9ec992cf4c --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedDevice.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserOwnedDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserOwnedDevice @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('AdditionalProperties') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedObject.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedObject.ps1 new file mode 100644 index 0000000000..7fb3557c97 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserOwnedObject.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserOwnedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserId"]) { + $params["UserId"] = $PSBoundParameters["UserId"] + } + $URI = "/v1.0/users/$($params.UserId)/ownedObjects" + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $URI = "/v1.0/users/$($params.UserId)/ownedObjects?$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $Method = "GET" + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value; + + $Top = $null + if ($PSBoundParameters.ContainsKey("Top")) { + $Top = $PSBoundParameters["Top"] + } + + if($null -ne $Top){ + $userList = @() + $response | ForEach-Object { + if ($null -ne $_ -and $Top -gt 0) { + $data = $_ | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + $Top = $Top - 1 + } + } + $userList + } + else { + $userList = @() + $response | ForEach-Object { + if ($null -ne $_) { + $data = $_ | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + } + $userList + } + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserRegisteredDevice.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserRegisteredDevice.ps1 new file mode 100644 index 0000000000..0db77c7798 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserRegisteredDevice.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserRegisteredDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserRegisteredDevice @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('AdditionalProperties') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserSponsor.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserSponsor.ps1 new file mode 100644 index 0000000000..c0686119f9 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserSponsor.ps1 @@ -0,0 +1,87 @@ +function Get-EntraUserSponsor { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $Method = "GET" + $baseUri = 'https://graph.microsoft.com/v1.0/users' + $properties = '$select=*' + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + $URI = "$baseUri/$($params.UserId)/sponsors?$properties" + } + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.UserId)/sponsors?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.UserId)/sponsors?`$top=$topCount&$properties" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $directoryObjectList = @() + $all = $All.IsPresent + $increment = $topCount - $data.Count + + while ($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0)) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + + foreach ($item in $data) { + if ($null -ne $item) { + # Determine the type based on @odata.type + switch ($item.'@odata.type') { + '#microsoft.graph.user' { + $directoryObject = [Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser]::new() + } + '#microsoft.graph.group' { + $directoryObject = [Microsoft.Graph.PowerShell.Models.MicrosoftGraphGroup]::new() + } + default { + Write-Warning "Unknown type: $($item.'@odata.type')" + continue + } + } + $item.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $directoryObject | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $directoryObjectList += $directoryObject + } + } + $directoryObjectList + } +} diff --git a/module/Entra/Microsoft.Entra/Users/Get-EntraUserThumbnailPhoto.ps1 b/module/Entra/Microsoft.Entra/Users/Get-EntraUserThumbnailPhoto.ps1 new file mode 100644 index 0000000000..db0c35ade5 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Get-EntraUserThumbnailPhoto.ps1 @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUserThumbnailPhoto { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FileName, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $View, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["FileName"]) + { + $params["FileName"] = $PSBoundParameters["FileName"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["FilePath"]) + { + $params["FilePath"] = $PSBoundParameters["FilePath"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["View"]) + { + $params["View"] = $PSBoundParameters["View"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgUserPhoto @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/New-EntraCustomHeaders.ps1 b/module/Entra/Microsoft.Entra/Users/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..1e1e56600b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Entra.Users | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/Microsoft.Entra/Users/New-EntraUser.ps1 b/module/Entra/Microsoft.Entra/Users/New-EntraUser.ps1 new file mode 100644 index 0000000000..b1352d1342 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/New-EntraUser.ps1 @@ -0,0 +1,287 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraUser { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $FacsimileTelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredLanguage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $StreetAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreationType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ImmutableId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CompanyName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PostalCode, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ConsentProvidedForMinor, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Department, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Mobile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserStateChangedOn, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GivenName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Country, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PasswordPolicies, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.AzureAD.Model.PasswordProfile] $PasswordProfile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $JobTitle, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $City, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UsageLocation, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Surname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OtherMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserPrincipalName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionProperty, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompromised, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PhysicalDeliveryOfficeName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AgeGroup, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ShowInAddressList, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]] $SignInNames + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["PostalCode"]) + { + $params["PostalCode"] = $PSBoundParameters["PostalCode"] + } + if($null -ne $PSBoundParameters["MailNickName"]) + { + $params["MailNickName"] = $PSBoundParameters["MailNickName"] + } + if($null -ne $PSBoundParameters["ShowInAddressList"]) + { + $params["ShowInAddressList"] = $PSBoundParameters["ShowInAddressList"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["Mobile"]) + { + $params["MobilePhone"] = $PSBoundParameters["Mobile"] + } + if($null -ne $PSBoundParameters["JobTitle"]) + { + $params["JobTitle"] = $PSBoundParameters["JobTitle"] + } + if($null -ne $PSBoundParameters["ConsentProvidedForMinor"]) + { + $params["ConsentProvidedForMinor"] = $PSBoundParameters["ConsentProvidedForMinor"] + } + if($null -ne $PSBoundParameters["PhysicalDeliveryOfficeName"]) + { + $params["PhysicalDeliveryOfficeName"] = $PSBoundParameters["PhysicalDeliveryOfficeName"] + } + if($null -ne $PSBoundParameters["OtherMails"]) + { + $params["OtherMails"] = $PSBoundParameters["OtherMails"] + } + if($null -ne $PSBoundParameters["PasswordPolicies"]) + { + $params["PasswordPolicies"] = $PSBoundParameters["PasswordPolicies"] + } + if($null -ne $PSBoundParameters["IsCompromised"]) + { + $params["IsCompromised"] = $PSBoundParameters["IsCompromised"] + } + if($null -ne $PSBoundParameters["SignInNames"]) + { + $params["Identities"] = $PSBoundParameters["SignInNames"] + } + if($null -ne $PSBoundParameters["PreferredLanguage"]) + { + $params["PreferredLanguage"] = $PSBoundParameters["PreferredLanguage"] + } + if($null -ne $PSBoundParameters["UserState"]) + { + $params["ExternalUserState"] = $PSBoundParameters["UserState"] + } + if($null -ne $PSBoundParameters["ImmutableId"]) + { + $params["OnPremisesImmutableId"] = $PSBoundParameters["ImmutableId"] + } + if($null -ne $PSBoundParameters["City"]) + { + $params["City"] = $PSBoundParameters["City"] + } + if($null -ne $PSBoundParameters["AgeGroup"]) + { + $params["AgeGroup"] = $PSBoundParameters["AgeGroup"] + } + if($null -ne $PSBoundParameters["ExtensionProperty"]) + { + $params["ExtensionProperty"] = $PSBoundParameters["ExtensionProperty"] + } + if($null -ne $PSBoundParameters["UsageLocation"]) + { + $params["UsageLocation"] = $PSBoundParameters["UsageLocation"] + } + if($null -ne $PSBoundParameters["UserStateChangedOn"]) + { + $params["ExternalUserStateChangeDateTime"] = $PSBoundParameters["UserStateChangedOn"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["Country"]) + { + $params["Country"] = $PSBoundParameters["Country"] + } + if($null -ne $PSBoundParameters["UserPrincipalName"]) + { + $params["UserPrincipalName"] = $PSBoundParameters["UserPrincipalName"] + } + if($null -ne $PSBoundParameters["GivenName"]) + { + $params["GivenName"] = $PSBoundParameters["GivenName"] + } + if($null -ne $PSBoundParameters["PasswordProfile"]) + { + $TmpValue = $PSBoundParameters["PasswordProfile"] + $Value = @{ + forceChangePasswordNextSignIn = $TmpValue.ForceChangePasswordNextLogin + forceChangePasswordNextSignInWithMfa = $TmpValue.EnforceChangePasswordPolicy + password = $TmpValue.Password + } + $params["passwordProfile"] = $Value + } + if($null -ne $PSBoundParameters["UserType"]) + { + $params["UserType"] = $PSBoundParameters["UserType"] + } + if($null -ne $PSBoundParameters["StreetAddress"]) + { + $params["StreetAddress"] = $PSBoundParameters["StreetAddress"] + } + if($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if($null -ne $PSBoundParameters["Department"]) + { + $params["Department"] = $PSBoundParameters["Department"] + } + if($null -ne $PSBoundParameters["CompanyName"]) + { + $params["CompanyName"] = $PSBoundParameters["CompanyName"] + } + if($null -ne $PSBoundParameters["FacsimileTelephoneNumber"]) + { + $params["FacsimileTelephoneNumber"] = $PSBoundParameters["FacsimileTelephoneNumber"] + } + if($null -ne $PSBoundParameters["Surname"]) + { + $params["Surname"] = $PSBoundParameters["Surname"] + } + if($null -ne $PSBoundParameters["TelephoneNumber"]) + { + $params["BusinessPhones"] = @($PSBoundParameters["TelephoneNumber"]) + } + if($null -ne $PSBoundParameters["CreationType"]) + { + $params["CreationType"] = $PSBoundParameters["CreationType"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $params = $params | ConvertTo-Json + $response = Invoke-GraphRequest -Headers $customHeaders -Uri 'https://graph.microsoft.com/v1.0/users?$select=*' -Method POST -Body $params + $response = $response | ConvertTo-Json | ConvertFrom-Json + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + + $userData = [Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser]::new() + $_.PSObject.Properties | ForEach-Object { + $userData | Add-Member -MemberType NoteProperty -Name $_.Name -Value $_.Value -Force + } + } + } + $userData + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/New-EntraUserAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Users/New-EntraUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..8ea4936098 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/New-EntraUserAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AppRoleId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Remove-EntraUser.ps1 b/module/Entra/Microsoft.Entra/Users/Remove-EntraUser.ps1 new file mode 100644 index 0000000000..298dcdba69 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Remove-EntraUser.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgUser @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Remove-EntraUserAppRoleAssignment.ps1 b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..240609a7a2 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Remove-EntraUserExtension.ps1 b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserExtension.ps1 new file mode 100644 index 0000000000..54ae5da5f1 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserExtension.ps1 @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Collections.Generic.List`1[System.String]] $ExtensionNames, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionId, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ExtensionNames"]) + { + $params["ExtensionNames"] = $PSBoundParameters["ExtensionNames"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ExtensionId"]) + { + $params["ExtensionId"] = $PSBoundParameters["ExtensionId"] + } + if ($null -ne $PSBoundParameters["ExtensionName"]) + { + $params["ExtensionName"] = $PSBoundParameters["ExtensionName"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgUserExtension @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Remove-EntraUserManager.ps1 b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserManager.ps1 new file mode 100644 index 0000000000..ff49eec726 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Remove-EntraUserManager.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgUserManagerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUser.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUser.ps1 new file mode 100644 index 0000000000..2403117090 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUser.ps1 @@ -0,0 +1,329 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUser { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $FacsimileTelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredLanguage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $StreetAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreationType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ImmutableId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CompanyName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PostalCode, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ConsentProvidedForMinor, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Department, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Mobile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserStateChangedOn, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GivenName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Country, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PasswordPolicies, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.AzureAD.Model.PasswordProfile] $PasswordProfile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]] $SignInNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $JobTitle, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $City, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UsageLocation, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Surname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OtherMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserPrincipalName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionProperty, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PhysicalDeliveryOfficeName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AgeGroup, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ShowInAddressList, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompromised + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["FacsimileTelephoneNumber"]) + { + $params["FacsimileTelephoneNumber"] = $PSBoundParameters["FacsimileTelephoneNumber"] + } + if ($null -ne $PSBoundParameters["UserType"]) + { + $params["UserType"] = $PSBoundParameters["UserType"] + } + if ($null -ne $PSBoundParameters["PreferredLanguage"]) + { + $params["PreferredLanguage"] = $PSBoundParameters["PreferredLanguage"] + } + if ($null -ne $PSBoundParameters["StreetAddress"]) + { + $params["StreetAddress"] = $PSBoundParameters["StreetAddress"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["CreationType"]) + { + $params["CreationType"] = $PSBoundParameters["CreationType"] + } + if ($null -ne $PSBoundParameters["ImmutableId"]) + { + $params["OnPremisesImmutableId"] = $PSBoundParameters["ImmutableId"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["CompanyName"]) + { + $params["CompanyName"] = $PSBoundParameters["CompanyName"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["PostalCode"]) + { + $params["PostalCode"] = $PSBoundParameters["PostalCode"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["ConsentProvidedForMinor"]) + { + $params["ConsentProvidedForMinor"] = $PSBoundParameters["ConsentProvidedForMinor"] + } + if ($null -ne $PSBoundParameters["Department"]) + { + $params["Department"] = $PSBoundParameters["Department"] + } + if ($null -ne $PSBoundParameters["Mobile"]) + { + $params["MobilePhone"] = $PSBoundParameters["Mobile"] + } + if ($null -ne $PSBoundParameters["UserStateChangedOn"]) + { + $params["ExternalUserStateChangeDateTime"] = $PSBoundParameters["UserStateChangedOn"] + } + if ($null -ne $PSBoundParameters["GivenName"]) + { + $params["GivenName"] = $PSBoundParameters["GivenName"] + } + if ($null -ne $PSBoundParameters["Country"]) + { + $params["Country"] = $PSBoundParameters["Country"] + } + if ($null -ne $PSBoundParameters["PasswordPolicies"]) + { + $params["PasswordPolicies"] = $PSBoundParameters["PasswordPolicies"] + } + if($null -ne $PSBoundParameters["PasswordProfile"]) + { + $TmpValue = $PSBoundParameters["PasswordProfile"] + $Value = @{ + forceChangePasswordNextSignIn = $TmpValue.ForceChangePasswordNextLogin + forceChangePasswordNextSignInWithMfa = $TmpValue.EnforceChangePasswordPolicy + password = $TmpValue.Password + } + $params["PasswordProfile"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["SignInNames"]) + { + $params["Identities"] = $PSBoundParameters["SignInNames"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["MailNickName"]) + { + $params["MailNickName"] = $PSBoundParameters["MailNickName"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["JobTitle"]) + { + $params["JobTitle"] = $PSBoundParameters["JobTitle"] + } + if ($null -ne $PSBoundParameters["UserState"]) + { + $params["ExternalUserState"] = $PSBoundParameters["UserState"] + } + if ($null -ne $PSBoundParameters["City"]) + { + $params["City"] = $PSBoundParameters["City"] + } + if ($null -ne $PSBoundParameters["UsageLocation"]) + { + $params["UsageLocation"] = $PSBoundParameters["UsageLocation"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["Surname"]) + { + $params["Surname"] = $PSBoundParameters["Surname"] + } + if ($null -ne $PSBoundParameters["OtherMails"]) + { + $params["OtherMails"] = $PSBoundParameters["OtherMails"] + } + if ($null -ne $PSBoundParameters["UserPrincipalName"]) + { + $params["UserPrincipalName"] = $PSBoundParameters["UserPrincipalName"] + } + if ($null -ne $PSBoundParameters["ExtensionProperty"]) + { + $params["ExtensionProperty"] = $PSBoundParameters["ExtensionProperty"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["TelephoneNumber"]) + { + $params["BusinessPhones"] = $PSBoundParameters["TelephoneNumber"] + } + if ($null -ne $PSBoundParameters["PhysicalDeliveryOfficeName"]) + { + $params["PhysicalDeliveryOfficeName"] = $PSBoundParameters["PhysicalDeliveryOfficeName"] + } + if ($null -ne $PSBoundParameters["AgeGroup"]) + { + $params["AgeGroup"] = $PSBoundParameters["AgeGroup"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if ($null -ne $PSBoundParameters["ShowInAddressList"]) + { + $params["ShowInAddressList"] = $PSBoundParameters["ShowInAddressList"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["IsCompromised"]) + { + $params["IsCompromised"] = $PSBoundParameters["IsCompromised"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgUser @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUserExtension.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUserExtension.ps1 new file mode 100644 index 0000000000..f6f995957b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUserExtension.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionNameValues, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionValue, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionName + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["ExtensionNameValues"]) + { + $params["ExtensionNameValues"] = $PSBoundParameters["ExtensionNameValues"] + } + if ($null -ne $PSBoundParameters["ExtensionValue"]) + { + $params["ExtensionValue"] = $PSBoundParameters["ExtensionValue"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ExtensionName"]) + { + $params["ExtensionName"] = $PSBoundParameters["ExtensionName"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgUserExtension @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUserLicense.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUserLicense.ps1 new file mode 100644 index 0000000000..9d32524230 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUserLicense.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUserLicense { + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.AssignedLicenses] $AssignedLicenses + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + $UserId = $PSBoundParameters["UserId"] + } + $jsonBody = @{ + addLicenses = @(if ($PSBoundParameters.AssignedLicenses.AddLicenses) { + $PSBoundParameters.AssignedLicenses.AddLicenses | Select-Object @{Name='skuId'; Expression={$_.'skuId' -replace 's', 's'.ToLower()}} + } else { + @() + }) + removeLicenses = @(if ($PSBoundParameters.AssignedLicenses.RemoveLicenses) { + $PSBoundParameters.AssignedLicenses.RemoveLicenses + } else { + @() + }) + } | ConvertTo-Json + + $customHeaders['Content-Type'] = 'application/json' + + $graphApiEndpoint = "https://graph.microsoft.com/v1.0/users/$UserId/microsoft.graph.assignLicense" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $graphApiEndpoint -Method Post -Body $jsonBody + + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserId -Value Id + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUserManager.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUserManager.ps1 new file mode 100644 index 0000000000..86b967b230 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUserManager.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/users/$TmpValue"} + $params["BodyParameter"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgUserManagerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUserPassword.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUserPassword.ps1 new file mode 100644 index 0000000000..dd77afc676 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUserPassword.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUserPassword { + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $ForceChangePasswordNextLogin, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $Password, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $EnforceChangePasswordPolicy + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["UserId"]) + { + $userId = $PSBoundParameters["UserId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Password"]) + { + $Temp = $PSBoundParameters["Password"] + $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Temp) + $PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["ForceChangePasswordNextLogin"]) + { + $ForceChangePasswordNextSignIn = $PSBoundParameters["ForceChangePasswordNextLogin"] + } + if($null -ne $PSBoundParameters["EnforceChangePasswordPolicy"]) + { + $ForceChangePasswordNextSignInWithMfa = $PSBoundParameters["EnforceChangePasswordPolicy"] + } + + $PasswordProfile = @{} + if($null -ne $PSBoundParameters["ForceChangePasswordNextLogin"]) { $PasswordProfile["ForceChangePasswordNextSignIn"] = $ForceChangePasswordNextSignIn } + if($null -ne $PSBoundParameters["EnforceChangePasswordPolicy"]) { $PasswordProfile["ForceChangePasswordNextSignInWithMfa"] = $ForceChangePasswordNextSignInWithMfa } + if($null -ne $PSBoundParameters["Password"]) { $PasswordProfile["password"] = $PlainPassword } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgUser -Headers $customHeaders -UserId $userId -PasswordProfile $PasswordProfile @params + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Set-EntraUserThumbnailPhoto.ps1 b/module/Entra/Microsoft.Entra/Users/Set-EntraUserThumbnailPhoto.ps1 new file mode 100644 index 0000000000..3cec4265e4 --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Set-EntraUserThumbnailPhoto.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraUserThumbnailPhoto { + [CmdletBinding(DefaultParameterSetName = 'File')] + param ( + + [Parameter(ParameterSetName = "Stream", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.IO.Stream] $FileStream, + + [Parameter(ParameterSetName = "ByteArray", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Byte[]] $ImageByteArray, + + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Stream")] + [Parameter(ParameterSetName = "File")] + [Parameter(ParameterSetName = "ByteArray")] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["FileStream"]) + { + $params["FileStream"] = $PSBoundParameters["FileStream"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ImageByteArray"]) + { + $params["ImageByteArray"] = $PSBoundParameters["ImageByteArray"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["FilePath"]) + { + $params["InFile"] = $PSBoundParameters["FilePath"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgUserPhotoContent @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Update-EntraSignedInUserPassword.ps1 b/module/Entra/Microsoft.Entra/Users/Update-EntraSignedInUserPassword.ps1 new file mode 100644 index 0000000000..6188a142ae --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Update-EntraSignedInUserPassword.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraSignedInUserPassword { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $NewPassword, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $CurrentPassword + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["NewPassword"]) + { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if($null -ne $PSBoundParameters["CurrentPassword"]) + { + $params["CurrentPassword"] = $PSBoundParameters["CurrentPassword"] + } + + $currsecur = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($params.CurrentPassword) + $curr = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($currsecur) + + $newsecur = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($params.NewPassword) + $new = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($newsecur) + + $params["Url"] = "https://graph.microsoft.com/v1.0/me/changePassword" + $body = @{ + currentPassword = $curr + newPassword = $new + } + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.Url -Method POST -Body $body + $response + } +} + diff --git a/module/Entra/Microsoft.Entra/Users/Update-EntraUserFromFederated.ps1 b/module/Entra/Microsoft.Entra/Users/Update-EntraUserFromFederated.ps1 new file mode 100644 index 0000000000..873e5ef61b --- /dev/null +++ b/module/Entra/Microsoft.Entra/Users/Update-EntraUserFromFederated.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraUserFromFederated { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $UserPrincipalName = $PSBoundParameters.UserPrincipalName + $UserId = Get-MgUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual + if ($null -ne $UserId) + { + $AuthenticationMethodId = Get-MgUserAuthenticationMethod -UserId $UserId.Id + $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id + $params["UserId"] = $UserId.Id + } + } + if ($PSBoundParameters.ContainsKey("NewPassword")) { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $AuthenticationMethodId) + { + $response = Reset-MgUserAuthenticationMethodPassword @params -Headers $customHeaders + } + $response + } +} + diff --git a/module/Entra/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 b/module/Entra/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/Entra/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/Entra/UnMappedFiles/New-EntraCustomHeaders.ps1 b/module/Entra/UnMappedFiles/New-EntraCustomHeaders.ps1 new file mode 100644 index 0000000000..5f3d3fe2af --- /dev/null +++ b/module/Entra/UnMappedFiles/New-EntraCustomHeaders.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .PARAMETER Command + The command that is being executed. + .EXAMPLE + New-EntraCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-Module Microsoft.Graph.Entra | Select-Object version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/UnMappedFiles/Test-EntraScript.ps1 b/module/Entra/UnMappedFiles/Test-EntraScript.ps1 new file mode 100644 index 0000000000..c222f51c4f --- /dev/null +++ b/module/Entra/UnMappedFiles/Test-EntraScript.ps1 @@ -0,0 +1,188 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Test-EntraScript { + <# + .SYNOPSIS + Checks, whether the provided script is using AzureAD commands that are not supported by Microsoft.Graph.Entra. + + .DESCRIPTION + Checks, whether the provided script is using AzureAD commands that are not supported by Microsoft.Graph.Entra. + + .PARAMETER Path + Path to the script file(s) to scan. + Or name of the content, when also specifying -Content + + .PARAMETER Content + Code content to scan. + Used when scanning code that has no file representation (e.g. straight from a repository). + + .PARAMETER Quiet + Only return $true or $false, based on whether the script could run under Microsoft.Graph.Entra ($true) or not ($false) + + .EXAMPLE + PS C:\> Test-EntraScript -Path .\usercreation.ps1 -Quiet + + Returns whether the script "usercreation.ps1" could run under Microsoft.Graph.Entra + + .EXAMPLE + PS C:\> Get-ChildItem -Path \\contoso.com\it\code -Recurse -Filter *.ps1 | Test-EntraScript + + Returns a list of all scripts that would not run under the Microsoft.Graph.Entra module, listing each issue with line and code. + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias('FullName', 'Name')] + [string[]] + $Path, + + [Parameter(ValueFromPipelineByPropertyName = $true)] + [string] + $Content, + + [switch] + $Quiet + ) + + begin { + function Test-ScriptCommand { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [Alias('FullName')] + [string] + $Name, + + [Parameter(Mandatory = $true)] + [string] + $Content, + + [switch] + $Quiet, + + [AllowEmptyCollection()] + [string[]] + $RequiredCommands, + + [AllowEmptyCollection()] + [string[]] + $ForbiddenCommands + ) + + $ast = [System.Management.Automation.Language.Parser]::ParseInput($Content, [ref]$null, [ref]$null) + $allCommands = $ast.FindAll({ $args[0] -is [System.Management.Automation.Language.CommandAst] }, $true) + $allCommandNames = @($allCommands).ForEach{ $_.CommandElements[0].Value } + + $findings = @() + foreach ($command in $allCommands) { + if ($command.CommandElements[0].Value -notin $ForbiddenCommands) { continue } + $findings += [PSCustomObject]@{ + PSTypeName = 'Microsoft.Graph.Entra.CommandRequirement' + Name = $Name + Line = $command.Extent.StartLineNumber + Type = 'UnsupportedCommand' + Command = $command.CommandElements[0].Value + Code = $command.Extent.Text + } + } + foreach ($requiredCommand in $RequiredCommands) { + if ($requiredCommand -notin $allCommandNames) { continue } + $findings += [PSCustomObject]@{ + PSTypeName = 'Microsoft.Graph.Entra.CommandRequirement' + Name = $Name + Line = -1 + Type = 'RequiredCommandMissing' + Command = $requiredCommand + Code = '' + } + } + + if (-not $Quiet) { + $findings + return + } + + $findings -as [bool] + } + + $testParam = @{ + Quiet = $Quiet + ForbiddenCommands = $script:MISSING_CMDS + } + } + process { + if ($Path -and $Content) { + Test-ScriptCommand -Name @($Path)[0] -Content $Content + return + } + foreach ($entry in $Path) { + try { $resolvedPaths = Resolve-Path -Path $entry -ErrorAction Stop } + catch { + Write-Error $_ + continue + } + + foreach ($resolvedPath in $resolvedPaths) { + if (-not (Test-Path -Path $resolvedPath -PathType Leaf)) { + Write-Warning "Not a file: $resolvedPath" + continue + } + + $scriptContent = (Get-Content -LiteralPath $resolvedPath) -join "`n" + Test-ScriptCommand -Name $resolvedPath -Content $scriptContent @testParam + } + } + } +}function Get-EntraAuthorizationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/v1.0/policies/authorizationPolicy?" + $params["Method"] = "GET" + + if($null -ne $PSBoundParameters["Id"]) + { + $Id = $Id.Substring(0, 1).ToLower() + $Id.Substring(1) + $Filter = "Id eq '$Id'" + $f = '$' + 'Filter' + $params["Uri"] += "&$f=$Filter" + } + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $params["Uri"] += "&$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + if($response){ + $policyList = @() + foreach ($data in $response) { + $policyType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAuthorizationPolicy + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $policyType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $policyList += $policyType + } + $policyList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/Entra/config/ModuleMetadata.json b/module/Entra/config/ModuleMetadata.json index 65b00788e5..0130f916d6 100644 --- a/module/Entra/config/ModuleMetadata.json +++ b/module/Entra/config/ModuleMetadata.json @@ -2,6 +2,7 @@ "guid": "742dccd1-bf4b-46a0-a3f2-14e0bb508233", "authors": "Microsoft", "owners": "Microsoft", + "entraDescription":"Microsoft Entra Powershell", "description": "Microsoft Entra PowerShell v1.0: Microsoft Entra PowerShell is a scenario-driven module that allows administrators to efficiently manage Entra ID resources, including users, groups, applications, and policies, among others", "requireLicenseAcceptance": "true", "requiredModules" : [ @@ -30,6 +31,8 @@ "Entra" ], "releaseNotes": "See https://github.com/microsoftgraph/entra-powershell.", - "version": "0.19.0", - "Prerelease": "preview" + "version": "0.20.0", + "Prerelease": "preview", + "dotNetVersion":"4.7.2", + "powershellVersion":"5.1" } diff --git a/module/Entra/config/ModuleSettings.json b/module/Entra/config/ModuleSettings.json index 6863871d5c..fde6b47a2c 100644 --- a/module/Entra/config/ModuleSettings.json +++ b/module/Entra/config/ModuleSettings.json @@ -1,6 +1,6 @@ { "sourceModule" : "AzureAD", - "moduleName" : "Microsoft.Graph.Entra", + "moduleName" : "Microsoft.Entra", "newPrefix" : "Entra", "typePrefix" : "Microsoft.Open.", "destinationModuleName" : [ diff --git a/module/Entra/config/dependencyMapping.json b/module/Entra/config/dependencyMapping.json new file mode 100644 index 0000000000..67a83565bb --- /dev/null +++ b/module/Entra/config/dependencyMapping.json @@ -0,0 +1,10 @@ +{ + "Microsoft.Entra.Users":["Microsoft.Graph.Users","Microsoft.Graph.Users.Actions","Microsoft.Graph.Users.Functions"], + "Microsoft.Entra.Authentication":["Microsoft.Graph.Authentication"], + "Microsoft.Entra.Groups":["Microsoft.Graph.Groups"], + "Microsoft.Entra.DirectoryManagement":["Microsoft.Graph.Identity.DirectoryManagement"], + "Microsoft.Entra.Governance":["Microsoft.Graph.Identity.Governance"], + "Microsoft.Entra.SignIns":["Microsoft.Graph.Identity.SignIns"], + "Microsoft.Entra.Applications":["Microsoft.Graph.Applications"], + "Microsoft.Entra.Reports":["Microsoft.Graph.Reports"] +} \ No newline at end of file diff --git a/module/Entra/config/moduleMapping.json b/module/Entra/config/moduleMapping.json new file mode 100644 index 0000000000..e0c44503e0 --- /dev/null +++ b/module/Entra/config/moduleMapping.json @@ -0,0 +1,266 @@ +{ + "Add-EntraAdministrativeUnitMember": "DirectoryManagement", + "Add-EntraLifecyclePolicyGroup": "Groups", + "Get-EntraAccountSku": "DirectoryManagement", + "Get-EntraAdministrativeUnit": "DirectoryManagement", + "Get-EntraAdministrativeUnitMember": "DirectoryManagement", + "New-EntraAdministrativeUnit": "DirectoryManagement", + "Remove-EntraAdministrativeUnit": "DirectoryManagement", + "Remove-EntraAdministrativeUnitMember": "DirectoryManagement", + "Set-EntraAdministrativeUnit": "DirectoryManagement", + "Get-EntraApplicationProxyApplication": "Applications", + "New-EntraApplicationProxyApplication": "Applications", + "Remove-EntraApplicationProxyApplication": "Applications", + "Set-EntraApplicationProxyApplication": "Applications", + "Get-EntraApplicationOwner":"Applications", + "Get-EntraApplicationPasswordCredential":"Applications", + "Get-EntraApplicationServiceEndpoint":"Applications", + "Get-EntraApplicationTemplate":"Applications", + "Get-EntraDeletedApplication":"Applications", + "Set-EntraApplicationProxyApplicationCustomDomainCertificate": "Applications", + "Set-EntraApplicationProxyApplicationSingleSignOn": "Applications", + "Get-EntraApplicationProxyApplicationConnectorGroup": "Applications", + "Get-EntraApplicationProxyConnector": "Applications", + "Get-EntraApplicationProxyConnectorGroup": "Applications", + "Get-EntraApplicationProxyConnectorGroupMember": "Applications", + "Get-EntraApplicationProxyConnectorGroupMembers": "Applications", + "Get-EntraApplicationProxyConnectorMemberOf": "Applications", + "New-EntraApplicationProxyConnectorGroup": "Applications", + "Remove-EntraApplicationProxyApplicationConnectorGroup": "Applications", + "Remove-EntraApplicationProxyConnectorGroup": "Applications", + "Set-EntraApplicationProxyConnector": "Applications", + "Set-EntraApplicationProxyConnectorGroup": "Applications", + "Add-EntraApplicationOwner": "Applications", + "Get-EntraApplication": "Applications", + "Get-EntraApplicationExtensionProperty": "Applications", + "Get-EntraApplicationKeyCredential": "Applications", + "Get-EntraApplicationLogo": "Applications", + "Add-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Add-EntraServicePrincipalOwner": "Applications", + "Get-EntraServicePrincipal": "Applications", + "Get-EntraServicePrincipalCreatedObject": "Applications", + "Get-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Get-EntraServicePrincipalKeyCredential": "Applications", + "Get-EntraServicePrincipalMembership": "Applications", + "Get-EntraServicePrincipalOAuth2PermissionGrant": "Applications", + "Get-EntraServicePrincipalOwnedObject": "Applications", + "Get-EntraServicePrincipalOwner": "Applications", + "Get-EntraServicePrincipalPasswordCredential": "Applications", + "New-EntraApplication": "Applications", + "New-EntraApplicationExtensionProperty": "Applications", + "New-EntraApplicationKey": "Applications", + "New-EntraApplicationKeyCredential": "Applications", + "New-EntraApplicationPassword": "Applications", + "New-EntraApplicationPasswordCredential": "Applications", + "New-EntraServicePrincipal": "Applications", + "New-EntraServicePrincipalKeyCredential": "Applications", + "New-EntraServicePrincipalPasswordCredential": "Applications", + "Remove-EntraApplication": "Applications", + "Remove-EntraApplicationExtensionProperty": "Applications", + "Remove-EntraApplicationKey": "Applications", + "Remove-EntraApplicationKeyCredential": "Applications", + "Remove-EntraApplicationOwner": "Applications", + "Remove-EntraApplicationPassword": "Applications", + "Remove-EntraApplicationPasswordCredential": "Applications", + "Remove-EntraApplicationVerifiedPublisher": "Applications", + "Remove-EntraDeletedApplication": "Applications", + "Remove-EntraDeletedDirectoryObject": "DirectoryManagement", + "Remove-EntraServicePrincipal": "Applications", + "Remove-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Remove-EntraServicePrincipalKeyCredential": "Applications", + "Remove-EntraServicePrincipalOwner": "Applications", + "Remove-EntraServicePrincipalPasswordCredential": "Applications", + "Restore-EntraDeletedApplication": "Applications", + "Select-EntraGroupIdsServicePrincipalIsMemberOf": "Applications", + "Set-EntraApplication": "Applications", + "Set-EntraApplicationLogo": "Applications", + "Set-EntraApplicationVerifiedPublisher": "Applications", + "Set-EntraServicePrincipal": "Applications", + "Get-EntraTrustedCertificateAuthority": "SignIns", + "New-EntraTrustedCertificateAuthority": "SignIns", + "Remove-EntraTrustedCertificateAuthority": "SignIns", + "Set-EntraTrustedCertificateAuthority": "SignIns", + "Get-EntraContact": "DirectoryManagement", + "Get-EntraContactDirectReport": "DirectoryManagement", + "Get-EntraContactManager": "DirectoryManagement", + "Get-EntraContactMembership": "DirectoryManagement", + "Get-EntraContactThumbnailPhoto": "DirectoryManagement", + "Remove-EntraContact": "DirectoryManagement", + "Get-EntraContract": "DirectoryManagement", + "Add-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Add-EntraDeviceRegisteredUser": "DirectoryManagement", + "Get-EntraDevice": "DirectoryManagement", + "Get-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Get-EntraDeviceRegisteredUser": "DirectoryManagement", + "New-EntraDevice": "DirectoryManagement", + "Remove-EntraDevice": "DirectoryManagement", + "Remove-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Remove-EntraDeviceRegisteredUser": "DirectoryManagement", + "Set-EntraDevice": "DirectoryManagement", + "Add-EntraDirectoryRoleMember": "DirectoryManagement", + "Get-EntraDeletedDirectoryObject": "DirectoryManagement", + "Get-EntraDirectoryRole": "DirectoryManagement", + "Enable-EntraDirectoryRole": "DirectoryManagement", + "Get-EntraDirectoryRoleMember": "DirectoryManagement", + "Get-EntraDirectoryRoleTemplate": "DirectoryManagement", + "Get-EntraDirSyncConfiguration": "DirectoryManagement", + "Get-EntraHasObjectsWithDirSyncProvisioningError": "DirectoryManagement", + "Remove-EntraDirectoryRoleMember": "DirectoryManagement", + "Restore-EntraDeletedDirectoryObject": "DirectoryManagement", + "Set-EntraDirSyncConfiguration": "DirectoryManagement", + "Set-EntraDirSyncEnabled": "DirectoryManagement", + "Set-EntraDirSyncFeature": "DirectoryManagement", + "Get-EntraDomain": "DirectoryManagement", + "Get-EntraDomainFederationSettings": "DirectoryManagement", + "Get-EntraDomainNameReference": "DirectoryManagement", + "Get-EntraDirectoryManagementerviceConfigurationRecord": "DirectoryManagement", + "Get-EntraDomainVerificationDnsRecord": "DirectoryManagement", + "New-EntraDomain": "DirectoryManagement", + "Remove-EntraDomain": "DirectoryManagement", + "Set-EntraDomain": "DirectoryManagement", + "Set-EntraDomainFederationSettings": "DirectoryManagement", + "Get-EntraExtensionProperty": "DirectoryManagement", + "Get-EntraFederationProperty": "DirectoryManagement", + "Add-EntraGroupMember": "Groups", + "Add-EntraGroupOwner": "Groups", + "Set-EntraFeatureRolloutPolicy": "SignIns", + "Get-EntraDeletedGroup": "Groups", + "Get-EntraGroup": "Groups", + "Get-EntraGroupAppRoleAssignment": "Groups", + "Get-EntraGroupLifecyclePolicy": "Groups", + "Get-EntraGroupMember": "Groups", + "Get-EntraGroupOwner": "Groups", + "Get-EntraGroupPermissionGrant": "Groups", + "Get-EntraLifecyclePolicyGroup": "Groups", + "Get-EntraPolicy": "SignIns", + "New-EntraPolicy": "SignIns", + "Remove-EntraPolicy": "SignIns", + "Set-EntraPolicy": "SignIns", + "New-EntraGroup": "Groups", + "New-EntraGroupAppRoleAssignment": "Groups", + "New-EntraGroupLifecyclePolicy": "Groups", + "Remove-EntraGroup": "Groups", + "Remove-EntraGroupAppRoleAssignment": "Groups", + "Remove-EntraGroupLifecyclePolicy": "Groups", + "Remove-EntraGroupMember": "Groups", + "Remove-EntraGroupOwner": "Groups", + "Remove-EntraLifecyclePolicyGroup": "Groups", + "Reset-EntraLifeCycleGroup": "Groups", + "Select-EntraGroupIdsContactIsMemberOf": "Groups", + "Select-EntraGroupIdsGroupIsMemberOf": "Groups", + "Select-EntraGroupIdsUserIsMemberOf": "Groups", + "Set-EntraGroup": "Groups", + "Set-EntraGroupLifecyclePolicy": "Groups", + "Get-EntraAuthorizationPolicy": "SignIns", + "Get-EntraConditionalAccessPolicy": "SignIns", + "Get-EntraIdentityProvider": "SignIns", + "Get-EntraOAuth2PermissionGrant": "SignIns", + "Get-EntraPasswordPolicy": "DirectoryManagement", + "Get-EntraPermissionGrantConditionSet": "SignIns", + "Get-EntraPermissionGrantPolicy": "SignIns", + "Get-EntraScopedRoleMembership": "DirectoryManagement", + "New-EntraOauth2PermissionGrant": "SignIns", + "New-EntraConditionalAccessPolicy": "SignIns", + "New-EntraIdentityProvider": "SignIns", + "New-EntraInvitation": "SignIns", + "New-EntraPermissionGrantConditionSet": "SignIns", + "New-EntraPermissionGrantPolicy": "SignIns", + "Remove-EntraConditionalAccessPolicy": "SignIns", + "Remove-EntraIdentityProvider": "SignIns", + "Remove-EntraOAuth2PermissionGrant": "SignIns", + "Remove-EntraPermissionGrantConditionSet": "SignIns", + "Remove-EntraPermissionGrantPolicy": "SignIns", + "Remove-EntraScopedRoleMembership": "DirectoryManagement", + "Revoke-EntraSignedInUserAllRefreshToken": "Authentication", + "Revoke-EntraUserAllRefreshToken": "Authentication", + "Set-EntraAuthorizationPolicy": "SignIns", + "Set-EntraConditionalAccessPolicy": "SignIns", + "Set-EntraIdentityProvider": "SignIns", + "Set-EntraPermissionGrantConditionSet": "SignIns", + "Set-EntraPermissionGrantPolicy": "SignIns", + "New-EntraNamedLocationPolicy": "SignIns", + "Remove-EntraNamedLocationPolicy": "SignIns", + "Set-EntraNamedLocationPolicy": "SignIns", + "Get-EntraNamedLocationPolicy": "SignIns", + "Get-EntraPartnerInformation": "DirectoryManagement", + "Set-EntraPartnerInformation": "DirectoryManagement", + "Get-EntraSubscribedSku": "DirectoryManagement", + "Get-EntraTenantDetail": "DirectoryManagement", + "Set-EntraTenantDetail": "DirectoryManagement", + "Add-EntraScopedRoleMembership": "DirectoryManagement", + "Get-EntraUser": "Users", + "Get-EntraUserAuthenticationMethod":"SignIns", + "Get-EntraUserAppRoleAssignment": "Users", + "Get-EntraUserCreatedObject": "Users", + "Get-EntraUserDirectReport": "Users", + "Get-EntraUserExtension": "Users", + "Get-EntraUserLicenseDetail": "Users", + "Get-EntraUserManager": "Users", + "Get-EntraUserMembership": "Users", + "Get-EntraUserOAuth2PermissionGrant": "Users", + "Get-EntraUserOwnedDevice": "Users", + "Get-EntraUserOwnedObject": "Users", + "Get-EntraUserRegisteredDevice": "Users", + "Get-EntraUserThumbnailPhoto": "Users", + "New-EntraUser": "Users", + "New-EntraUserAppRoleAssignment": "Users", + "Remove-EntraUser": "Users", + "Remove-EntraUserAppRoleAssignment": "Users", + "Remove-EntraUserExtension": "Users", + "Remove-EntraUserManager": "Users", + "Set-EntraUser": "Users", + "Set-EntraUserExtension": "Users", + "Set-EntraUserLicense": "Users", + "Set-EntraUserManager": "Users", + "Set-EntraUserPassword": "Users", + "Set-EntraUserThumbnailPhoto": "Users", + "Update-EntraOauth2PermissionGrant":"SignIns", + "Update-EntraSignedInUserPassword": "Users", + "Reset-EntraStrongAuthenticationMethodByUpn": "Authentication", + "Get-EntraAttributeSet": "DirectoryManagement", + "New-EntraAttributeSet": "DirectoryManagement", + "Set-EntraAttributeSet": "DirectoryManagement", + "Add-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Set-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "New-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "Set-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "Add-EntraEnvironment": "Authentication", + "Confirm-EntraDomain": "DirectoryManagement", + "Connect-Entra": "Authentication", + "Disconnect-Entra": "Authentication", + "Enable-EntraAzureADAlias": "Migration", + "Find-EntraPermission": "Authentication", + "Get-CrossCloudVerificationCode": "DirectoryManagement", + "Get-EntraContext": "Authentication", + "Get-EntraEnvironment": "Authentication", + "Get-EntraObjectByObjectId": "DirectoryManagement", + "Test-EntraScript": "Migration", + "Get-EntraUnsupportedCommand": "Migration", + "Get-EntraObjectSetting": "Groups", + "New-EntraApplicationFromApplicationTemplate": "Applications", + "New-EntraFeatureRolloutPolicy": "SignIns", + "Remove-EntraFeatureRolloutPolicyDirectoryObject": "SignIns", + "Remove-EntraFeatureRolloutPolicy": "SignIns", + "Remove-EntraExternalDomainFederation": "DirectoryManagement", + "Get-EntraDirSyncFeature": "DirectoryManagement", + "Get-EntraAuditDirectoryLog": "Reports", + "Get-EntraAuditSignInLog": "Reports", + "Get-EntraDirectoryObjectOnPremisesProvisioningError": "DirectoryManagement", + "Get-EntraDirectoryRoleAssignment": "Governance", + "Get-EntraDirectoryRoleDefinition": "Governance", + "Get-EntraFeatureRolloutPolicy": "SignIns", + "Get-EntraServicePrincipalAppRoleAssignedTo": "Applications", + "Get-EntraServicePrincipalAppRoleAssignment": "Applications", + "New-EntraDirectoryRoleAssignment": "Governance", + "New-EntraDirectoryRoleDefinition": "Governance", + "New-EntraServicePrincipalAppRoleAssignment": "Applications", + "Remove-EntraDirectoryRoleAssignment": "Governance", + "Remove-EntraDirectoryRoleDefinition": "Governance", + "Remove-EntraServicePrincipalAppRoleAssignment": "Applications", + "Set-EntraDirectoryRoleDefinition": "Governance", + "Update-EntraUserFromFederated": "Users", + "Get-EntraDomainServiceConfigurationRecord":"DirectoryManagement", + "Get-EntraUserAuthenticationRequirement":"SignIns" +} \ No newline at end of file diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 b/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 deleted file mode 100644 index e475c8dca9..0000000000 --- a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 +++ /dev/null @@ -1,56 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraBetaApplicationPasswordCredential { - [CmdletBinding(DefaultParameterSetName = '')] - param ( - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] - [Alias("ObjectId")] - [System.String] $ApplicationId, - [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] - [System.String[]] $Property - ) - - PROCESS { - $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand - $params = @{} - $baseUri = "https://graph.microsoft.com/beta/applications/$ApplicationId/passwordCredentials" - $params["Method"] = "GET" - $params["Uri"] = "$baseUri" - - $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json - try { - $response = $response.value - } - catch {} - $response | ForEach-Object { - if($null -ne $_) { - $CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_.CustomKeyIdentifier))) - Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $CustomKeyIdentifier -Force - Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value endDateTime - Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value startDateTime - } - } - if($response) - { - $userList = @() - foreach ($data in $response) { - $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPasswordCredential - $data.PSObject.Properties | ForEach-Object { - $propertyName = $_.Name - $propertyValue = $_.Value - $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force - } - $userList += $userType - } - if($null -ne $PSBoundParameters["Property"]) - { - $userList | Select-Object $PSBoundParameters["Property"] - } - else { - $userList - } - } - } -} \ No newline at end of file diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 b/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 deleted file mode 100644 index 9866fe1d04..0000000000 --- a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 +++ /dev/null @@ -1,40 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Get-EntraBetaDirectoryObjectOnPremisesProvisioningError { - [CmdletBinding(DefaultParameterSetName = 'GetById')] - param ( - [Parameter(ParameterSetName = "GetById")][ValidateNotNullOrEmpty()][ValidateScript({if ($_ -is [System.Guid]) { $true } else {throw "TenantId must be of type [System.Guid]."}})][System.Guid] $TenantId - ) - PROCESS { - $params = @{} - $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand - if ($null -ne $PSBoundParameters["TenantId"]) { - $params["TenantId"] = $PSBoundParameters["TenantId"] - } - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - $Object = @("users", "groups", "contacts") - $response = @() - - try { - foreach ($obj in $object) { - $obj = ($obj | Out-String).trimend() - $uri = 'https://graph.microsoft.com/beta/' + $obj + '?$select=onPremisesProvisioningErrors' - $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors - } - } - catch {} - - if ([string]::IsNullOrWhiteSpace($response)) { - write-host "False" - } - else { - $response - } - } -} -Set-Alias -Name Get-EntraBetaHasObjectsWithDirSyncProvisioningError -Value Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -Scope Global -Force - diff --git a/module/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 b/module/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 deleted file mode 100644 index 09b03f7d9e..0000000000 --- a/module/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 +++ /dev/null @@ -1,84 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -function Update-EntraBetaUserFromFederated { - [CmdletBinding(DefaultParameterSetName = 'GetQuery')] - param ( - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, - [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, - [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId - - ) - - PROCESS { - $params = @{} - $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand - - if ($null -ne $PSBoundParameters["UserPrincipalName"]) { - $UserPrincipalName = $PSBoundParameters.UserPrincipalName - $UserId = Get-MgBetaUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual - if ($null -ne $UserId) - { - $AuthenticationMethodId = Get-MgBetaUserAuthenticationMethod -UserId $UserId.Id - $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id - $params["UserId"] = $UserId.Id - } - } - if ($PSBoundParameters.ContainsKey("NewPassword")) { - $params["NewPassword"] = $PSBoundParameters["NewPassword"] - } - if ($PSBoundParameters.ContainsKey("Verbose")) { - $params["Verbose"] = $PSBoundParameters["Verbose"] - } - if ($PSBoundParameters.ContainsKey("Debug")) { - $params["Debug"] = $PSBoundParameters["Debug"] - } - if($null -ne $PSBoundParameters["WarningVariable"]) - { - $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] - } - if($null -ne $PSBoundParameters["InformationVariable"]) - { - $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] - } - if($null -ne $PSBoundParameters["InformationAction"]) - { - $params["InformationAction"] = $PSBoundParameters["InformationAction"] - } - if($null -ne $PSBoundParameters["OutVariable"]) - { - $params["OutVariable"] = $PSBoundParameters["OutVariable"] - } - if($null -ne $PSBoundParameters["OutBuffer"]) - { - $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] - } - if($null -ne $PSBoundParameters["ErrorVariable"]) - { - $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] - } - if($null -ne $PSBoundParameters["PipelineVariable"]) - { - $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] - } - if($null -ne $PSBoundParameters["ErrorAction"]) - { - $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] - } - if($null -ne $PSBoundParameters["WarningAction"]) - { - $params["WarningAction"] = $PSBoundParameters["WarningAction"] - } - Write-Debug("============================ TRANSFORMATIONS ============================") - $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug - Write-Debug("=========================================================================`n") - if($null -ne $AuthenticationMethodId) - { - $response = Reset-MgBetaUserAuthenticationMethodPassword @params -Headers $customHeaders - } - $response - } -} -Set-Alias -Name Convert-EntraBetaFederatedUser -Value Update-EntraBetaUserFromFederated -Scope Global -Force - diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationOwner.ps1 new file mode 100644 index 0000000000..88df62eb3b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaApplicationOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue" + $params["OdataId"] = $Value + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaApplicationOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationPolicy.ps1 new file mode 100644 index 0000000000..40ef6db8a6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaApplicationPolicy.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaApplicationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ID"]) { + $id = $PSBoundParameters["ID"] + } + if ($null -ne $PSBoundParameters["RefObjectId"]) { + $RefObjectId = $PSBoundParameters["RefObjectId"] + } + $uri = "https://graph.microsoft.com/beta/applications/$id/Policies/" + '$ref' + $body = @{ + "@odata.id" = "https://graph.microsoft.com/beta/legacy/policies/$RefObjectId" + } + $body = $body | ConvertTo-Json + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-MgGraphRequest -Headers $customHeaders -Method POST -Uri $uri -Body $body -ContentType "application/json" + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..cb90115a8e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PermissionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PermissionName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[Microsoft.Open.MSGraph.Model.DelegatedPermissionClassification+ClassificationEnum]] $Classification, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["PermissionId"]) + { + $params["PermissionId"] = $PSBoundParameters["PermissionId"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["PermissionName"]) + { + $params["PermissionName"] = $PSBoundParameters["PermissionName"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Classification"]) + { + $params["Classification"] = $PSBoundParameters["Classification"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..92b1bc6d12 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Add-EntraBetaServicePrincipalOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaServicePrincipalOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplication.ps1 new file mode 100644 index 0000000000..ed72d70cf3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplication.ps1 @@ -0,0 +1,159 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias("ObjectId")] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + $response = Get-MgBetaApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name InformationalUrls -Value Info + + $myAppRoles = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.AppRole] + foreach ($appRole in $_.AppRoles) { + $hash = New-Object Microsoft.Open.AzureAD.Model.AppRole + foreach ($propertyName in $hash.psobject.Properties.Name) { + $hash.$propertyName = $appRole.$propertyName + } + $myAppRoles.Add($hash) + } + Add-Member -InputObject $_ -MemberType NoteProperty -Name AppRoles -Value ($myAppRoles) -Force + $propsToConvert = @( + 'Logo','GroupMembershipClaims','IdentifierUris','Info', + 'IsDeviceOnlyAuthSupported','KeyCredentials','Oauth2RequirePostResponse','OptionalClaims', + 'ParentalControlSettings','PasswordCredentials','Api','PublicClient', + 'PublisherDomain','Web','RequiredResourceAccess','SignInAudience') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + foreach ($credType in @('KeyCredentials', 'PasswordCredentials')) { + if ($null -ne $_.PSObject.Properties[$credType]) { + $_.$credType | ForEach-Object { + try { + if ($null -ne $_.EndDateTime -or $null -ne $_.StartDateTime) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name EndDate -Value $_.EndDateTime + Add-Member -InputObject $_ -MemberType NoteProperty -Name StartDate -Value $_.StartDateTime + $_.PSObject.Properties.Remove('EndDateTime') + $_.PSObject.Properties.Remove('StartDateTime') + } + } + catch {} + } + } + } + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationExtensionProperty.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..c0d87ed0a9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationExtensionProperty.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationKeyCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..3cf90195ad --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationKeyCredential.ps1 @@ -0,0 +1,18 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + (Get-MgBetaApplication -Headers $customHeaders -ApplicationId $PSBoundParameters["ObjectId"]).KeyCredentials + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationLogo.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationLogo.ps1 new file mode 100644 index 0000000000..8cdfd7fc3f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationLogo.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationLogo { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FileName, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $View, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/beta/applications' + $Method = "GET" + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $URI = "$baseUri/$($params.ApplicationId)" + } + if($null -ne $PSBoundParameters["FilePath"]){ + $params["FilePath"] = $PSBoundParameters["FilePath"] + $imageExtensions = @(".jpg", ".jpeg", ".png", ".gif", ".bmp") + if(-not (Test-Path $($params.FilePath) -PathType Leaf) -and $imageExtensions -notcontains [System.IO.Path]::GetExtension($($params.FilePath))){ + Write-Error -Message "Get-EntraBetaApplicationLogo : FilePath is invalid" + break; + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $logoUrl = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).Info.logoUrl + if($null -ne $logoUrl){ + try { + Invoke-WebRequest -Uri $logoUrl -OutFile $($params.FilePath) + } + catch { + + } + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationOwner.ps1 new file mode 100644 index 0000000000..05d02a4f02 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationOwner.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaApplicationOwner @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('assignedLicenses','assignedPlans','provisionedPlans','identities') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..0865d3014f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPasswordCredential.ps1 @@ -0,0 +1,57 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $baseUri = "https://graph.microsoft.com/beta/applications/$ApplicationId/passwordCredentials" + $params["Method"] = "GET" + $params["Uri"] = "$baseUri" + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } + catch {} + $response | ForEach-Object { + if($null -ne $_) { + $CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_.CustomKeyIdentifier))) + Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $CustomKeyIdentifier -Force + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value endDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value startDateTime + } + } + if($response) + { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPasswordCredential + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + if($null -ne $PSBoundParameters["Property"]) + { + $userList | Select-Object $PSBoundParameters["Property"] + } + else { + $userList + } + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPolicy.ps1 new file mode 100644 index 0000000000..afac1cc31c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationPolicy.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + $Method = "GET" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = 'https://graph.microsoft.com/beta/applications/{0}/policies' -f $Id + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method | ConvertTo-Json -Depth 10 | ConvertFrom-Json).value + $response | Add-Member -MemberType AliasProperty -Value '@odata.type' -Name 'odata.type' + + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $respList = @() + + foreach ($res in $data) { + switch ($res.type) { + "activityBasedTimeoutPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGrphActivityBasedTimeoutPolicy } + "appManagementPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAppManagementPolicy } + "claimsMappingPolicies" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphClaimsMappingPolicy } + "featureRolloutPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy } + "HomeRealmDiscoveryPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphHomeRealmDiscoveryPolicy } + "tokenIssuancePolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenIssuancePolicy } + "tokenLifetimePolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenLifetimePolicy } + "permissionGrantPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPermissionGrantPolicy } + default { Write-Error "Unknown type: $Type" } + } + + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $respList += $respType + } + $respList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyApplication.ps1 new file mode 100644 index 0000000000..1f9403a5b3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyApplication.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationProxyApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $params["Select"] = "onPremisesPublishing" + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $app = Get-MgBetaApplication @params -Headers $customHeaders + $response = $app.OnPremisesPublishing + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnector.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnector.ps1 new file mode 100644 index 0000000000..904c3a6627 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnector.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationProxyConnector { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OnPremisesPublishingProfileId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "GET" + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors" + if($null -ne $PSBoundParameters["SearchString"]) + { + $f = '$' + 'Filter' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors?$f=machineName eq '$SearchString' OR startswith(machineName,'$SearchString')" + } + if($null -ne $PSBoundParameters["OnPremisesPublishingProfileId"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors/$OnPremisesPublishingProfileId" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $f = '$' + 'Filter' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors?$f=$filter" + } + if($null -ne $PSBoundParameters["All"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $t = '$' + 'Top' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors?$t=$top" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + + try { + $data = $response.Value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + catch { + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.ps1 new file mode 100644 index 0000000000..23a59d2ac4 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationProxyConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "GET" + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups" + if($null -ne $PSBoundParameters["SearchString"]) + { + $f = '$' + 'Filter' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups?$f=name eq '$SearchString' OR startswith(name,'$SearchString')" + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id" + } + if($null -ne $PSBoundParameters["Filter"]) + { + $f = '$' + 'Filter' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups?$f=$filter" + } + if($null -ne $PSBoundParameters["All"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $t = '$' + 'Top' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups?$t=$top" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + + try { + $data = $response.Value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + catch { + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphConnectorGroup + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 new file mode 100644 index 0000000000..e6a56cd1f6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationProxyConnectorGroupMembers { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OnPremisesPublishingProfileId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter( ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "GET" + $Id = $PSBoundParameters["OnPremisesPublishingProfileId"] + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id/members" + if($PSBoundParameters.ContainsKey("OnPremisesPublishingProfileId")) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id/members" + } + if($PSBoundParameters.ContainsKey("Filter")) + { + $f = '$' + 'Filter' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id/members?$f=$filter" + } + if($PSBoundParameters.ContainsKey("All")) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id/members" + } + if($PSBoundParameters.ContainsKey("top")) + { + $t = '$' + 'Top' + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id/members?$t=$top" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + try { + $data = $response.Value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + catch { + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphConnector + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 new file mode 100644 index 0000000000..98cc853223 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationProxyConnectorMemberOf { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OnPremisesPublishingProfileId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "GET" + $Id = $PSBoundParameters["OnPremisesPublishingProfileId"] + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors/$Id/memberOf" + if($PSBoundParameters.ContainsKey("OnPremisesPublishingProfileId")) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors/$Id/memberOf" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + try { + $data = $response.Value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + catch { + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphConnectorGroup + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationTemplate.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationTemplate.ps1 new file mode 100644 index 0000000000..b06e4a3b0a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaApplicationTemplate.ps1 @@ -0,0 +1,74 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationTemplate { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["Id"]) + { + $params["ApplicationTemplateId"] = $PSBoundParameters["Id"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Get-MgBetaApplicationTemplate @params -Headers $customHeaders + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaDeletedApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaDeletedApplication.ps1 new file mode 100644 index 0000000000..c0e30842c1 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaDeletedApplication.ps1 @@ -0,0 +1,147 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDeletedApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryDeletedItemAsApplication @params -Headers $customHeaders + + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + + $propsToConvert = @( + 'addIns','AppRoles','GroupMembershipClaims','IdentifierUris','Info', + 'IsDeviceOnlyAuthSupported','KeyCredentials','OptionalClaims', + 'ParentalControlSettings','PasswordCredentials','Api','PublicClient', + 'PublisherDomain','Web','RequiredResourceAccess') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + + Add-Member -InputObject $_ -MemberType AliasProperty -Name AppLogoUrl -Value Logo + Add-Member -InputObject $_ -MemberType AliasProperty -Name InformationalUrls -Value Info + Add-Member -InputObject $_ -MemberType AliasProperty -Name HomePage -Value Web.HomePageUrl + Add-Member -InputObject $_ -MemberType AliasProperty -Name LogoutUrl -Value Web.LogoutUrl + Add-Member -InputObject $_ -MemberType AliasProperty -Name ReplyUrls -Value Web.RedirectUris + Add-Member -InputObject $_ -MemberType AliasProperty -Name KnownClientApplications -Value Api.KnownClientApplications + Add-Member -InputObject $_ -MemberType AliasProperty -Name PreAuthorizedApplications -Value Api.PreAuthorizedApplications + Add-Member -InputObject $_ -MemberType AliasProperty -Name Oauth2AllowImplicitFlow -Value Web.Oauth2AllowImplicitFlow + } + + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.ps1 new file mode 100644 index 0000000000..7c670e5c45 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPasswordSingleSignOnCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.PasswordSSOObjectId] $PasswordSSOObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["PasswordSSOObjectId"]) + { + $TmpValue = $PSBoundParameters["PasswordSSOObjectId"] + $Value = $TmpValue.Id + $params["Id"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalPasswordSingleSignOnCredential @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipal.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipal.ps1 new file mode 100644 index 0000000000..003e8449b8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipal.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "publisherName eq '$TmpValue' or (displayName eq '$TmpValue' or startswith(displayName,'$TmpValue'))" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 new file mode 100644 index 0000000000..10bd80ec17 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalAppRoleAssignedTo { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalAppRoleAssignedTo @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..04bc92669e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.ps1 new file mode 100644 index 0000000000..3e0decb47c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalCreatedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalCreatedObject @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..e53fdfb7b6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["DelegatedPermissionClassificationId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.ps1 new file mode 100644 index 0000000000..f9a490e3e8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.ps1 @@ -0,0 +1,25 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalKeyCredential { + function Get-EntraBetaServicePrincipalKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ServicePrincipalId + ) + + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $response = (Get-MgBetaServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).KeyCredentials + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + $response +} +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalMembership.ps1 new file mode 100644 index 0000000000..c062f80383 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalTransitiveMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..c0af38e2af --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalOauth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.ps1 new file mode 100644 index 0000000000..625fcb8aea --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalOwnedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalOwnedObject @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..de1adc6705 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalOwner.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ServicePrincipalId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + # Switch to include all service principal owners + [switch] $All, + + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["All"]) { + if ($PSBoundParameters["All"]) { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($PSBoundParameters.ContainsKey("Top")) { + $params["Top"] = $PSBoundParameters["Top"] + } + if ($null -ne $PSBoundParameters["Property"]) { + $params["Property"] = $PSBoundParameters["Property"] + } + # Add common parameters if they exist + $commonParams = @("WarningVariable", "InformationVariable", "InformationAction", "OutVariable", "OutBuffer", "ErrorVariable", "PipelineVariable", "ErrorAction", "WarningAction") + foreach ($param in $commonParams) { + if ($PSBoundParameters.ContainsKey($param)) { + $params[$param] = $PSBoundParameters[$param] + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaServicePrincipalOwner @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('appRoles', 'publishedPermissionScopes') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } catch {} + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..18ddd24926 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,16 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalPasswordCredential { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $response = (Get-MgBetaServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).PasswordCredentials + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + $response +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplication.ps1 new file mode 100644 index 0000000000..6415687b13 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplication.ps1 @@ -0,0 +1,295 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PublicClientApplication] $PublicClient, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InformationalUrl] $InformationalUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication]] $PreAuthorizedApplications, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ParentalControlSettings] $ParentalControlSettings, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OrgRestrictions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SignInAudience, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.WebApplication] $Web, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]] $AddIns, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]] $PasswordCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]] $AppRoles, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TokenEncryptionKeyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GroupMembershipClaims, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]] $RequiredResourceAccess, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ApiApplication] $Api, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.OptionalClaims] $OptionalClaims + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["PublicClient"]) + { + $TmpValue = $PSBoundParameters["PublicClient"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["PublicClient"] = $Value + } + if ($null -ne $PSBoundParameters["IsDeviceOnlyAuthSupported"]) + { + $params["IsDeviceOnlyAuthSupported"] = $PSBoundParameters["IsDeviceOnlyAuthSupported"] + } + if ($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["InformationalUrl"]) + { + $TmpValue = $PSBoundParameters["InformationalUrl"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Info"] = $Value + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["PreAuthorizedApplications"]) + { + $params["PreAuthorizedApplications"] = $PSBoundParameters["PreAuthorizedApplications"] + } + if($null -ne $PSBoundParameters["ParentalControlSettings"]) + { + $TmpValue = $PSBoundParameters["ParentalControlSettings"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["ParentalControlSettings"] = $Value + } + if ($null -ne $PSBoundParameters["OrgRestrictions"]) + { + $params["OrgRestrictions"] = $PSBoundParameters["OrgRestrictions"] + } + if ($null -ne $PSBoundParameters["SignInAudience"]) + { + $params["SignInAudience"] = $PSBoundParameters["SignInAudience"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["Web"]) + { + $TmpValue = $PSBoundParameters["Web"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Web"] = $Value + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["AddIns"]) + { + $params["AddIns"] = $PSBoundParameters["AddIns"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $Temp = $v | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { if($null -ne $_.Value){ $hash[$_.Name] = $_.Value }} + $a += $hash + } + + $Value = $a + $params["PasswordCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["AppRoles"]) + { + $TmpValue = $PSBoundParameters["AppRoles"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $Temp = $v | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { if($null -ne $_.Value){ $hash[$_.Name] = $_.Value }} + $a += $hash + } + + $Value = $a + $params["AppRoles"] = $Value + } + if ($null -ne $PSBoundParameters["TokenEncryptionKeyId"]) + { + $params["TokenEncryptionKeyId"] = $PSBoundParameters["TokenEncryptionKeyId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IsFallbackPublicClient"]) + { + $params["IsFallbackPublicClient"] = $PSBoundParameters["IsFallbackPublicClient"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDateTime + Key= $v.Key + StartDateTime= $v.StartDateTime + Type= $v.Type + Usage= $v.Usage + } + + $a += $hash + } + + $Value = $a + $params["KeyCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["GroupMembershipClaims"]) + { + $params["GroupMembershipClaims"] = $PSBoundParameters["GroupMembershipClaims"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["RequiredResourceAccess"]) + { + $TmpValue = $PSBoundParameters["RequiredResourceAccess"] + $Value = $TmpValue | ConvertTo-Json + $params["RequiredResourceAccess"] = $Value + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["Api"]) + { + $TmpValue = $PSBoundParameters["Api"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["Api"] = $Value + } + if($null -ne $PSBoundParameters["OptionalClaims"]) + { + $TmpValue = $PSBoundParameters["OptionalClaims"] + $Temp = $TmpValue | ConvertTo-Json + + $Value = $Temp + $params["OptionalClaims"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationExtensionProperty.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..35b2819bfe --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationExtensionProperty.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $TargetObjects, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DataType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["TargetObjects"]) + { + $params["TargetObjects"] = $PSBoundParameters["TargetObjects"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["Name"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["DataType"]) + { + $params["DataType"] = $PSBoundParameters["DataType"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.ps1 new file mode 100644 index 0000000000..3d9ca19308 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationFromApplicationTemplate { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.ApplicationTemplateDisplayName] $DisplayName, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["Id"]) { + $params["ApplicationTemplateId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $params["displayName"] = ($PSBoundParameters["displayName"]).displayname + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-MgBetaInstantiateApplicationTemplate @params -Headers $customHeaders + $Application = [PSCustomObject]@{ + "ObjectId" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["objectId"] + "ApplicationTemplateId" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["applicationTemplateId"] + "AppId" = ($response.Application).AppId + "DisplayName" = ($response.Application).DisplayName + "Homepage" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["homepage"] + "IdentifierUris" = ($response.Application).IdentifierUris + "PublicClient" = ($response.Application).PublicClient.RedirectUris + "ReplyUrls" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["replyUrls"] + "LogoutUrl" = ($response.Application | select-object -ExpandProperty web).LogoutUrl + "GroupMembershipClaims" = ($response.Application).GroupMembershipClaims + "AvailableToOtherTenants" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["availableToOtherTenants"] + } + $ServicePrincipal = [PSCustomObject]@{ + "Id" = ($response.ServicePrincipal).Id + "ObjectId" = ($response.ServicePrincipal | select-object -ExpandProperty AdditionalProperties)["objectId"] + "AccountEnabled" = ($response.ServicePrincipal).AccountEnabled + "AppDisplayName" = ($response.ServicePrincipal).AppDisplayName + "ApplicationTemplateId" = ($response.ServicePrincipal | select-object -ExpandProperty AdditionalProperties)["applicationTemplateId"] + "AppId" = ($response.ServicePrincipal).AppId + "AppRoleAssignmentRequired" = ($response.ServicePrincipal).AppRoleAssignmentRequired + "CustomSecurityAttributes" = ($response.ServicePrincipal).CustomSecurityAttributes + "DisplayName" = ($response.ServicePrincipal).DisplayName + "ErrorUrl" = ($response.ServicePrincipal).ErrorUrl + "LogoutUrl" = ($response.ServicePrincipal).LogoutUrl + "Homepage" = ($response.ServicePrincipal).Homepage + "SamlMetadataUrl" = ($response.ServicePrincipal).SamlMetadataUrl + "PublisherName" = ($response.ServicePrincipal).PublisherName + "PreferredTokenSigningKeyThumbprint" = ($response.ServicePrincipal).PreferredTokenSigningKeyThumbprint + "ReplyUrls" = ($response.ServicePrincipal).ReplyUrls + "Tags" = ($response.ServicePrincipal).Tags + "ServicePrincipalNames" = ($response.ServicePrincipal).ServicePrincipalNames + "KeyCredentials" = ($response.ServicePrincipal).KeyCredentials + "PasswordCredentials" = ($response.ServicePrincipal).PasswordCredentials + "IdentifierUris" = ($response.Application).IdentifierUris + "PublicClient" = ($response.Application).PublicClient.RedirectUris + "GroupMembershipClaims" = ($response.Application).GroupMembershipClaims + "AvailableToOtherTenants" = ($response.Application | select-object -ExpandProperty AdditionalProperties)["availableToOtherTenants"] + } + $re = [PSCustomObject]@{ + "application" = $Application + "serviceprincipal" = $ServicePrincipal + } + $re + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKey.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKey.ps1 new file mode 100644 index 0000000000..a1b7cbb1b6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKey.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationKey { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Proof, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.MSGraph.Model.KeyCredential] $KeyCredential, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Proof"]) + { + $params["Proof"] = $PSBoundParameters["Proof"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["KeyCredential"]) + { + $params["KeyCredential"] = $PSBoundParameters["KeyCredential"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["PasswordCredential"]) + { + $params["PasswordCredential"] = $PSBoundParameters["PasswordCredential"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgBetaApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKeyCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..d16b96bde6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationKeyCredential.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyType]] $Type, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyUsage]] $Usage + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["Value"]) + { + $params["Value"] = $PSBoundParameters["Value"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["CustomKeyIdentifier"]) + { + $params["CustomKeyIdentifier"] = $PSBoundParameters["CustomKeyIdentifier"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["StartDate"]) + { + $params["StartDate"] = $PSBoundParameters["StartDate"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["Type"]) + { + $params["Type"] = $PSBoundParameters["Type"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["EndDate"]) + { + $params["EndDate"] = $PSBoundParameters["EndDate"] + } + if ($null -ne $PSBoundParameters["Usage"]) + { + $params["Usage"] = $PSBoundParameters["Usage"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgBetaApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPassword.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPassword.ps1 new file mode 100644 index 0000000000..c02087bba2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPassword.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationPassword { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PasswordCredential"]) + { + $TmpValue = $PSBoundParameters["PasswordCredential"] + $hash = @{} + $TmpValue.PSObject.Properties | ForEach-Object { + if ($_.Value) { + $hash[$_.Name] = $_.Value + } + } + + $Value = $hash + $params["PasswordCredential"] = $Value + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgBetaApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..33592568a8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationPasswordCredential.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + $body=@{} + + if($null -ne $PSBoundParameters["StartDate"]) + { + $body["startDateTime"] = $PSBoundParameters["StartDate"] + } + if($null -ne $PSBoundParameters["EndDate"]) + { + $body["endDateTime"] = $PSBoundParameters["EndDate"] + } + if($null -ne $PSBoundParameters["CustomKeyIdentifier"]) + { + $body["displayName"] = $PSBoundParameters["CustomKeyIdentifier"] + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + $params["PasswordCredential"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Add-MgBetaApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + If($_.DisplayName){ + $Value = [System.Text.Encoding]::ASCII.GetBytes($_.DisplayName) + Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $Value -Force + } + Add-Member -InputObject $_ -MemberType AliasProperty -Name Value -Value SecretText + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyApplication.ps1 new file mode 100644 index 0000000000..aacdd9477e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyApplication.ps1 @@ -0,0 +1,176 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationProxyApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DisplayName, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExternalUrl, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $InternalUrl, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [String] $ExternalAuthenticationType, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsTranslateHostHeaderEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsHttpOnlyCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsSecureCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsPersistentCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsTranslateLinksInBodyEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationServerTimeout, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConnectorGroupId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $onPremisesPublishing = @{} + if($null -ne $PSBoundParameters["DisplayName"]) + { + $DisplayName = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["ExternalUrl"]) + { + $onPremisesPublishing["externalUrl"] = $PSBoundParameters["ExternalUrl"] + } + if($null -ne $PSBoundParameters["InternalUrl"]) + { + $onPremisesPublishing["internalUrl"] = $PSBoundParameters["InternalUrl"] + } + if($null -ne $PSBoundParameters["ExternalAuthenticationType"]) + { + $onPremisesPublishing["externalAuthenticationType"] = $PSBoundParameters["ExternalAuthenticationType"] + $onPremisesPublishing["externalAuthenticationType"] = $onPremisesPublishing.externalAuthenticationType.Substring(0, 1).ToLower() + $onPremisesPublishing.externalAuthenticationType.Substring(1) + } + if($null -ne $PSBoundParameters["IsTranslateHostHeaderEnabled"]) + { + $onPremisesPublishing["isTranslateHostHeaderEnabled"] = $PSBoundParameters["IsTranslateHostHeaderEnabled"] + } + if($null -ne $PSBoundParameters["IsHttpOnlyCookieEnabled"]) + { + $onPremisesPublishing["isHttpOnlyCookieEnabled"] = $PSBoundParameters["IsHttpOnlyCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsSecureCookieEnabled"]) + { + $onPremisesPublishing["isSecureCookieEnabled"] = $PSBoundParameters["IsSecureCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsPersistentCookieEnabled"]) + { + $onPremisesPublishing["isPersistentCookieEnabled"] = $PSBoundParameters["IsPersistentCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsTranslateLinksInBodyEnabled"]) + { + $onPremisesPublishing["isTranslateLinksInBodyEnabled"] = $PSBoundParameters["IsTranslateLinksInBodyEnabled"] + } + if($null -ne $PSBoundParameters["ApplicationServerTimeout"]) + { + $onPremisesPublishing["applicationServerTimeout"] = $PSBoundParameters["ApplicationServerTimeout"] + } + + #Create New App + $newAppBody = @{ + displayName = $DisplayName + } | ConvertTo-Json + try { + $NewApp = Invoke-GraphRequest -Uri 'https://graph.microsoft.com/v1.0/applications' -Method POST -Body $newAppBody + $Id = $NewApp.Id + } catch { + Write-Error $_ + return + } + + # Update InternalUrl and ExternalUrl + if($null -ne $NewApp){ + if ($ExternalUrl.EndsWith("/")) { + $exUrl = $ExternalUrl.TrimEnd("/") + } + else { + $exUrl = $ExternalUrl + } + $UpdateUrlBody = @{ + identifierUris = @($exUrl) + web = @{ + redirectUris = @($ExternalUrl) + homePageUrl = $InternalUrl + } + } + try { + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$Id" -Method PATCH -Body $updateUrlBody + } catch { + Write-Error $_ + return + } + } + + # Create ServicePrincipal + if($null -ne $NewApp){ + $serviceBody = @{ + appId = $NewApp.AppId + } | ConvertTo-Json + try { + $ServicePrincipal = Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/servicePrincipals" -Method POST -Body $serviceBody + } catch { + Write-Error $_ + return + } + } + + # update onpremises + if($null -ne $ServicePrincipal -and $null -ne $NewApp){ + $onPremisesPublishingBody = @{onPremisesPublishing = $onPremisesPublishing} + try { + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$Id" -Method PATCH -Body $onPremisesPublishingBody + } catch { + Write-Error $_ + return + } + } + + #update connector group + if($null -ne $PSBoundParameters["ConnectorGroupId"] -and $null -ne $NewApp){ + $ConnectorGroupId = $PSBoundParameters["ConnectorGroupId"] + $ConnectorGroupBody = @{ + "@odata.id" = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationproxy/connectorGroups/$ConnectorGroupId" + } + $ConnectorGroupBody = $ConnectorGroupBody | ConvertTo-Json + $ConnectorGroupUri = "https://graph.microsoft.com/beta/applications/$Id/connectorGroup/" + '$ref' + try { + Invoke-GraphRequest -Method PUT -Uri $ConnectorGroupUri -Body $ConnectorGroupBody -ContentType "application/json" + } catch { + Write-Error $_ + return + } + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$Id/onPremisesPublishing" -Headers $customHeaders -Method GET) | ConvertTo-Json -depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name ObjectId -Value $Id + } + } + + $response = $response | Select-Object ObjectId,ExternalAuthenticationType,ApplicationServerTimeout,ExternalUrl,InternalUrl,IsTranslateHostHeaderEnabled,IsTranslateLinksInBodyEnabled,IsOnPremPublishingEnabled,VerifiedCustomDomainCertificatesMetadata,VerifiedCustomDomainKeyCredential,VerifiedCustomDomainPasswordCredential,SingleSignOnSettings,IsHttpOnlyCookieEnabled,IsSecureCookieEnabled,IsPersistentCookieEnabled | ConvertTo-Json -depth 10 | ConvertFrom-Json + + $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphonPremisesPublishing + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + + } + + $respType + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.ps1 new file mode 100644 index 0000000000..3b3d20bad8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaApplicationProxyConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "POST" + $body = @{} + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups" + + if($null -ne $PSBoundParameters["Name"]) + { + $body = @{ + "name" = $PSBoundParameters["Name"] + } + $body = $body | ConvertTo-Json + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-MgGraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri -Body $body -ContentType "application/json" + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..b224ae323b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Applications | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.ps1 new file mode 100644 index 0000000000..a17ab2b9f2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPasswordSingleSignOnCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.PasswordSSOCredentials] $PasswordSSOCredential, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["PasswordSSOCredential"]) + { + $TmpValue = $PSBoundParameters["PasswordSSOCredential"] + $Value = $TmpValue | ConvertTo-Json + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaServicePrincipalPasswordSingleSignOnCredential @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipal.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipal.ps1 new file mode 100644 index 0000000000..56a49ad477 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipal.ps1 @@ -0,0 +1,229 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ServicePrincipalType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $LogoutUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Homepage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PublisherName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $AlternativeNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ReplyUrls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ErrorUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AppId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SamlMetadataUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ServicePrincipalType"]) + { + $params["ServicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] + } + if ($null -ne $PSBoundParameters["LogoutUrl"]) + { + $params["LogoutUrl"] = $PSBoundParameters["LogoutUrl"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["Homepage"]) + { + $params["Homepage"] = $PSBoundParameters["Homepage"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalNames"]) + { + $params["ServicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] + } + if ($null -ne $PSBoundParameters["PublisherName"]) + { + $params["PublisherName"] = $PSBoundParameters["PublisherName"] + } + if ($null -ne $PSBoundParameters["AlternativeNames"]) + { + $params["AlternativeNames"] = $PSBoundParameters["AlternativeNames"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) + { + $params["AppRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] + } + if ($null -ne $PSBoundParameters["ReplyUrls"]) + { + $params["ReplyUrls"] = $PSBoundParameters["ReplyUrls"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ErrorUrl"]) + { + $params["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $TmpValue = $PSBoundParameters["AccountEnabled"] + $Value = $null + + if (-not [bool]::TryParse($TmpValue, [ref]$Value)) { + throw 'Invalid input for AccountEnabled' + return + } + $params["AccountEnabled"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDate + SecretText= $v.Value + StartDateTime= $v.StartDate + } + + $a += $hash + } + $Value = $a + $params["PasswordCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AppId"]) + { + $params["AppId"] = $PSBoundParameters["AppId"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $input = $TmpValue + foreach($v in $input) + { + $hash = @{ + CustomKeyIdentifier= $v.CustomKeyIdentifier + EndDateTime = $v.EndDate + Key= $v.Value + StartDateTime= $v.StartDate + Type= $v.Type + Usage= $v.Usage + } + + $a += $hash + } + $Value = $a + $params["KeyCredentials"] = $Value + } + if ($null -ne $PSBoundParameters["SamlMetadataUrl"]) + { + $params["SamlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name AppOwnerTenantId -Value AppOwnerOrganizationId + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..8becd720be --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AppRoleId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..7b16611587 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaServicePrincipalPasswordCredential { + function New-EntraBetaServicePrincipalPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomKeyIdentifier, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $StartDate, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ServicePrincipalId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Value, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.DateTime]] $EndDate + ) + + PROCESS{ + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/beta/servicePrincipals' + $Method = "POST" + if($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + $params["StartDate"] = $PSBoundParameters["StartDate"] + $params["EndDate"] = $PSBoundParameters["EndDate"] + + $URI = "$baseUri/$($params.ServicePrincipalId)/addPassword" + $body = @{ + passwordCredential = @{ + startDateTime = $PSBoundParameters["StartDate"]; + endDateTime = $PSBoundParameters["EndDate"]; + } + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -Body $body) + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime + } + } + + $targetTypeList = @() + foreach($data in $response){ + $target = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPasswordCredential + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $target | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $target + } + $targetTypeList + } +} +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplication.ps1 new file mode 100644 index 0000000000..4d633191d3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplication.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationExtensionProperty.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationExtensionProperty.ps1 new file mode 100644 index 0000000000..dd91730a2b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationExtensionProperty.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationExtensionProperty { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionPropertyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ExtensionPropertyId"]) + { + $params["ExtensionPropertyId"] = $PSBoundParameters["ExtensionPropertyId"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationExtensionProperty @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKey.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKey.ps1 new file mode 100644 index 0000000000..8a3f807402 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKey.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationKey { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Proof, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $KeyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Proof"]) + { + $params["Proof"] = $PSBoundParameters["Proof"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKeyCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKeyCredential.ps1 new file mode 100644 index 0000000000..bba49acaa8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationKeyCredential.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationKeyCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationKey @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationOwner.ps1 new file mode 100644 index 0000000000..71299f078e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPassword.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPassword.ps1 new file mode 100644 index 0000000000..973677a901 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPassword.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationPassword { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $KeyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..2a8279ceb8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPasswordCredential.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["KeyId"]) + { + $params["KeyId"] = $PSBoundParameters["KeyId"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaApplicationPassword @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPolicy.ps1 new file mode 100644 index 0000000000..6ac9e1a018 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationPolicy.ps1 @@ -0,0 +1,34 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) { + $params["PolicyId"] = $PSBoundParameters["PolicyId"] + } + $Method = "DELETE" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = 'https://graph.microsoft.com/beta/applications/{0}/policies/{1}/$ref' -f $Id,$PolicyId + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplication.ps1 new file mode 100644 index 0000000000..e6f14799ba --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplication.ps1 @@ -0,0 +1,50 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationProxyApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $RemoveADApplication + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $ObjectId = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["RemoveADApplication"] -and $true -eq $PSBoundParameters["RemoveADApplication"] ) + { + $body = @{ + onPremisesPublishing = @{ + internalUrl = "PowerShellDeleteApplication" + externalUrl = "PowerShellDeleteApplication" + } + } | ConvertTo-Json + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId" -Method PATCH -Body $body + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId" -Method DELETE -Headers $customHeaders + } + if($null -eq $PSBoundParameters["RemoveADApplication"] -or ($null -ne $PSBoundParameters["RemoveADApplication"] -and $false -eq $PSBoundParameters["RemoveADApplication"])) + { + $body = @{ + onPremisesPublishing = @{ + internalUrl = "PowerShellDeleteApplication" + externalUrl = "PowerShellDeleteApplication" + } + } | ConvertTo-Json + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId" -Method PATCH -Headers $customHeaders -Body $body + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 new file mode 100644 index 0000000000..3a12cbf8cc --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationProxyApplicationConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $OnPremisesPublishingProfileId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "DELETE" + if($null -ne $PSBoundParameters["OnPremisesPublishingProfileId"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/applications/$OnPremisesPublishingProfileId/connectorGroup/"+'$ref' + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-MgGraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 new file mode 100644 index 0000000000..223beccb35 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 @@ -0,0 +1,28 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationProxyConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "DELETE" + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.ps1 new file mode 100644 index 0000000000..32a5711a40 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaApplicationVerifiedPublisher { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["AppObjectId"]) + { + $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Clear-MgBetaApplicationVerifiedPublisher @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedApplication.ps1 new file mode 100644 index 0000000000..bddbcf8c2c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedApplication.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDeletedApplication { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedDirectoryObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedDirectoryObject.ps1 new file mode 100644 index 0000000000..d8e3e632d2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaDeletedDirectoryObject.ps1 @@ -0,0 +1,21 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDeletedDirectoryObject { + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + $Method = "DELETE" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = "https://graph.microsoft.com/v1.0/directory/deletedItems/$Id" + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 new file mode 100644 index 0000000000..74c45050c5 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaPasswordSingleSignOnCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.PasswordSSOObjectId] $PasswordSSOObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["PasswordSSOObjectId"]) + { + $TmpValue = $PSBoundParameters["PasswordSSOObjectId"] + $Value = $TmpValue.Id + $params["Id"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipal.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipal.ps1 new file mode 100644 index 0000000000..cca61beefe --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipal.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipal { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaServicePrincipal @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 new file mode 100644 index 0000000000..a26d60f9af --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipalAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaServicePrincipalAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 new file mode 100644 index 0000000000..a5ae6f0d90 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 @@ -0,0 +1,21 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipalDelegatedPermissionClassification { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId + ) + + PROCESS{ + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + Remove-MgBetaServicePrincipalDelegatedPermissionClassification -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -DelegatedPermissionClassificationId $PSBoundParameters["Id"] + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalOwner.ps1 new file mode 100644 index 0000000000..e9ec34b258 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipalOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ServicePrincipalId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaServicePrincipalOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 new file mode 100644 index 0000000000..e3a9f25226 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 @@ -0,0 +1,35 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipalPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KeyId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ServicePrincipalId + ) + + PROCESS{ + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/beta/servicePrincipals' + $Method = "POST" + if($null -ne $PSBoundParameters["ServicePrincipalId"] -and $null -ne $PSBoundParameters["KeyId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] + $params["KeyId"] = $PSBoundParameters["KeyId"] + $URI = "$baseUri/$($params.ServicePrincipalId)/removePassword" + $body = @{ + "keyId" = $($params.KeyId) + } + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -Body $body) + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Restore-EntraBetaDeletedApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Restore-EntraBetaDeletedApplication.ps1 new file mode 100644 index 0000000000..d9ff988e5e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Restore-EntraBetaDeletedApplication.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Restore-EntraBetaDeletedApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["ObjectId"] + } + if($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Restore-MgBetaDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name Homepage -value $_.AdditionalProperties['web']['homePageUrl'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ReplyUrls -value $_.AdditionalProperties['web']['redirectUris'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ParentalControlSettings -value $_.AdditionalProperties['parentalControlSettings'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PasswordCredentials -value $_.AdditionalProperties['passwordCredentials'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name KeyCredentials -value $_.AdditionalProperties['keyCredentials'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AddIns -value $_.AdditionalProperties['addIns'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AppId -value $_.AdditionalProperties['appId'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name AppRoles -value $_.AdditionalProperties['appRoles'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name DisplayName -value $_.AdditionalProperties['displayName'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name IdentifierUris -value $_.AdditionalProperties['identifierUris'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name KnownClientApplications -value $_.AdditionalProperties['api']['knownClientApplications'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name Oauth2Permissions -value $_.AdditionalProperties['api']['oauth2PermissionScopes'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PreAuthorizedApplications -value $_.AdditionalProperties['api']['preAuthorizedApplications'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PublicClient -value $_.AdditionalProperties['publicClient'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name PublisherDomain -value $_.AdditionalProperties['publisherDomain'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name RequiredResourceAccess -value $_.AdditionalProperties['requiredResourceAccess'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name SignInAudience -value $_.AdditionalProperties['signInAudience'] + Add-Member -InputObject $_ -MemberType NoteProperty -Name ObjectType -value $_.AdditionalProperties['@odata.type'] + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 new file mode 100644 index 0000000000..64c4ffa64c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraBetaGroupIdsServicePrincipalIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgBetaServicePrincipalMemberOf @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.Id + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplication.ps1 new file mode 100644 index 0000000000..1434ad3ae2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplication.ps1 @@ -0,0 +1,278 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplication { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ApiApplication] $Api, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]] $AddIns, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.WebApplication] $Web, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $IdentifierUris, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ParentalControlSettings] $ParentalControlSettings, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication]] $PreAuthorizedApplications, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TokenEncryptionKeyId, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.OptionalClaims] $OptionalClaims, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GroupMembershipClaims, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.PublicClientApplication] $PublicClient, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]] $PasswordCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OrgRestrictions, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SignInAudience, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InformationalUrl] $InformationalUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]] $RequiredResourceAccess, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]] $AppRoles + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["Api"]) + { + $TmpValue = $PSBoundParameters["Api"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["Api"] = $Value + } + if($null -ne $PSBoundParameters["OptionalClaims"]) + { + $TmpValue = $PSBoundParameters["OptionalClaims"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["OptionalClaims"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["Tags"]) + { + $params["Tags"] = $PSBoundParameters["Tags"] + } + if($null -ne $PSBoundParameters["Web"]) + { + $TmpValue = $PSBoundParameters["Web"] + $Value = @{} + if($TmpValue.LogoutUrl) { $Value["LogoutUrl"] = $TmpValue.LogoutUrl } + if($TmpValue.RedirectUris) { $Value["RedirectUris"] = $TmpValue.RedirectUris } + if($TmpValue.ImplicitGrantSettings) { $Value["ImplicitGrantSettings"] = $TmpValue.ImplicitGrantSettings } + + $params["Web"] = $Value + } + if($null -ne $PSBoundParameters["IsFallbackPublicClient"]) + { + $params["IsFallbackPublicClient"] = $PSBoundParameters["IsFallbackPublicClient"] + } + if($null -ne $PSBoundParameters["RequiredResourceAccess"]) + { + $TmpValue = $PSBoundParameters["RequiredResourceAccess"] + $Value = $TmpValue | ConvertTo-Json + $params["RequiredResourceAccess"] = $Value + } + if($null -ne $PSBoundParameters["PublicClient"]) + { + $TmpValue = $PSBoundParameters["PublicClient"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["PublicClient"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["IsDeviceOnlyAuthSupported"]) + { + $params["IsDeviceOnlyAuthSupported"] = $PSBoundParameters["IsDeviceOnlyAuthSupported"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $TmpValue = $PSBoundParameters["KeyCredentials"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } + if($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } + if($TmpValue.Key) { $hash["Key"] = $v.Key } + if($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } + if($TmpValue.Type) { $hash["Type"] = $v.Type } + if($TmpValue.Usage) { $hash["Usage"] = $v.Usage } + if($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } + + $a += $hash + } + + $Value = $a + $params["KeyCredentials"] = $Value + } + if($null -ne $PSBoundParameters["TokenEncryptionKeyId"]) + { + $params["TokenEncryptionKeyId"] = $PSBoundParameters["TokenEncryptionKeyId"] + } + if($null -ne $PSBoundParameters["IdentifierUris"]) + { + $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] + } + if($null -ne $PSBoundParameters["ParentalControlSettings"]) + { + $TmpValue = $PSBoundParameters["ParentalControlSettings"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["ParentalControlSettings"] = $Value + } + if($null -ne $PSBoundParameters["GroupMembershipClaims"]) + { + $params["GroupMembershipClaims"] = $PSBoundParameters["GroupMembershipClaims"] + } + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["AppRoles"]) + { + $TmpValue = $PSBoundParameters["AppRoles"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.AllowedMemberTypes) { $hash["AllowedMemberTypes"] = $v.AllowedMemberTypes } + if($TmpValue.Description) { $hash["Description"] = $v.Description } + if($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } + if($TmpValue.Id) { $hash["Id"] = $v.Id } + if($TmpValue.IsEnabled) { $hash["IsEnabled"] = $v.IsEnabled } + if($TmpValue.Value) { $hash["Value"] = $v.Value } + + $a += $hash + } + + $Value = $a + $params["AppRoles"] = $Value + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $TmpValue = $PSBoundParameters["PasswordCredentials"] + $a = @() + $inpu = $TmpValue + foreach($v in $inpu) + { + $hash = @{} + if($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } + if($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } + if($TmpValue.Hint) { $hash["Hint"] = $v.Hint } + if($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } + if($TmpValue.SecretText) { $hash["SecretText"] = $v.SecretText } + if($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } + + $a += $hash + } + + $Value = $a + $params["PasswordCredentials"] = $Value + } + if($null -ne $PSBoundParameters["SignInAudience"]) + { + $params["SignInAudience"] = $PSBoundParameters["SignInAudience"] + } + if($null -ne $PSBoundParameters["InformationalUrl"]) + { + $TmpValue = $PSBoundParameters["InformationalUrl"] + $Temp = $TmpValue | ConvertTo-Json + $Value = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } + $params["Info"] = $Value + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaApplication @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationLogo.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationLogo.ps1 new file mode 100644 index 0000000000..c26144b8e9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationLogo.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationLogo { + [CmdletBinding(DefaultParameterSetName = 'File')] + param ( + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Stream")] + [Parameter(ParameterSetName = "File")] + [Parameter(ParameterSetName = "ByteArray")] + [System.String] $ApplicationId, + [Parameter(ParameterSetName = "ByteArray", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Byte[]] $ImageByteArray, + [Parameter(ParameterSetName = "Stream", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.IO.Stream] $FileStream + ) + PROCESS { + try{ + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = 'https://graph.microsoft.com/beta/applications' + $Method = "PUT" + + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] + $URI = "$baseUri/$($params.ApplicationId)/logo" + } + if($null -ne $PSBoundParameters["FilePath"]){ + $params["FilePath"] = $PSBoundParameters["FilePath"] + $isUrl = [System.Uri]::IsWellFormedUriString($($params.FilePath), [System.UriKind]::Absolute) + $isLocalFile = [System.IO.File]::Exists($($params.FilePath)) + + if($isUrl){ + $logoBytes = (Invoke-WebRequest $($params.FilePath)).Content + } + elseif($isLocalFile){ + $logoBytes = [System.IO.File]::ReadAllBytes($($params.FilePath)) + } + else{ + Write-Error -Message "FilePath is invalid" -ErrorAction Stop + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -ContentType "image/*" -Body $logoBytes + } + catch [System.Net.WebException]{ + Write-Error -Message "FilePath is invalid. Invalid or malformed url" -ErrorAction Stop + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplication.ps1 new file mode 100644 index 0000000000..34f7fec157 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplication.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationProxyApplication { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ApplicationId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExternalUrl, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $InternalUrl, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [String] $ExternalAuthenticationType, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsTranslateHostHeaderEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsHttpOnlyCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsSecureCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsPersistentCookieEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Boolean]] $IsTranslateLinksInBodyEnabled, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ApplicationServerTimeout, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConnectorGroupId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $onPremisesPublishing = @{} + if($null -ne $PSBoundParameters["ApplicationId"]) + { + $ApplicationId = $PSBoundParameters["ApplicationId"] + } + if($null -ne $PSBoundParameters["ExternalUrl"]) + { + $onPremisesPublishing["externalUrl"] = $PSBoundParameters["ExternalUrl"] + } + if($null -ne $PSBoundParameters["InternalUrl"]) + { + $onPremisesPublishing["internalUrl"] = $PSBoundParameters["InternalUrl"] + } + if($null -ne $PSBoundParameters["ExternalAuthenticationType"]) + { + $onPremisesPublishing["externalAuthenticationType"] = $PSBoundParameters["ExternalAuthenticationType"] + $onPremisesPublishing["externalAuthenticationType"] = $onPremisesPublishing.externalAuthenticationType.Substring(0, 1).ToLower() + $onPremisesPublishing.externalAuthenticationType.Substring(1) + } + if($null -ne $PSBoundParameters["IsTranslateHostHeaderEnabled"]) + { + $onPremisesPublishing["isTranslateHostHeaderEnabled"] = $PSBoundParameters["IsTranslateHostHeaderEnabled"] + } + if($null -ne $PSBoundParameters["IsHttpOnlyCookieEnabled"]) + { + $onPremisesPublishing["isHttpOnlyCookieEnabled"] = $PSBoundParameters["IsHttpOnlyCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsSecureCookieEnabled"]) + { + $onPremisesPublishing["isSecureCookieEnabled"] = $PSBoundParameters["IsSecureCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsPersistentCookieEnabled"]) + { + $onPremisesPublishing["isPersistentCookieEnabled"] = $PSBoundParameters["IsPersistentCookieEnabled"] + } + if($null -ne $PSBoundParameters["IsTranslateLinksInBodyEnabled"]) + { + $onPremisesPublishing["isTranslateLinksInBodyEnabled"] = $PSBoundParameters["IsTranslateLinksInBodyEnabled"] + } + if($null -ne $PSBoundParameters["ApplicationServerTimeout"]) + { + $onPremisesPublishing["applicationServerTimeout"] = $PSBoundParameters["ApplicationServerTimeout"] + } + + # Update InternalUrl and ExternalUrl + if ($ExternalUrl.EndsWith("/")) { + $exUrl = $ExternalUrl.TrimEnd("/") + } + else { + $exUrl = $ExternalUrl + } + $updateUrlBody = @{ + identifierUris = @($exUrl) + web = @{ + redirectUris = @($ExternalUrl) + homePageUrl = $InternalUrl + logoutUrl = $ExternalUrl+"?appproxy=logout" + } + } + try { + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId" -Method PATCH -Body $updateUrlBody + } catch { + Write-Error $_ + return + } + + # update onpremises + $onPremisesPublishingBody = @{onPremisesPublishing = $onPremisesPublishing} + try { + Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId" -Method PATCH -Body $onPremisesPublishingBody + } catch { + Write-Error $_ + return + } + + #update connector group + if($null -ne $PSBoundParameters["ConnectorGroupId"]){ + $ConnectorGroupId = $PSBoundParameters["ConnectorGroupId"] + $ConnectorGroupBody = @{ + "@odata.id" = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationproxy/connectorGroups/$ConnectorGroupId" + } + $ConnectorGroupBody = $ConnectorGroupBody | ConvertTo-Json + $ConnectorGroupUri = "https://graph.microsoft.com/beta/applications/$ObjectId/connectorGroup/" + '$ref' + try { + Invoke-GraphRequest -Method PUT -Uri $ConnectorGroupUri -Body $ConnectorGroupBody -ContentType "application/json" + } catch { + Write-Error $_ + return + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/applications/$ObjectId/onPremisesPublishing" -Method GET -Headers $customHeaders) | ConvertTo-Json -depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name ObjectId -Value $ObjectId + } + } + $response | Select-Object ObjectId,ExternalAuthenticationType,ApplicationServerTimeout,ExternalUrl,InternalUrl,IsTranslateHostHeaderEnabled,IsTranslateLinksInBodyEnabled,IsOnPremPublishingEnabled,VerifiedCustomDomainCertificatesMetadata,VerifiedCustomDomainKeyCredential,VerifiedCustomDomainPasswordCredential,SingleSignOnSettings,IsHttpOnlyCookieEnabled,IsSecureCookieEnabled,IsPersistentCookieEnabled + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 new file mode 100644 index 0000000000..6c2befde95 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationProxyApplicationConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $OnPremisesPublishingProfileId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConnectorGroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "PUT" + $body = @{} + if($null -ne $PSBoundParameters["OnPremisesPublishingProfileId"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/applications/$OnPremisesPublishingProfileId/connectorGroup/" + '$ref' + } + if($null -ne $PSBoundParameters["ConnectorGroupId"]) + { + $body = @{ + "@odata.id" = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationproxy/connectorGroups/$ConnectorGroupId" + } + $body = $body | ConvertTo-Json + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-MgGraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri -Body $body -ContentType "application/json" + } +}function Restore-EntraBetaDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $AutoReconcileProxyConflict + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = 'https://graph.microsoft.com/beta/directory/deletedItems/' + $params["Method"] = "POST" + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] += $Id+"/microsoft.graph.restore" + } + if($PSBoundParameters.ContainsKey("AutoReconcileProxyConflict")) + { + $params["Body"] = @{ + autoReconcileProxyConflict = $true + } + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 new file mode 100644 index 0000000000..7b82ab121c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationProxyApplicationSingleSignOn { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SingleSignOnMode, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $KerberosDelegatedLoginIdentity, + [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [String] $KerberosInternalApplicationServicePrincipalName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "PATCH" + $body = @{} + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/applications/$ObjectId" + } + if($null -ne $PSBoundParameters["SingleSignOnMode"]) + { + $SingleSignOnMode = $PSBoundParameters["SingleSignOnMode"] + $SingleSignOnMode = $SingleSignOnMode.Substring(0, 1).ToLower() + $SingleSignOnMode.Substring(1) + } + if($null -ne $PSBoundParameters["KerberosDelegatedLoginIdentity"]) + { + $KerberosDelegatedLoginIdentity = $PSBoundParameters["KerberosDelegatedLoginIdentity"] + $KerberosDelegatedLoginIdentity = $KerberosDelegatedLoginIdentity.Substring(0, 1).ToLower() + $KerberosDelegatedLoginIdentity.Substring(1) + } + if($null -ne $PSBoundParameters["KerberosInternalApplicationServicePrincipalName"]) + { + $KerberosInternalApplicationServicePrincipalName = $PSBoundParameters["KerberosInternalApplicationServicePrincipalName"] + $KerberosInternalApplicationServicePrincipalName = $KerberosInternalApplicationServicePrincipalName.Substring(0, 1).ToLower() + $KerberosInternalApplicationServicePrincipalName.Substring(1) + } + $body = @{ + onPremisesPublishing = @{ + singleSignOnSettings = @{ + singleSignOnMode = $SingleSignOnMode + } + } + } + + if (-not [string]::IsNullOrWhiteSpace($KerberosInternalApplicationServicePrincipalName) -or -not [string]::IsNullOrWhiteSpace($KerberosDelegatedLoginIdentity) -and ($SingleSignOnMode -ne 'none' -and $SingleSignOnMode -ne 'headerbased')) + { + if ($KerberosInternalApplicationServicePrincipalName -eq '') { + Write-Error "Set-EntraBetaApplicationProxyApplicationSingleSignOn : KerberosInternalApplicationServicePrincipalName is a required field for kerberos mode." + break + } + elseif ($KerberosDelegatedLoginIdentity -eq '') { + Write-Error "Set-EntraBetaApplicationProxyApplicationSingleSignOn : KerberosDelegatedLoginIdentity is a required field for kerberos mode." + break + } + $body.onPremisesPublishing.singleSignOnSettings.kerberosSignOnSettings = @{ + kerberosServicePrincipalName = $KerberosInternalApplicationServicePrincipalName + kerberosSignOnMappingAttributeType = $KerberosDelegatedLoginIdentity + } + } + + $body = $body | ConvertTo-Json -Depth 10 + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri -Body $body -ContentType "application/json" + } +}# --------------------------------------------------------------------------- + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnector.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnector.ps1 new file mode 100644 index 0000000000..c22d14120c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnector.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationProxyConnector { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OnPremisesPublishingProfileId, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConnectorGroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "POST" + $body = @{} + if($null -ne $PSBoundParameters["OnPremisesPublishingProfileId"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectors/$OnPremisesPublishingProfileId/memberOf/" + '$ref' + } + if($null -ne $PSBoundParameters["ConnectorGroupId"]) + { + $body = @{ + "@odata.id" = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$ConnectorGroupId" + } + $body = $body | ConvertTo-Json + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-MgGraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri -Body $body -ContentType "application/json" + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.ps1 new file mode 100644 index 0000000000..472bc6e4ff --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.ps1 @@ -0,0 +1,37 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationProxyConnectorGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Method"] = "PATCH" + $body = @{} + if($null -ne $PSBoundParameters["Id"]) + { + $params["Uri"] = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationProxy/connectorGroups/$Id" + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["Name"] = $PSBoundParameters["Name"] + } + + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri -Body $body + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.ps1 new file mode 100644 index 0000000000..455e33e7cc --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaApplicationVerifiedPublisher { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.SetVerifiedPublisherRequest] $SetVerifiedPublisherRequest, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["SetVerifiedPublisherRequest"]) + { + $params["SetVerifiedPublisherRequest"] = $PSBoundParameters["SetVerifiedPublisherRequest"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["AppObjectId"]) + { + $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgBetaApplicationVerifiedPublisher @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.ps1 new file mode 100644 index 0000000000..a511f7d737 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPasswordSingleSignOnCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.PasswordSSOCredentials] $PasswordSSOCredential, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["PasswordSSOCredential"]) + { + $TmpValue = $PSBoundParameters["PasswordSSOCredential"] + $Value = $TmpValue | ConvertTo-Json + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["ServicePrincipalId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaServicePrincipalPasswordSingleSignOnCredential @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaServicePrincipal.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaServicePrincipal.ps1 new file mode 100644 index 0000000000..73cc77c244 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Applications/Set-EntraBetaServicePrincipal.ps1 @@ -0,0 +1,169 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaServicePrincipal { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $AlternativeNames, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PublisherName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ReplyUrls, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $LogoutUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ErrorUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $SamlMetadataUrl, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AccountEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ServicePrincipalType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Tags, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $ServicePrincipalId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Homepage, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AppId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredSingleSignOnMode + ) + + PROCESS { + $params = @{} + $params["Uri"] = "https://graph.microsoft.com/beta/servicePrincipals" + $params["Method"] = "PATCH" + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $body["accountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["AlternativeNames"]) + { + $body["alternativeNames"] = $PSBoundParameters["AlternativeNames"] + } + if($null -ne $PSBoundParameters["PreferredSingleSignOnMode"]) + { + $body["preferredSingleSignOnMode"] = $PSBoundParameters["PreferredSingleSignOnMode"] + } + if($null -ne $PSBoundParameters["Tags"]) + { + $body["tags"] = $PSBoundParameters["Tags"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["displayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["AppId"]) + { + $body["appId"] = $PSBoundParameters["AppId"] + } + if($null -ne $PSBoundParameters["ErrorUrl"]) + { + $body["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] + } + if($null -ne $PSBoundParameters["KeyCredentials"]) + { + $a = @() + $inpu = $PSBoundParameters["KeyCredentials"] + foreach($value in $inpu) + { + $hash = @{ + customKeyIdentifier= $value.CustomKeyIdentifier + endDateTime = $value.EndDate + key= $value.Value + startDateTime= $value.StartDate + type= $value.Type + usage= $value.Usage + } + $a += $hash + } + $body["keyCredentials"] = $a + } + if($null -ne $PSBoundParameters["ReplyUrls"]) + { + $body["replyUrls"] = $PSBoundParameters["ReplyUrls"] + } + if($null -ne $PSBoundParameters["ServicePrincipalId"]) + { + $params["Uri"] += "/$ServicePrincipalId" + } + if($null -ne $PSBoundParameters["LogoutUrl"]) + { + $body["logoutUrl"] = $PSBoundParameters["LogoutUrl"] + } + if($null -ne $PSBoundParameters["SamlMetadataUrl"]) + { + $body["samlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] + } + if($null -ne $PSBoundParameters["Homepage"]) + { + $body["homePage"] = $PSBoundParameters["Homepage"] + } + if($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) + { + $body["appRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] + } + if($null -ne $PSBoundParameters["PasswordCredentials"]) + { + $a = @() + $inpu = $PSBoundParameters["PasswordCredentials"] + foreach($value in $inpu) + { + $hash = @{ + customKeyIdentifier= $value.CustomKeyIdentifier + endDateTime = $value.EndDate + secretText= $value.Value + startDateTime= $value.StartDate + } + $a += $hash + } + + $body["passwordCredentials"] = $a + } + if($null -ne $PSBoundParameters["ServicePrincipalType"]) + { + $body["servicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] + } + if($null -ne $PSBoundParameters["PublisherName"]) + { + $body["publisherName"] = $PSBoundParameters["PublisherName"] + } + if($null -ne $PSBoundParameters["ServicePrincipalNames"]) + { + $body["servicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] + } + if($null -ne $PSBoundParameters["PreferredTokenSigningKeyThumbprint"]) + { + $body["preferredTokenSigningKeyThumbprint"] = $PSBoundParameters["PreferredTokenSigningKeyThumbprint"] + } + if($null -ne $PSBoundParameters["CustomSecurityAttributes"]) + { + $body["customSecurityAttributes"] = $PSBoundParameters["CustomSecurityAttributes"] + } + $params["Body"] = $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Connect-Entra.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Connect-Entra.ps1 new file mode 100644 index 0000000000..b1ba0a25d9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Connect-Entra.ps1 @@ -0,0 +1,173 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Connect-Entra { + [CmdletBinding(DefaultParameterSetName = 'UserParameterSet')] + param ( + [Parameter(ParameterSetName = "UserParameterSet",Position = 1)] + [System.String[]] $Scopes, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 1)] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Alias("AppId", "ApplicationId")][System.String] $ClientId, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet",Position = 4)] + [Alias("Audience", "Tenant")][System.String] $TenantId, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + $ContextScope, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "AccessTokenParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [ValidateNotNullOrEmpty()] + [Alias("EnvironmentName", "NationalCloud")][System.String] $Environment, + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [Switch] $EnvironmentVariable, + [Parameter(ParameterSetName = "UserParameterSet")] + [Alias("UseDeviceAuthentication", "DeviceCode", "DeviceAuth", "Device")][System.Management.Automation.SwitchParameter] $UseDeviceCode, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Parameter(ParameterSetName = "AccessTokenParameterSet")] + [Parameter(ParameterSetName = "UserParameterSet")] + [Parameter(ParameterSetName = "IdentityParameterSet")] + [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] + [ValidateNotNullOrEmpty()] + [Double] $ClientTimeout, + [Parameter()] + [Switch] $NoWelcome, + [Parameter(ParameterSetName = "IdentityParameterSet",Position = 1)] + [Alias("ManagedIdentity", "ManagedServiceIdentity", "MSI")][System.Management.Automation.SwitchParameter] $Identity, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 2)] + [Alias("CertificateSubject", "CertificateName")][System.String] $CertificateSubjectName, + [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 3)] + [System.String] $CertificateThumbprint, + [Parameter(ParameterSetName = "AppCertificateParameterSet")] + [System.Security.Cryptography.X509Certificates.X509Certificate2] $Certificate, + [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] + [Alias("SecretCredential", "Credential")][System.Management.Automation.PSCredential] $ClientSecretCredential, + [Parameter(ParameterSetName = "AccessTokenParameterSet",Position = 1)] + [System.Security.SecureString] $AccessToken + ) + + PROCESS { + $params = @{} + + if ($null -ne $PSBoundParameters["Scopes"]) { + $params["Scopes"] = $PSBoundParameters["Scopes"] + } + + if ($null -ne $PSBoundParameters["ClientId"]) { + $params["ClientId"] = $PSBoundParameters["ClientId"] + } + + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["TenantId"] = $PSBoundParameters["TenantId"] + } + + if ($null -ne $PSBoundParameters["ContextScope"]) { + $params["ContextScope"] = $PSBoundParameters["ContextScope"] + } + + if ($null -ne $PSBoundParameters["Environment"]) { + $params["Environment"] = $PSBoundParameters["Environment"] + } + + if ($PSBoundParameters.ContainsKey("EnvironmentVariable")) { + $params["EnvironmentVariable"] = $PSBoundParameters["EnvironmentVariable"] + } + + if ($null -ne $PSBoundParameters["UseDeviceCode"]) { + $params["UseDeviceCode"] = $PSBoundParameters["UseDeviceCode"] + } + + if ($null -ne $PSBoundParameters["ClientTimeout"]) { + $params["ClientTimeout"] = $PSBoundParameters["ClientTimeout"] + } + + if ($PSBoundParameters.ContainsKey("NoWelcome")) { + $params["NoWelcome"] = $PSBoundParameters["NoWelcome"] + } + + if ($PSBoundParameters.ContainsKey("Identity")) { + $params["Identity"] = $PSBoundParameters["Identity"] + } + + if ($null -ne $PSBoundParameters["CertificateSubjectName"]) { + $params["CertificateSubjectName"] = $PSBoundParameters["CertificateSubjectName"] + } + + if ($null -ne $PSBoundParameters["CertificateThumbprint"]) { + $params["CertificateThumbprint"] = $PSBoundParameters["CertificateThumbprint"] + } + + if ($null -ne $PSBoundParameters["Certificate"]) { + $params["Certificate"] = $PSBoundParameters["Certificate"] + } + + if ($null -ne $PSBoundParameters["ClientSecretCredential"]) { + $params["ClientSecretCredential"] = $PSBoundParameters["ClientSecretCredential"] + } + + if ($null -ne $PSBoundParameters["AccessToken"]) { + $params["AccessToken"] = $PSBoundParameters["AccessToken"] + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + Connect-MgGraph @params + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Disconnect-Entra.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Disconnect-Entra.ps1 new file mode 100644 index 0000000000..9a8a691a44 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Disconnect-Entra.ps1 @@ -0,0 +1,10 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Disconnect-Entra { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param () + Disconnect-MgGraph +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Get-EntraContext.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Get-EntraContext.ps1 new file mode 100644 index 0000000000..22c810597d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Get-EntraContext.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraContext { + [CmdletBinding(DefaultParameterSetName = '')] + param () + + PROCESS { + $params = @{} + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Confirm"]) + { + $params["Confirm"] = $PSBoundParameters["Confirm"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["WhatIf"]) + { + $params["WhatIf"] = $PSBoundParameters["WhatIf"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgContext @params + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..fe1c62162f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Authentication | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 new file mode 100644 index 0000000000..9a2d069329 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Reset-EntraBetaStrongAuthenticationMethodByUpn { + [CmdletBinding(DefaultParameterSetName = 'SetAccidentalDeletionThreshold')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $userId = $PSBoundParameters.UserPrincipalName + } + function DeleteAuthMethod($uid, $method){ + switch ($method.AdditionalProperties['@odata.type']) { + '#microsoft.graph.emailAuthenticationMethod' { + Remove-MgBetaUserAuthenticationEmailMethod -UserId $uid -EmailAuthenticationMethodId $method.Id + } + '#microsoft.graph.phoneAuthenticationMethod' { + Remove-MgBetaUserAuthenticationPhoneMethod -UserId $uid -PhoneAuthenticationMethodId $method.Id + } + Default { + + } + } + return $? # Return true if no error and false if there is an error + } + + $methods = Get-MgBetaUserAuthenticationMethod -UserId $userId -Headers $customHeaders + # -1 to account for passwordAuthenticationMethod + + foreach ($authMethod in $methods) { + $deleted = DeleteAuthMethod -uid $userId -method $authMethod + if(!$deleted){ + # We need to use the error to identify and delete the default method. + $defaultMethod = $authMethod + } + } + + # Graph API does not support reading default method of a user. + # Plus default method can only be deleted when it is the only (last) auth method for a user. + # We need to use the error to identify and delete the default method. + try { + if($null -ne $defaultMethod){ + $result = DeleteAuthMethod -uid $userId -method $defaultMethod + } + } + catch {} + + if($null -ne $methods){ + $methods = Get-MgBetaUserAuthenticationMethod -UserId $userId + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 new file mode 100644 index 0000000000..8e1d0ed755 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 @@ -0,0 +1,28 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Revoke-EntraBetaSignedInUserAllRefreshToken { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri 'https://graph.microsoft.com/beta/me/revokeSignInSessions' -Method POST).value + if($response){ + $responseType = New-Object Microsoft.Graph.Beta.PowerShell.Models.ComponentsMwc6EoResponsesRevokesigninsessionsresponseContentApplicationJsonSchema + $responseType.Value= $response + $responseType + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.ps1 new file mode 100644 index 0000000000..b95a90a0d5 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Revoke-EntraBetaUserAllRefreshToken { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Revoke-MgBetaUserSignInSession @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..bcee774d4a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = New-MgBetaAdministrativeUnitMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..13c113f43f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsActive, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["IsActive"]) + { + $params["IsActive"] = $PSBoundParameters["IsActive"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["CustomSecurityAttributeDefinitionId"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["CustomSecurityAttributeDefinitionId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..32898fca8d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDeviceRegisteredOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..86f779c9e5 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue"} + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDeviceRegisteredUserByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..66b923f44a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue" + $params["OdataId"] = $Value + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryRoleMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.ps1 new file mode 100644 index 0000000000..0a0ee20222 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $RoleObjectId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AdministrativeUnitObjectId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.MsRoleMemberInfo] $RoleMemberInfo, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["RoleObjectId"]) + { + $params["RoleId"] = $PSBoundParameters["RoleObjectId"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RoleMemberInfo"]) + { + $TmpValue = $PSBoundParameters["RoleMemberInfo"] + $Value = @{ + id = ($TmpValue).Id + } | ConvertTo-Json + $params["RoleMemberInfo"] = $Value + } + if($null -ne $PSBoundParameters["AdministrativeUnitObjectId"]) + { + $params["AdministrativeUnitId1"] = $PSBoundParameters["AdministrativeUnitObjectId"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryAdministrativeUnitScopedRoleMember @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name AdministrativeUnitObjectId -Value AdministrativeUnitId + Add-Member -InputObject $_ -MemberType AliasProperty -Name RoleObjectId -Value RoleId + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('RoleMemberInfo') + try{ + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + }catch{} + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Confirm-EntraBetaDomain.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Confirm-EntraBetaDomain.ps1 new file mode 100644 index 0000000000..bfff21d933 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Confirm-EntraBetaDomain.ps1 @@ -0,0 +1,33 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Confirm-EntraBetaDomain { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][System.String] $DomainName, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][System.Boolean] $ForceTakeover + ) + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/beta/domains/$DomainName/verify" + $params["Method"] = "POST" + + if($null -ne $PSBoundParameters["ForceTakeover"]) + { + $body["ForceTakeover"] = $PSBoundParameters["ForceTakeover"] + } + + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.ps1 new file mode 100644 index 0000000000..62285d48ae --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraBetaDirectoryRole { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $RoleTemplateId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["RoleTemplateId"]) + { + $params["RoleTemplateId"] = $PSBoundParameters["RoleTemplateId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryRole @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAccountSku.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAccountSku.ps1 new file mode 100644 index 0000000000..3a04d7b07d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAccountSku.ps1 @@ -0,0 +1,74 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAccountSku { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgBetaSubscribedSku @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType NoteProperty -Name ActiveUnits -Value $_.PrepaidUnits.Enabled + Add-Member -InputObject $_ -MemberType NoteProperty -Name LockedOutUnits -Value $_.PrepaidUnits.LockedOut + Add-Member -InputObject $_ -MemberType NoteProperty -Name SuspendedUnits -Value $_.PrepaidUnits.Suspended + Add-Member -InputObject $_ -MemberType NoteProperty -Name WarningUnits -Value $_.PrepaidUnits.Warning + Add-Member -InputObject $_ -MemberType NoteProperty -Name AccountObjectId -Value $_.AccountId + Add-Member -InputObject $_ -MemberType NoteProperty -Name TargetClass -Value $_.AppliesTo + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.ps1 new file mode 100644 index 0000000000..d2dcd2b36a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{ObjectId = "Id"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaAdministrativeUnit @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..decbfe0904 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaAdministrativeUnitMember @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAttributeSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAttributeSet.ps1 new file mode 100644 index 0000000000..827934a422 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaAttributeSet.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AttributeSetId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AttributeSetId"]) + { + $params["AttributeSetId"] = $PSBoundParameters["AttributeSetId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryAttributeSet @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContact.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContact.ps1 new file mode 100644 index 0000000000..5a367b640f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContact.ps1 @@ -0,0 +1,121 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaContact { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{OrgContactId = "Id"} + if($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaContact @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value Phones + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value ServiceProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value Phones + $propsToConvert = @('Addresses','Manager','Phones') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactDirectReport.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactDirectReport.ps1 new file mode 100644 index 0000000000..e32b59e90c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactDirectReport.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaContactDirectReport { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaContactDirectReport @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactManager.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactManager.ps1 new file mode 100644 index 0000000000..43715d22f2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactManager.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaContactManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaContactManager @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactMembership.ps1 new file mode 100644 index 0000000000..6aaa4285d0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContactMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaContactMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaContactMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContract.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContract.ps1 new file mode 100644 index 0000000000..2a1b23d480 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaContract.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaContract { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ContractId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ContractId"]) + { + $params["ContractId"] = $PSBoundParameters["ContractId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaContract @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..8af74cb24c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryCustomSecurityAttributeDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..07ce4bf537 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AllowedValueId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["CustomSecurityAttributeDefinitionId"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["CustomSecurityAttributeDefinitionId"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.ps1 new file mode 100644 index 0000000000..0e1d1b4b52 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDeletedDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryObjectId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DirectoryObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["DirectoryObjectId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryDeletedItem @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDevice.ps1 new file mode 100644 index 0000000000..7f020359ea --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDevice.ps1 @@ -0,0 +1,138 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceOSVersion -Value OperatingSystemVersion + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ComplianceExpiryTime -Value ComplianceExpirationDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceOSType -Value OperatingSystem + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceTrustType -Value TrustType + Add-Member -InputObject $_ -MemberType AliasProperty -Name ApproximateLastLogonTimestamp -Value ApproximateLastSignInDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeviceObjectVersion -Value DeviceVersion + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DevicePhysicalIds -Value PhysicalIds + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..a19b699331 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDeviceRegisteredOwner @params -Headers $customHeaders + $properties = @{ + ObjectId = "Id" + DeletionTimestamp = "deletedDateTime" + DirSyncEnabled = "onPremisesSyncEnabled" + ImmutableId = "onPremisesImmutableId" + LastDirSyncTime = "OnPremisesLastSyncDateTime" + Mobile = "mobilePhone" + ProvisioningErrors = "onPremisesProvisioningErrors" + TelephoneNumber = "businessPhones" + } + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + foreach ($prop in $properties.GetEnumerator()) { + $propertyName = $prop.Name + $propertyValue = $prop.Value + if ($_.PSObject.Properties.Match($propertyName)) { + $_ | Add-Member -MemberType AliasProperty -Name $propertyName -Value $propertyValue + } + } + $propsToConvert = @('AssignedPlans','assignedLicenses','deviceKeys','identities','provisionedPlans') + foreach ($prop in $propsToConvert) { + try { + if($_.PSObject.Properties.Match($prop)) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..44cf83c04e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.ps1 @@ -0,0 +1,127 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDeviceRegisteredUser @params -Headers $customHeaders + $properties = @{ + ObjectId = "Id" + DeletionTimestamp = "deletedDateTime" + DirSyncEnabled = "onPremisesSyncEnabled" + ImmutableId = "onPremisesImmutableId" + LastDirSyncTime = "OnPremisesLastSyncDateTime" + Mobile = "mobilePhone" + ProvisioningErrors = "onPremisesProvisioningErrors" + TelephoneNumber = "businessPhones" + } + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + foreach ($prop in $properties.GetEnumerator()) { + $propertyName = $prop.Name + $propertyValue = $prop.Value + if ($_.PSObject.Properties.Match($propertyName)) { + $_ | Add-Member -MemberType AliasProperty -Name $propertyName -Value $propertyValue + } + } + $propsToConvert = @('AssignedPlans','assignedLicenses','deviceKeys','identities','provisionedPlans') + foreach ($prop in $propsToConvert) { + try { + if($_.PSObject.Properties.Match($prop)) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.ps1 new file mode 100644 index 0000000000..b5941a4a3e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirSyncConfiguration { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw "TenantId must be of type [System.Guid]." } })][System.guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["OnPremisesDirectorySynchronizationId"] = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = ((Get-MgBetaDirectoryOnPremiseSynchronization @params -Headers $customHeaders).configuration | Select-Object -Property AccidentalDeletionPrevention).AccidentalDeletionPrevention + # Create a custom table + $customTable = [PSCustomObject]@{ + "AccidentalDeletionThreshold" = $response.AlertThreshold + "DeletionPreventionType" = $response.SynchronizationPreventionType + } + $customTable + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncfeature.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncfeature.ps1 new file mode 100644 index 0000000000..c56d6afba6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirSyncfeature.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirSyncfeature { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String]$Feature + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Feature"]) { + $Feature = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["OnPremisesDirectorySynchronizationId"] = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $jsonData = Get-MgBetaDirectoryOnPremiseSynchronization @params -Headers $customHeaders | ConvertTo-Json + $object = ConvertFrom-Json $jsonData + $table =@() + foreach ($featureName in $object.Features.PSObject.Properties.Name) { + $row = New-Object PSObject -Property @{ + 'DirSyncFeature' = $featureName -replace "Enabled", "" + 'Enabled' = $object.Features.$featureName + } + $table += $row + } + if([string]::IsNullOrWhiteSpace($Feature)) { + $table | Format-Table -AutoSize + } + else { + $output = $table | Where-Object {$_.dirsyncFeature -eq $Feature} + if($null -eq $output) { + Write-Error "Get-EntraBetaDirSyncfeature : Invalid value for parameter. Parameter Name: Feature." + } + else { + $output + } + } + } + }# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 new file mode 100644 index 0000000000..4916b9566a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 @@ -0,0 +1,47 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryObjectOnPremisesProvisioningError { + [CmdletBinding(DefaultParameterSetName = 'GetById')] + [OutputType([System.Object])] + param ( + [Parameter(ParameterSetName = 'GetById')] + [ValidateNotNullOrEmpty()] + [ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw 'TenantId must be of type [System.Guid].' } })] + [System.Guid] $TenantId + ) + + begin { } + + process { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters['TenantId']) { + $params['TenantId'] = $PSBoundParameters['TenantId'] + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $Object = @('users', 'groups', 'contacts') + $response = @() + + try { + foreach ($obj in $object) { + $obj = ($obj | Out-String).TrimEnd() + $uri = 'https://graph.microsoft.com/beta/' + $obj + '?$select=onPremisesProvisioningErrors' + $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors + } + } catch { + Write-Error $_.Exception.Message + } + } + + end { + if ([string]::IsNullOrWhiteSpace($response)) { + Write-Host 'False' + } else { + $response + } + } +} diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRole.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRole.ps1 new file mode 100644 index 0000000000..0c10302483 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRole.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryRole { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryRole @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..055f8f9271 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + try { + $response = Get-MgBetaDirectoryRoleMember @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value ServiceProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value businessPhones + $propsToConvert = @('assignedLicenses','assignedPlans','identities','provisionedPlans') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } + catch {} + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.ps1 new file mode 100644 index 0000000000..a7c9dfaec6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryRoleTemplate { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryRoleTemplate @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySetting.ps1 new file mode 100644 index 0000000000..91f951d781 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySetting.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectorySetting { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["DirectorySettingId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectorySetting @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.ps1 new file mode 100644 index 0000000000..aafed0174c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.ps1 @@ -0,0 +1,95 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectorySettingTemplate { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["DirectorySettingTemplateId"] = $PSBoundParameters["Id"] + } if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $apiResponse = Get-MgBetaDirectorySettingTemplate @params -Headers $customHeaders + $response = @() + $apiResponse | ForEach-Object { + if($null -ne $_) { + $item = New-Object -TypeName Microsoft.Open.MSGraph.Model.DirectorySettingTemplate + $item.Id = $_.Id + $item.DisplayName = $_.DisplayName + $item.Description = $_.Description + $item.Values = @() + $_.Values | ForEach-Object { + $value = New-Object -TypeName Microsoft.Open.MSGraph.Model.SettingTemplateValue + $value.Name = $_.Name + $value.DefaultValue = $_.DefaultValue + $item.Values.Add($value) + } + $response += $item + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomain.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomain.ps1 new file mode 100644 index 0000000000..97358e1917 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomain.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDomain { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value Id + $propsToConvert = @('State') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + + $response + } + +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.ps1 new file mode 100644 index 0000000000..f32c6492d6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDomainFederationSettings { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param( + [Parameter(Mandatory=$true,Position=0,ValueFromPipelineByPropertyName=$true)][string]$DomainName, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw "TenantId must be of type [System.Guid]." } })][System.guid] $TenantId + ) + process { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $Null + } + if ($PSBoundParameters.ContainsKey("TenantId")) { + $params["TenantId"] = $TenantId + } + if ($PSBoundParameters.ContainsKey("DomainName")) { + $params["DomainId"] = $DomainName + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgBetaDomainFederationConfiguration -Headers $customHeaders -DomainId $params["DomainId"] | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $customTable = [PSCustomObject]@{ + "ActiveLogOnUri" = $response.ActiveSignInUri + #"DefaultInteractiveAuthenticationMethod" = $response. + "FederationBrandName" = $response.DisplayName + "IssuerUri" = $response.IssuerUri + "LogOffUri" = $response.SignOutUri + "MetadataExchangeUri" = $response.MetadataExchangeUri + "NextSigningCertificate" = $response.NextSigningCertificate + #"OpenIdConnectDiscoveryEndpoint" = $response. + "PassiveLogOnUri" = $response.PassiveSignInUri + #"PasswordChangeUri" = $response. + #"PasswordResetUri" = $response. + "PreferredAuthenticationProtocol" = $response.PreferredAuthenticationProtocol + "PromptLoginBehavior" = $response.PromptLoginBehavior + "SigningCertificate" = $response.SigningCertificate + "SigningCertificateUpdateStatus" = $response.SigningCertificateUpdateStatus + #"SupportsMfa" = $response. + } + if($null -ne $response) + { + $customTable + } + } + } + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainNameReference.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainNameReference.ps1 new file mode 100644 index 0000000000..a39d9e2a8e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainNameReference.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDomainNameReference { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDomainNameReference @params -Headers $customHeaders + $properties = @{ + ObjectId = "Id" + DeletionTimestamp = "deletedDateTime" + DirSyncEnabled = "onPremisesSyncEnabled" + ImmutableId = "onPremisesImmutableId" + Mobile = "mobilePhone" + ProvisioningErrors = "onPremisesProvisioningErrors" + TelephoneNumber = "businessPhones" + UserState = "externalUserState" + UserStateChangedOn = "externalUserStateChangeDate" + } + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + foreach ($prop in $properties.GetEnumerator()) { + $propertyName = $prop.Name + $propertyValue = $prop.Value + if ($_.PSObject.Properties.Match($propertyName)) { + $_ | Add-Member -MemberType AliasProperty -Name $propertyName -Value $propertyValue + } + } + $propsToConvert = @('provisionedPlans','assignedPlans','assignedLicenses','appRoles','keyCredentials','identities') + foreach ($prop in $propsToConvert) { + try { + if($_.PSObject.Properties.Match($prop)) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.ps1 new file mode 100644 index 0000000000..404e0afdb1 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDomainServiceConfigurationRecord { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDomainServiceConfigurationRecord @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name DnsRecordId -Value Id + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.ps1 new file mode 100644 index 0000000000..28facd3d63 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDomainVerificationDnsRecord { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDomainVerificationDnsRecord @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name DnsRecordId -Value Id + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaFederationProperty.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaFederationProperty.ps1 new file mode 100644 index 0000000000..d0d8ec3313 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaFederationProperty.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaFederationProperty { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][System.String] $DomainName, + [Parameter(ParameterSetName = "GetQuery", Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $false)][Switch] $SupportMultipleDomain + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DomainName"]) { + $params["DomainId"] = $PSBoundParameters["DomainName"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgBetaDomainFederationConfiguration @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ActiveClientSignInUrl -Value ActiveSignInUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationServiceDisplayName -Value DisplayName + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationServiceIdentifier -Value IssuerUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name FederationMetadataUrl -Value MetadataExchangeUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name PassiveClientSignInUrl -Value PassiveSignInUri + Add-Member -InputObject $_ -MemberType AliasProperty -Name PassiveClientSignOutUrl -Value SignOutUri + } + } + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaObjectByObjectId.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaObjectByObjectId.ps1 new file mode 100644 index 0000000000..790b4f440b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaObjectByObjectId.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaObjectByObjectId { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[System.String]] $ObjectIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Types, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Types"]) + { + $params["Types"] = $PSBoundParameters["Types"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ObjectIds"]) + { + $params["Ids"] = $PSBoundParameters["ObjectIds"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryObjectById @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + $dictionary = $_.AdditionalProperties + + foreach ($key in $dictionary.Keys) { + $value = ($dictionary[$key] | Convertto-json -Depth 10) | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $key -Value ($value) -Force + } + } + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPartnerInformation.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPartnerInformation.ps1 new file mode 100644 index 0000000000..cb1375bd46 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPartnerInformation.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPartnerInformation { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["TenantID"] = $PSBoundParameters["TenantId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $TenantID = ((invoke-mggraphrequest -Method GET -Uri "https://graph.microsoft.com/beta/organization").value).id + } + $response = invoke-mggraphrequest -Headers $customHeaders -Method GET -Uri "https://graph.microsoft.com/beta/organization/$TenantID/partnerInformation" + # Create a custom table + $customTable = [PSCustomObject]@{ + "PartnerCompanyName" = $response.companyName + "companyType" = $response.companyType + "PartnerSupportTelephones" = $response.supportTelephones + "PartnerSupportEmails" = $response.supportEmails + "PartnerHelpUrl" = $response.helpUrl + "PartnerCommerceUrl" = $response.commerceUrl + "PartnerSupportUrl" = $response.supportUrl + "ObjectID" = $response.partnerTenantId + } + $customTable + } + }# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.ps1 new file mode 100644 index 0000000000..6ca7a23bf3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPasswordPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $DomainName + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["DomainName"]) { + $params["DomainId"] = $PSBoundParameters["DomainName"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgBetaDomain @params -Headers $customHeaders + # Create a custom table + $customTable = [PSCustomObject]@{ + "NotificationDays" = $response.PasswordNotificationWindowInDays + "ValidityPeriod" = $response.PasswordValidityPeriodInDays + } + $customTable + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.ps1 new file mode 100644 index 0000000000..8ecff0253f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ScopedRoleMembershipId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["ScopedRoleMembershipId"]) + { + $params["ScopedRoleMembershipId"] = $PSBoundParameters["ScopedRoleMembershipId"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + + $propsToConvert = @('RoleMemberInfo') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaSubscribedSku.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaSubscribedSku.ps1 new file mode 100644 index 0000000000..10bc6870c3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaSubscribedSku.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaSubscribedSku { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SubscribedSkuId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["SubscribedSkuId"]) + { + $params["SubscribedSkuId"] = $PSBoundParameters["SubscribedSkuId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaSubscribedSku @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('PrepaidUnits') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaTenantDetail.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaTenantDetail.ps1 new file mode 100644 index 0000000000..1db1bc9858 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Get-EntraBetaTenantDetail.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaTenantDetail { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaOrganization @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name CompanyLastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + $propsToConvert = @('AssignedPlans','ProvisionedPlans','VerifiedDomains','PrivacyProfile') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.ps1 new file mode 100644 index 0000000000..300d6ee828 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRule, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsMemberManagementRestricted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRuleProcessingState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRule"]) + { + $params["MembershipRule"] = $PSBoundParameters["MembershipRule"] + } + if ($null -ne $PSBoundParameters["IsMemberManagementRestricted"]) + { + $params["IsMemberManagementRestricted"] = $PSBoundParameters["IsMemberManagementRestricted"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["MembershipRuleProcessingState"]) + { + $params["MembershipRuleProcessingState"] = $PSBoundParameters["MembershipRuleProcessingState"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["MembershipType"]) + { + $params["MembershipType"] = $PSBoundParameters["MembershipType"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaAdministrativeUnit @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..703659bbe3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.ps1 @@ -0,0 +1,143 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $MailEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $GroupTypes, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRule, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAssignableToRole, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $SecurityEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ProxyAddresses, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Visibility, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRuleProcessingState, + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $MailNickname, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $OdataType, + [Alias("Id")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AssignedLabel]] $AssignedLabels + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["OdataType"]) + { + $params["@odata.type"] = $PSBoundParameters["OdataType"] + } + if($null -ne $PSBoundParameters["AssignedLabels"]) + { + $params["AssignedLabels"] = $PSBoundParameters["AssignedLabels"] + } + if($null -ne $PSBoundParameters["Description"]) + { + $params["description"] = $PSBoundParameters["Description"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["displayName"] = $PSBoundParameters["DisplayName"] + } + if( ($PSBoundParameters["IsAssignableToRole"]) -or (-not $PSBoundParameters["IsAssignableToRole"])) + { + $params["IsAssignableToRole"] = $PSBoundParameters["IsAssignableToRole"] + } + if( ($PSBoundParameters["MailEnabled"]) -or (-not $PSBoundParameters["MailEnabled"])) + { + $params["mailEnabled"] = $PSBoundParameters["MailEnabled"] + } + if( $PSBoundParameters["mailNickname"]) + { + $params["mailNickname"] = $PSBoundParameters["mailNickname"] + } + if( ($PSBoundParameters["SecurityEnabled"]) -or (-not $PSBoundParameters["SecurityEnabled"])) + { + $params["securityEnabled"] = $PSBoundParameters["SecurityEnabled"] + } + if($null -ne $PSBoundParameters["GroupTypes"]) + { + $params["groupTypes"] = $PSBoundParameters["GroupTypes"] + } + if($null -ne $PSBoundParameters["membershipRule"]) + { + $params["membershipRule"] = $PSBoundParameters["membershipRule"] + } + if($null -ne $PSBoundParameters["membershipRuleProcessingState"]) + { + $params["membershipRuleProcessingState"] = $PSBoundParameters["MembershipRuleProcessingState"] + } + if($null -ne $PSBoundParameters["visibility"]) + { + $params["visibility"] = $PSBoundParameters["Visibility"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = New-MGBetaAdministrativeUnitMember -Headers $customHeaders -AdministrativeUnitId $AdministrativeUnitId -BodyParameter $params + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAttributeSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAttributeSet.ps1 new file mode 100644 index 0000000000..5eb67275db --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaAttributeSet.ps1 @@ -0,0 +1,48 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AttributeSetId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $MaxAttributesPerSet, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AttributeSetId"]) + { + $params["Id"] = $PSBoundParameters["AttributeSetId"] + } + if ($null -ne $PSBoundParameters["MaxAttributesPerSet"]) + { + $params["MaxAttributesPerSet"] = $PSBoundParameters["MaxAttributesPerSet"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryAttributeSet @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..968e8dcf24 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.DirectoryManagement | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..6cd96d4ca6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,133 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $UsePreDefinedValuesOnly, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Status, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsCollection, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsSearchable, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AttributeSet, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Type + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UsePreDefinedValuesOnly"]) + { + $params["UsePreDefinedValuesOnly"] = $PSBoundParameters["UsePreDefinedValuesOnly"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["Name"] = $PSBoundParameters["Name"] + } + if ($null -ne $PSBoundParameters["Status"]) + { + $params["Status"] = $PSBoundParameters["Status"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["IsCollection"]) + { + $params["IsCollection"] = $PSBoundParameters["IsCollection"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IsSearchable"]) + { + $params["IsSearchable"] = $PSBoundParameters["IsSearchable"] + } + if ($null -ne $PSBoundParameters["AttributeSet"]) + { + $params["AttributeSet"] = $PSBoundParameters["AttributeSet"] + } + if ($null -ne $PSBoundParameters["Type"]) + { + $params["Type"] = $PSBoundParameters["Type"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryCustomSecurityAttributeDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDevice.ps1 new file mode 100644 index 0000000000..5195eb5f1d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDevice.ps1 @@ -0,0 +1,182 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaDevice { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsManaged, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceOSVersion, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $DevicePhysicalIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.DateTime]] $ApproximateLastLogonTimeStamp, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompliant, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DeviceOSType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $DeviceObjectVersion, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceMetadata, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId]] $AlternativeSecurityIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ProfileType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SystemLabels, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceTrustType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["IsManaged"]) + { + $params["IsManaged"] = $PSBoundParameters["IsManaged"] + } + if ($null -ne $PSBoundParameters["DeviceOSVersion"]) + { + $params["DeviceOSVersion"] = $PSBoundParameters["DeviceOSVersion"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["DevicePhysicalIds"]) + { + $params["DevicePhysicalIds"] = $PSBoundParameters["DevicePhysicalIds"] + } + if ($null -ne $PSBoundParameters["ApproximateLastLogonTimeStamp"]) + { + $params["ApproximateLastLogonTimeStamp"] = $PSBoundParameters["ApproximateLastLogonTimeStamp"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["IsCompliant"]) + { + $params["IsCompliant"] = $PSBoundParameters["IsCompliant"] + } + if ($null -ne $PSBoundParameters["DeviceOSType"]) + { + $params["DeviceOSType"] = $PSBoundParameters["DeviceOSType"] + } + if ($null -ne $PSBoundParameters["DeviceObjectVersion"]) + { + $params["DeviceObjectVersion"] = $PSBoundParameters["DeviceObjectVersion"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["DeviceMetadata"]) + { + $params["DeviceMetadata"] = $PSBoundParameters["DeviceMetadata"] + } + if ($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["AlternativeSecurityIds"]) + { + $params["AlternativeSecurityIds"] = $PSBoundParameters["AlternativeSecurityIds"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["ProfileType"]) + { + $params["ProfileType"] = $PSBoundParameters["ProfileType"] + } + if ($null -ne $PSBoundParameters["SystemLabels"]) + { + $params["SystemLabels"] = $PSBoundParameters["SystemLabels"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["DeviceTrustType"]) + { + $params["DeviceTrustType"] = $PSBoundParameters["DeviceTrustType"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDirectorySetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDirectorySetting.ps1 new file mode 100644 index 0000000000..d6c8781f46 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDirectorySetting.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaDirectorySetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.DirectorySetting] $DirectorySetting + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DirectorySetting"]) + { + $TmpValue = $PSBoundParameters["DirectorySetting"] + $Value = $TmpValue | ForEach-Object { + $NonEmptyProperties = $_.psobject.Properties | Where-Object {$_.Value} | Select-Object -ExpandProperty Name + $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json + } + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectorySetting @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDomain.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDomain.ps1 new file mode 100644 index 0000000000..2f67f52da8 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/New-EntraBetaDomain.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaDomain { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefault, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefaultForCloudRedirections, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SupportedServices + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["IsDefault"]) + { + $params["IsDefault"] = $PSBoundParameters["IsDefault"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["Id"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IsDefaultForCloudRedirections"]) + { + $params["IsDefaultForCloudRedirections"] = $PSBoundParameters["IsDefaultForCloudRedirections"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["SupportedServices"]) + { + $params["SupportedServices"] = $PSBoundParameters["SupportedServices"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.ps1 new file mode 100644 index 0000000000..f401ee2933 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaAdministrativeUnit @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..68d6f42501 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDirectoryAdministrativeUnitMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaContact.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaContact.ps1 new file mode 100644 index 0000000000..6ff11aa7c9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaContact.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaContact { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OrgContactId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OrgContactId"]) + { + $params["OrgContactId"] = $PSBoundParameters["OrgContactId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaContact @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDevice.ps1 new file mode 100644 index 0000000000..e96ec6e418 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDevice.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDevice { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.ps1 new file mode 100644 index 0000000000..dcb2ea8874 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDeviceRegisteredOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDeviceRegisteredOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.ps1 new file mode 100644 index 0000000000..d83e587a40 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDeviceRegisteredUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["UserId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDeviceRegisteredUserByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.ps1 new file mode 100644 index 0000000000..6f07d292f7 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDirectoryRoleMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DirectoryRoleId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["DirectoryRoleId"]) + { + $params["DirectoryRoleId"] = $PSBoundParameters["DirectoryRoleId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDirectoryRoleMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.ps1 new file mode 100644 index 0000000000..223ad8fb2f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDirectorySetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["DirectorySettingId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDirectorySetting @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDomain.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDomain.ps1 new file mode 100644 index 0000000000..95ff9d4040 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaDomain.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDomain { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.ps1 new file mode 100644 index 0000000000..201ec230cc --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaScopedRoleMembership { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ScopedRoleMembershipId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ScopedRoleMembershipId"]) + { + $params["ScopedRoleMembershipId"] = $PSBoundParameters["ScopedRoleMembershipId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.ps1 new file mode 100644 index 0000000000..6994dad1c6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRule, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsMemberManagementRestricted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRuleProcessingState, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipType + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRule"]) + { + $params["MembershipRule"] = $PSBoundParameters["MembershipRule"] + } + if ($null -ne $PSBoundParameters["IsMemberManagementRestricted"]) + { + $params["IsMemberManagementRestricted"] = $PSBoundParameters["IsMemberManagementRestricted"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["MembershipRuleProcessingState"]) + { + $params["MembershipRuleProcessingState"] = $PSBoundParameters["MembershipRuleProcessingState"] + } + if ($null -ne $PSBoundParameters["AdministrativeUnitId"]) + { + $params["AdministrativeUnitId"] = $PSBoundParameters["AdministrativeUnitId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["MembershipType"]) + { + $params["MembershipType"] = $PSBoundParameters["MembershipType"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaAdministrativeUnit @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAttributeSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAttributeSet.ps1 new file mode 100644 index 0000000000..b646ec64f0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaAttributeSet.ps1 @@ -0,0 +1,41 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaAttributeSet { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias("Id")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AttributeSetId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String] $Description, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $MaxAttributesPerSet + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AttributeSetId"]) + { + $params["AttributeSetId"] = $PSBoundParameters["AttributeSetId"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["MaxAttributesPerSet"]) + { + $params["MaxAttributesPerSet"] = $PSBoundParameters["MaxAttributesPerSet"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDirectoryAttributeSet @params -Headers $customHeaders + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..cc6a19904a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $UsePreDefinedValuesOnly, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Status, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UsePreDefinedValuesOnly"]) + { + $params["UsePreDefinedValuesOnly"] = $PSBoundParameters["UsePreDefinedValuesOnly"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Status"]) + { + $params["Status"] = $PSBoundParameters["Status"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDirectoryCustomSecurityAttributeDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..82e5f26dae --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsActive, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["IsActive"]) + { + $params["IsActive"] = $PSBoundParameters["IsActive"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AllowedValueId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["CustomSecurityAttributeDefinitionId"]) + { + $params["CustomSecurityAttributeDefinitionId"] = $PSBoundParameters["CustomSecurityAttributeDefinitionId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDevice.ps1 new file mode 100644 index 0000000000..e95a701879 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDevice.ps1 @@ -0,0 +1,185 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDevice { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $DevicePhysicalIds, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId]] $AlternativeSecurityIds, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsManaged, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceOSVersion, + [Alias("ObjectId")] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $DeviceObjectId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceOSType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ProfileType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.DateTime]] $ApproximateLastLogonTimeStamp, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompliant, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceTrustType, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $DeviceObjectVersion, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DeviceMetadata, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SystemLabels + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["DevicePhysicalIds"]) + { + $params["PhysicalIds"] = $PSBoundParameters["DevicePhysicalIds"] + } + if($null -ne $PSBoundParameters["AlternativeSecurityIds"]) + { + $TmpValue = $PSBoundParameters["AlternativeSecurityIds"] + $key = [System.Text.Encoding]::UTF8.GetString($TmpValue.key) + $Temp = @{ + alternativeSecurityIds = @( + @{ + type = $TmpValue.type + key = [System.Text.Encoding]::ASCII.GetBytes($key) + } + ) + } + $Value = $Temp + $params["BodyParameter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["IsManaged"]) + { + $params["IsManaged"] = $PSBoundParameters["IsManaged"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["DeviceOSVersion"]) + { + $params["OperatingSystemVersion"] = $PSBoundParameters["DeviceOSVersion"] + } + if($null -ne $PSBoundParameters["DeviceObjectId"]) + { + $params["DeviceId"] = $PSBoundParameters["DeviceObjectId"] + } + if($null -ne $PSBoundParameters["DeviceOSType"]) + { + $params["OperatingSystem"] = $PSBoundParameters["DeviceOSType"] + } + if($null -ne $PSBoundParameters["ProfileType"]) + { + $params["ProfileType"] = $PSBoundParameters["ProfileType"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["DeviceId"]) + { + $params["DeviceId1"] = $PSBoundParameters["DeviceId"] + } + if($null -ne $PSBoundParameters["ApproximateLastLogonTimeStamp"]) + { + $params["ApproximateLastSignInDateTime"] = $PSBoundParameters["ApproximateLastLogonTimeStamp"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["IsCompliant"]) + { + $params["IsCompliant"] = $PSBoundParameters["IsCompliant"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["DeviceTrustType"]) + { + $params["TrustType"] = $PSBoundParameters["DeviceTrustType"] + } + if($null -ne $PSBoundParameters["DeviceObjectVersion"]) + { + $params["DeviceVersion"] = $PSBoundParameters["DeviceObjectVersion"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DeviceMetadata"]) + { + $params["DeviceMetadata"] = $PSBoundParameters["DeviceMetadata"] + } + if($null -ne $PSBoundParameters["SystemLabels"]) + { + $params["SystemLabels"] = $PSBoundParameters["SystemLabels"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDevice @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.ps1 new file mode 100644 index 0000000000..ffcd8014a2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDirSyncConfiguration { + [CmdletBinding(DefaultParameterSetName = 'SetAccidentalDeletionThreshold')] + param ( + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true, Mandatory = $true)][System.UInt32] $AccidentalDeletionThreshold, + [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [switch] $Force + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AccidentalDeletionThreshold"]) { + $AccidentalDeletionThreshold = $PSBoundParameters["AccidentalDeletionThreshold"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $TenantId = $PSBoundParameters["TenantId"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if ($Force) { + $decision = 0 + } + else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = New-Object System.Management.Automation.Host.ChoiceDescription "&Suspend", "S" + $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Y" + $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No", "S" + $choices = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + + if ($decision -eq 0) { + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OnPremisesDirectorySynchronizationId = (Get-MgBetaDirectoryOnPremiseSynchronization).Id + } + else { + $OnPremisesDirectorySynchronizationId = $TenantId + } + $params = @{ + configuration = @{ + accidentalDeletionPrevention = @{ + synchronizationPreventionType = "enabledForCount" + alertThreshold = $AccidentalDeletionThreshold + } + } + } + $response = Update-MgBetaDirectoryOnPremiseSynchronization -Headers $customHeaders -OnPremisesDirectorySynchronizationId $OnPremisesDirectorySynchronizationId -BodyParameter $params + $response + } + else { + return + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.ps1 new file mode 100644 index 0000000000..d2a4352535 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDirSyncEnabled { + [CmdletBinding(DefaultParameterSetName = 'All')] + param ( + [Parameter(ParameterSetName = "All", ValueFromPipelineByPropertyName = $true, Mandatory = $true)][System.Boolean] $EnableDirsync, + [Parameter(ParameterSetName = "All", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId, + [switch] $Force + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($EnableDirsync -or (-not($EnableDirsync))) { + $params["OnPremisesSyncEnabled"] =$PSBoundParameters["EnableDirsync"] + } + if ($null -ne $PSBoundParameters["TenantId"]) { + $params["OrganizationId"] = $PSBoundParameters["TenantId"] + } + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OnPremisesDirectorySynchronizationId = (Get-MgBetaDirectoryOnPremiseSynchronization).Id + $params["OrganizationId"] = $OnPremisesDirectorySynchronizationId + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if ($Force) { + $decision = 0 + } + else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = New-Object System.Management.Automation.Host.ChoiceDescription "&Suspend", "S" + $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Y" + $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No", "S" + $choices = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + $response = Update-MgBetaOrganization @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.ps1 new file mode 100644 index 0000000000..dec44d534e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.ps1 @@ -0,0 +1,118 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDirSyncFeature { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + [OutputType([System.String])] + param ( + [Parameter(ParameterSetName = 'GetQuery', Mandatory = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] + $Feature, + + [Parameter(ParameterSetName = 'GetQuery', Mandatory = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] + $Enabled, + + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipelineByPropertyName = $true)] + [System.Guid] + $TenantId, + + [switch] + $Force + ) + + begin { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($PSBoundParameters.ContainsKey('Verbose')) { + $params['Verbose'] = $Null + } + if ($null -ne $PSBoundParameters['Feature']) { + $Feature = $PSBoundParameters['Feature'] + 'Enabled' + } + if ($null -ne $PSBoundParameters['Enabled']) { + $Enabled = $PSBoundParameters['Enabled'] + } + if ($PSBoundParameters.ContainsKey('Debug')) { + $params['Debug'] = $PSBoundParameters['Debug'] + } + if ($null -ne $PSBoundParameters['WarningVariable']) { + $params['WarningVariable'] = $PSBoundParameters['WarningVariable'] + } + if ($null -ne $PSBoundParameters['InformationVariable']) { + $params['InformationVariable'] = $PSBoundParameters['InformationVariable'] + } + if ($null -ne $PSBoundParameters['InformationAction']) { + $params['InformationAction'] = $PSBoundParameters['InformationAction'] + } + if ($null -ne $PSBoundParameters['OutVariable']) { + $params['OutVariable'] = $PSBoundParameters['OutVariable'] + } + if ($null -ne $PSBoundParameters['OutBuffer']) { + $params['OutBuffer'] = $PSBoundParameters['OutBuffer'] + } + if ($null -ne $PSBoundParameters['ErrorVariable']) { + $params['ErrorVariable'] = $PSBoundParameters['ErrorVariable'] + } + if ($null -ne $PSBoundParameters['PipelineVariable']) { + $params['PipelineVariable'] = $PSBoundParameters['PipelineVariable'] + } + if ($null -ne $PSBoundParameters['ErrorAction']) { + $params['ErrorAction'] = $PSBoundParameters['ErrorAction'] + } + if ($null -ne $PSBoundParameters['WarningAction']) { + $params['WarningAction'] = $PSBoundParameters['WarningAction'] + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + } + + process { + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $OnPremisesDirectorySynchronizationId = (Get-MgBetaDirectoryOnPremiseSynchronization).Id + } else { + $OnPremisesDirectorySynchronizationId = Get-MgBetaDirectoryOnPremiseSynchronization -OnPremisesDirectorySynchronizationId $TenantId -ErrorAction SilentlyContinue -ErrorVariable er + if ([string]::IsNullOrWhiteSpace($er)) { + $OnPremisesDirectorySynchronizationId = $OnPremisesDirectorySynchronizationId.Id + } else { + throw "Set-EntraBetaDirSyncFeature :$er" + break + } + } + + $body = @{ + features = @{ $Feature = $Enabled } + } + $body = $body | ConvertTo-Json + if ($Force) { + # If -Force is used, skip confirmation and proceed with the action. + $decision = 0 + } else { + $title = 'Confirm' + $question = 'Do you want to continue?' + $Suspend = New-Object System.Management.Automation.Host.ChoiceDescription '&Suspend', 'S' + $Yes = New-Object System.Management.Automation.Host.ChoiceDescription '&Yes', 'Y' + $No = New-Object System.Management.Automation.Host.ChoiceDescription '&No', 'N' + $choices = [System.Management.Automation.Host.ChoiceDescription[]]( $Yes, $No, $Suspend) + $decision = $Host.UI.PromptForChoice($title, $question, $choices, 1) + } + if ($decision -eq 0) { + $response = Update-MgBetaDirectoryOnPremiseSynchronization -Headers $customHeaders -OnPremisesDirectorySynchronizationId $OnPremisesDirectorySynchronizationId -BodyParameter $body -ErrorAction SilentlyContinue -ErrorVariable 'er' + $er + break + if ([string]::IsNullOrWhiteSpace($er)) { + $response + } else { + Write-Error "Cannot bind parameter 'TenantId'. Cannot convert value `"$TenantId`" to type + `"System.Guid`". Error: `"Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).`"" + } + + } else { + return + } + } + + end { } +} diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirectorySetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirectorySetting.ps1 new file mode 100644 index 0000000000..f325baef3b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDirectorySetting.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDirectorySetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.DirectorySetting] $DirectorySetting, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DirectorySetting"]) + { + $TmpValue = $PSBoundParameters["DirectorySetting"] + $Value = $TmpValue | ForEach-Object { + $NonEmptyProperties = $_.psobject.Properties | Where-Object {$_.Value} | Select-Object -ExpandProperty Name + $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json + } + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["DirectorySettingId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDirectorySetting @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomain.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomain.ps1 new file mode 100644 index 0000000000..adc36b558d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomain.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDomain { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefault, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsDefaultForCloudRedirections, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SupportedServices + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["IsDefault"]) + { + $params["IsDefault"] = $PSBoundParameters["IsDefault"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Name"]) + { + $params["DomainId"] = $PSBoundParameters["Name"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IsDefaultForCloudRedirections"]) + { + $params["IsDefaultForCloudRedirections"] = $PSBoundParameters["IsDefaultForCloudRedirections"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["SupportedServices"]) + { + $params["SupportedServices"] = $PSBoundParameters["SupportedServices"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaDomain @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.ps1 new file mode 100644 index 0000000000..c4f214038e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.ps1 @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDomainFederationSettings { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param( + [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)][string]$DomainName, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$SigningCertificate, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$NextSigningCertificate, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$LogOffUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PassiveLogOnUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$ActiveLogOnUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$IssuerUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$FederationBrandName, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$MetadataExchangeUri, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PreferredAuthenticationProtocol, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]$SigningCertificateUpdateStatus, + [Parameter(Mandatory = $false,ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][string]$PromptLoginBehavior + ) + process { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["DomainName"]) + { + $params["DomainId"] = $PSBoundParameters["DomainName"] + $Id = $PSBoundParameters["DomainName"] + if($null -ne $Id) + { + $params["InternalDomainFederationId"] = (Get-MgBetaDomainFederationConfiguration -DomainId $Id).Id + } + } + if($null -ne $PSBoundParameters["SigningCertificate"]) + { + $params["SigningCertificate"] = $PSBoundParameters["SigningCertificate"] + } + if($null -ne $PSBoundParameters["NextSigningCertificate"]) + { + $params["NextSigningCertificate"] = $PSBoundParameters["NextSigningCertificate"] + } + if($null -ne $PSBoundParameters["LogOffUri"]) + { + $params["SignOutUri"] = $PSBoundParameters["LogOffUri"] + } + if($null -ne $PSBoundParameters["PassiveLogOnUri"]) + { + $params["PassiveSignInUri"] = $PSBoundParameters["PassiveLogOnUri"] + } + if($null -ne $PSBoundParameters["ActiveLogOnUri"]) + { + $params["ActiveSignInUri"] = $PSBoundParameters["ActiveLogOnUri"] + } + if($null -ne $PSBoundParameters["IssuerUri"]) + { + $params["IssuerUri"] = $PSBoundParameters["IssuerUri"] + } + if($null -ne $PSBoundParameters["FederationBrandName"]) + { + $params["DisplayName"] = $PSBoundParameters["FederationBrandName"] + } + if($null -ne $PSBoundParameters["MetadataExchangeUri"]) + { + $params["MetadataExchangeUri"] = $PSBoundParameters["MetadataExchangeUri"] + } + if($null -ne $PSBoundParameters["PreferredAuthenticationProtocol"]) + { + $params["PreferredAuthenticationProtocol"] = $PSBoundParameters["PreferredAuthenticationProtocol"] + } + if($null -ne $PSBoundParameters["SigningCertificateUpdateStatus"]) + { + $params["SigningCertificateUpdateStatus"] = $PSBoundParameters["SigningCertificateUpdateStatus"] + } + if($null -ne $PSBoundParameters["PromptLoginBehavior"]) + { + $params["PromptLoginBehavior"] = $PSBoundParameters["PromptLoginBehavior"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $params.InternalDomainFederationId) + { + $response = Update-MgBetaDomainFederationConfiguration @params -Headers $customHeaders + $response + } + } + } + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaPartnerInformation.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaPartnerInformation.ps1 new file mode 100644 index 0000000000..6da38bf87d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaPartnerInformation.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPartnerInformation { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter( ValueFromPipelineByPropertyName = $true)] + [System.Guid] $ObjectId, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $CompanyType, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerCommerceUrl, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerCompanyName, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerHelpUrl, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string[]] $PartnerSupportEmails, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string[]] $PartnerSupportTelephones, + [Parameter(ParameterSetName = 'SetPartnerInformation', ValueFromPipelineByPropertyName = $true)] + [string] $PartnerSupportUrl, + [Parameter(ValueFromPipelineByPropertyName = $true)] + [System.Guid] $TenantId + ) + + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["TenantId"]) { + $body["partnerTenantId"] = $PSBoundParameters["TenantId"] + } + if ($null -ne $PSBoundParameters["CompanyType"]) { + $body["companyType"] = $PSBoundParameters["CompanyType"] + } + if ($null -ne $PSBoundParameters["PartnerCommerceUrl"]) { + $body["commerceUrl"] = $PSBoundParameters["PartnerCommerceUrl"] + } + if ($null -ne $PSBoundParameters["PartnerCompanyName"]) { + $body["companyName"] = $PSBoundParameters["PartnerCompanyName"] + } + if ($null -ne $PSBoundParameters["PartnerHelpUrl"]) { + $body["helpUrl"] = $PSBoundParameters["PartnerHelpUrl"] + } + if ($null -ne $PSBoundParameters["PartnerSupportEmails"]) { + $body["supportEmails"] = @($PSBoundParameters["PartnerSupportEmails"]) + } + if ($null -ne $PSBoundParameters["PartnerSupportTelephones"]) { + $body["supportTelephones"] = @($PSBoundParameters["PartnerSupportTelephones"] -as [string[]]) + } + if ($null -ne $PSBoundParameters["PartnerSupportUrl"]) { + $body["supportUrl"] = $PSBoundParameters["PartnerSupportUrl"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if ([string]::IsNullOrWhiteSpace($TenantId)) { + $TenantID = ((Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/beta/organization").value).id + } + Invoke-MgGraphRequest -Headers $customHeaders -Method PATCH -Uri "https://graph.microsoft.com/beta/organization/$TenantID/partnerInformation" -Body $body + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaTenantDetail.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaTenantDetail.ps1 new file mode 100644 index 0000000000..3501007026 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/DirectoryManagement/Set-EntraBetaTenantDetail.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaTenantDetail { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SecurityComplianceNotificationMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $SecurityComplianceNotificationPhones, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $MarketingNotificationEmails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.AzureAD.Model.PrivacyProfile] $PrivacyProfile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $TechnicalNotificationMails + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["MarketingNotificationEmails"]) + { + $params["MarketingNotificationEmails"] = $PSBoundParameters["MarketingNotificationEmails"] + } + + if($null -ne $PSBoundParameters["SecurityComplianceNotificationMails"]) + { + $params["SecurityComplianceNotificationMails"] = $PSBoundParameters["SecurityComplianceNotificationMails"] + } + + if($null -ne $PSBoundParameters["SecurityComplianceNotificationPhones"]) + { + $params["SecurityComplianceNotificationPhones"] = $PSBoundParameters["SecurityComplianceNotificationPhones"] + } + + if($null -ne $PSBoundParameters["TechnicalNotificationMails"]) + { + $params["TechnicalNotificationMails"] = $PSBoundParameters["TechnicalNotificationMails"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + $params["OrganizationId"] = (Get-MgBetaOrganization).Id + Update-MgBetaOrganization @params -Headers $customHeaders + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..eca29322da --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleAssignment.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleAssignmentId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["SearchString"]) + { + $params["SearchString"] = $PSBoundParameters["SearchString"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["UnifiedRoleAssignmentId"]) + { + $params["UnifiedRoleAssignmentId"] = $PSBoundParameters["UnifiedRoleAssignmentId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..e92f59ba18 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaDirectoryRoleDefinition.ps1 @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"} + if($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + $propsToConvert = @('RolePermissions') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedResource.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedResource.ps1 new file mode 100644 index 0000000000..e6e33bc3c1 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedResource.ps1 @@ -0,0 +1,116 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivilegedResource { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{ProviderId = "PrivilegedAccessId"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["GovernanceResourceId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ProviderId"]) + { + $params["PrivilegedAccessId"] = $PSBoundParameters["ProviderId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPrivilegedAccessResource @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRole.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRole.ps1 new file mode 100644 index 0000000000..0fa88c128b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRole.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivilegedRole { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PrivilegedRoleId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPrivilegedRole @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleAssignmentRequest.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleAssignmentRequest.ps1 new file mode 100644 index 0000000000..dc7399bc67 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleAssignmentRequest.ps1 @@ -0,0 +1,116 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivilegedRoleAssignmentRequest { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PrivilegedRoleAssignmentRequestId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ProviderId"]) + { + $params["ProviderId"] = $PSBoundParameters["ProviderId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPrivilegedRoleAssignmentRequest @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.ps1 new file mode 100644 index 0000000000..818c47f632 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.ps1 @@ -0,0 +1,123 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivilegedRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ResourceId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{ProviderId = "PrivilegedAccessId"; ResourceId = "GovernanceResourceId"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["GovernanceRoleDefinitionId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ProviderId"]) + { + $params["PrivilegedAccessId"] = $PSBoundParameters["ProviderId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["GovernanceResourceId"] = $PSBoundParameters["ResourceId"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPrivilegedAccessResourceRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleSetting.ps1 new file mode 100644 index 0000000000..1ae5d32564 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Get-EntraBetaPrivilegedRoleSetting.ps1 @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivilegedRoleSetting { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + + if($null -ne $PSBoundParameters["ProviderId"]) + { + $params["PrivilegedAccessId"] = $PSBoundParameters["ProviderId"] + } + + if($null -ne $PSBoundParameters["Id"]) + { + $params["GovernanceRoleSettingId"] = $PSBoundParameters["Id"] + } + + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaPrivilegedAccessRoleSetting @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('AdminEligibleSettings', 'AdminMemberSettings', 'UserEligibleSettings','UserMemberSettings') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..b63d90b492 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Governance | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..ab513a8e90 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleAssignment.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $RoleDefinitionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DirectoryScopeId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["RoleDefinitionId"]) + { + $params["RoleDefinitionId"] = $PSBoundParameters["RoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["DirectoryScopeId"]) + { + $params["DirectoryScopeId"] = $PSBoundParameters["DirectoryScopeId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..71643ff73e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaDirectoryRoleDefinition.ps1 @@ -0,0 +1,139 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Version, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ResourceScopes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TemplateId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission]] $RolePermissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition]] $InheritsPermissionsFrom + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["Version"]) + { + $params["Version"] = $PSBoundParameters["Version"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ResourceScopes"]) + { + $params["ResourceScopes"] = $PSBoundParameters["ResourceScopes"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["TemplateId"]) + { + $params["TemplateId"] = $PSBoundParameters["TemplateId"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["RolePermissions"]) + { + $TmpValue = $PSBoundParameters["RolePermissions"] + $Temp = @{ + allowedResourceActions = $TmpValue.allowedResourceActions + condition = $TmpValue.condition + } + $Value = $Temp + $params["RolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InheritsPermissionsFrom"]) + { + $params["InheritsPermissionsFrom"] = $PSBoundParameters["InheritsPermissionsFrom"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaPrivilegedRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaPrivilegedRoleAssignment.ps1 new file mode 100644 index 0000000000..ad25093c95 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/New-EntraBetaPrivilegedRoleAssignment.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPrivilegedRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.DateTime]] $ExpirationDateTime, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResultMessage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsElevated, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $RoleId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ExpirationDateTime"]) + { + $params["ExpirationDateTime"] = $PSBoundParameters["ExpirationDateTime"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ResultMessage"]) + { + $params["ResultMessage"] = $PSBoundParameters["ResultMessage"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["IsElevated"]) + { + $params["IsElevated"] = $PSBoundParameters["IsElevated"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["RoleId"]) + { + $params["RoleId"] = $PSBoundParameters["RoleId"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaPrivilegedRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.ps1 new file mode 100644 index 0000000000..0841c83b9b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDirectoryRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleAssignmentId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleAssignmentId"]) + { + $params["UnifiedRoleAssignmentId"] = $PSBoundParameters["UnifiedRoleAssignmentId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaRoleManagementDirectoryRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..258729e9c2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaDirectoryRoleDefinition.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaDirectoryRoleDefinition.ps1 new file mode 100644 index 0000000000..c105dfccd5 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaDirectoryRoleDefinition.ps1 @@ -0,0 +1,150 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaDirectoryRoleDefinition { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Version, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ResourceScopes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TemplateId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission]] $RolePermissions, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UnifiedRoleDefinitionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition]] $InheritsPermissionsFrom + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if ($null -ne $PSBoundParameters["Version"]) + { + $params["Version"] = $PSBoundParameters["Version"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ResourceScopes"]) + { + $params["ResourceScopes"] = $PSBoundParameters["ResourceScopes"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["TemplateId"]) + { + $params["TemplateId"] = $PSBoundParameters["TemplateId"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["RolePermissions"]) + { + $TmpValue = $PSBoundParameters["RolePermissions"] + $Value = @() + foreach($val in $TmpValue) + { + $Temp = $val | ConvertTo-Json + $hash = @{} + + (ConvertFrom-Json $Temp).psobject.properties | Foreach { $hash[$_.Name] = $_.Value } + $Value += $hash + } + $params["RolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["UnifiedRoleDefinitionId"]) + { + $params["UnifiedRoleDefinitionId"] = $PSBoundParameters["UnifiedRoleDefinitionId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InheritsPermissionsFrom"]) + { + $params["InheritsPermissionsFrom"] = $PSBoundParameters["InheritsPermissionsFrom"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaRoleManagementDirectoryRoleDefinition @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.ps1 new file mode 100644 index 0000000000..11c9f95fac --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPrivilegedRoleAssignmentRequest { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AssignmentState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Decision, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Reason, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedSchedule] $Schedule + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AssignmentState"]) + { + $params["AssignmentState"] = $PSBoundParameters["AssignmentState"] + } + if ($null -ne $PSBoundParameters["Decision"]) + { + $params["Decision"] = $PSBoundParameters["Decision"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["Reason"]) + { + $params["Reason"] = $PSBoundParameters["Reason"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PrivilegedRoleAssignmentRequestId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ProviderId"]) + { + $params["ProviderId"] = $PSBoundParameters["ProviderId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["Schedule"]) + { + $params["Schedule"] = $PSBoundParameters["Schedule"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaPrivilegedRoleAssignmentRequest @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleSetting.ps1 new file mode 100644 index 0000000000..be7da8b1b7 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Governance/Set-EntraBetaPrivilegedRoleSetting.ps1 @@ -0,0 +1,165 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPrivilegedRoleSetting { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting]] $UserEligibleSettings, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting]] $UserMemberSettings, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $RoleDefinitionId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting]] $AdminMemberSettings, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting]] $AdminEligibleSettings, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ProviderId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResourceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["UserEligibleSettings"]) + { + $TmpValue = $PSBoundParameters["UserEligibleSettings"] + $a = @() + foreach($setting in $TmpValue) { + $Temp = $setting | ConvertTo-Json + $a += $Temp + } + + $Value = $a + $params["UserEligibleSettings"] = $Value + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["UserMemberSettings"]) + { + $TmpValue = $PSBoundParameters["UserMemberSettings"] + $a = @() + foreach($setting in $TmpValue) { + $Temp = $setting | ConvertTo-Json + $a += $Temp + } + + $Value = $a + $params["UserMemberSettings"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["RoleDefinitionId"]) + { + $params["RoleDefinitionId"] = $PSBoundParameters["RoleDefinitionId"] + } + if($null -ne $PSBoundParameters["AdminMemberSettings"]) + { + $TmpValue = $PSBoundParameters["AdminMemberSettings"] + $a = @() + foreach($setting in $TmpValue) { + $Temp = $setting | ConvertTo-Json + $a += $Temp + } + + $Value = $a + $params["AdminMemberSettings"] = $Value + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["GovernanceRoleSettingId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["AdminEligibleSettings"]) + { + $TmpValue = $PSBoundParameters["AdminEligibleSettings"] + $a = @() + foreach($setting in $TmpValue) { + $Temp = $setting | ConvertTo-Json + $a += $Temp + } + + $Value = $a + $params["AdminEligibleSettings"] = $Value + } + if ($null -ne $PSBoundParameters["ProviderId"]) + { + $params["PrivilegedAccessId"] = $PSBoundParameters["ProviderId"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaPrivilegedAccessRoleSetting @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupMember.ps1 new file mode 100644 index 0000000000..7dd1207df0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaGroupMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["RefObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["RefObjectId"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaGroupMember @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupOwner.ps1 new file mode 100644 index 0000000000..c5e392d8b0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaGroupOwner.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaGroupOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/beta/users/$TmpValue"} + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaGroupOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaLifecyclePolicyGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..ede9b5b9c0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Add-EntraBetaLifecyclePolicyGroup.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $GroupId, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Add-MgBetaGroupToLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaDeletedGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaDeletedGroup.ps1 new file mode 100644 index 0000000000..9c60446103 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaDeletedGroup.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaDeletedGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"} + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "mailNickName eq '$TmpValue' or (mail eq '$TmpValue' or (displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')))" + $params["Filter"] = $Value + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaDirectoryDeletedItemAsGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroup.ps1 new file mode 100644 index 0000000000..d87ae96cc1 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroup.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroup { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"; ObjectId = "Id"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "mailNickName eq '$TmpValue' or (mail eq '$TmpValue' or (displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')))" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..9300c2131d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupLifecyclePolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..c253b6ac7d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupLifecyclePolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupMember.ps1 new file mode 100644 index 0000000000..5486c01c63 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupMember.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroupMember { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroupMember @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('assignedLicenses','assignedPlans','provisionedPlans','identities') + foreach ($prop in $propsToConvert) { + if ($null -ne $_.PSObject.Properties[$prop]) { + $value = $_.$prop | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupOwner.ps1 new file mode 100644 index 0000000000..6fe26c069d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupOwner.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroupOwner { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/beta/groups' + $properties = '$select=*' + $Method = "GET" + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + + if($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + $URI = "$baseUri/$($params.GroupId)/owners?$properties" + } + + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.GroupId)/owners?$properties" + } + + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.GroupId)/owners?`$top=$topCount&$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupPermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupPermissionGrant.ps1 new file mode 100644 index 0000000000..e435c1010f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaGroupPermissionGrant.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGroupPermissionGrant { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroupPermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaLifecyclePolicyGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..498bb21a54 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaLifecyclePolicyGroup.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaGroupLifecyclePolicyByGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaObjectSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaObjectSetting.ps1 new file mode 100644 index 0000000000..4498481466 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Get-EntraBetaObjectSetting.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaObjectSetting { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = "https://graph.microsoft.com/beta/$TargetType/$TargetObjectId/settings" + $params["Method"] = "GET" + $params["Uri"] = $baseUri+'?$select=*' + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $params["Uri"] = $baseUri+"?`$select=$($selectProperties)" + } + + if($PSBoundParameters.ContainsKey("Top") -and (-not $PSBoundParameters.ContainsKey("All"))) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $params["Uri"] += "&`$top=999" + } + else{ + $params["Uri"] += "&`$top=$topCount" + } + } + + if($null -ne $PSBoundParameters["Id"]) + { + $Id = $PSBoundParameters["Id"] + $params["Uri"] = "$baseUri/$($Id)" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while ($response.'@odata.nextLink' -and (($all) -or ($increment -gt 0 -and -not $all))) { + $params["Uri"] = $response.'@odata.nextLink' + if (-not $all) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + + $targetTypeList = @() + + foreach($res in $data){ + $target = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectorySetting + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $target | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $target + } + + $targetTypeList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..0cf7666180 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Groups | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroup.ps1 new file mode 100644 index 0000000000..d001819771 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroup.ps1 @@ -0,0 +1,154 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $GroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Visibility, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $LabelId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAssignableToRole, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRule, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $MailEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $SecurityEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $MailNickname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRuleProcessingState + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["GroupTypes"]) + { + $params["GroupTypes"] = $PSBoundParameters["GroupTypes"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Visibility"]) + { + $params["Visibility"] = $PSBoundParameters["Visibility"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["LabelId"]) + { + $params["LabelId"] = $PSBoundParameters["LabelId"] + } + if ($null -ne $PSBoundParameters["IsAssignableToRole"]) + { + $params["IsAssignableToRole"] = $PSBoundParameters["IsAssignableToRole"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRule"]) + { + $params["MembershipRule"] = $PSBoundParameters["MembershipRule"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["MailEnabled"]) + { + $params["MailEnabled"] = $PSBoundParameters["MailEnabled"] + } + if ($null -ne $PSBoundParameters["SecurityEnabled"]) + { + $params["SecurityEnabled"] = $PSBoundParameters["SecurityEnabled"] + } + if ($null -ne $PSBoundParameters["MailNickname"]) + { + $params["MailNickname"] = $PSBoundParameters["MailNickname"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRuleProcessingState"]) + { + $params["MembershipRuleProcessingState"] = $PSBoundParameters["MembershipRuleProcessingState"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..829826ff5f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + [Alias('Id')] + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AppRoleId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AppRoleId"]) + { + $params["AppRoleId"] = $PSBoundParameters["AppRoleId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupLifecyclePolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..d185cff869 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaGroupLifecyclePolicy.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ManagedGroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Int32]] $GroupLifetimeInDays, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $AlternateNotificationEmails + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ManagedGroupTypes"]) + { + $params["ManagedGroupTypes"] = $PSBoundParameters["ManagedGroupTypes"] + } + if ($null -ne $PSBoundParameters["GroupLifetimeInDays"]) + { + $params["GroupLifetimeInDays"] = $PSBoundParameters["GroupLifetimeInDays"] + } + if ($null -ne $PSBoundParameters["AlternateNotificationEmails"]) + { + $params["AlternateNotificationEmails"] = $PSBoundParameters["AlternateNotificationEmails"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaObjectSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaObjectSetting.ps1 new file mode 100644 index 0000000000..252df64407 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/New-EntraBetaObjectSetting.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaObjectSetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.DirectorySetting] $DirectorySetting, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TargetType"]) { + $params["TargetType"] = $PSBoundParameters["TargetType"] + } + if ($null -ne $PSBoundParameters["TargetObjectId"]) { + $params["TargetObjectId"] = $PSBoundParameters["TargetObjectId"] + } + if ($null -ne $PSBoundParameters["DirectorySetting"]) { + $params["DirectorySetting"] = $PSBoundParameters["DirectorySetting"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $directorySettingsJson = $DirectorySetting| ForEach-Object { + $NonEmptyProperties = $_.psobject.Properties | Where-Object {$_.Value} | Select-Object -ExpandProperty Name + $propertyValues = $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json + [regex]::Replace($propertyValues,'(?<=")(\w+)(?=":)',{$args[0].Groups[1].Value.ToLower()}) + } + $response = Invoke-GraphRequest -Headers $customHeaders -Method POST -Uri https://graph.microsoft.com/beta/$TargetType/$TargetObjectId/settings -Body $directorySettingsJson + $response = $response | ConvertTo-Json | ConvertFrom-Json + + $targetTypeList = @() + foreach($data in $response){ + $target = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectorySetting + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $target | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $target + } + $targetTypeList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroup.ps1 new file mode 100644 index 0000000000..84d872639f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroup.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaGroup { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.ps1 new file mode 100644 index 0000000000..c2005280ff --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaGroupAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroupAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..01c3e509eb --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupMember.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupMember.ps1 new file mode 100644 index 0000000000..c5339f0263 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupMember.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaGroupMember { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $MemberId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["MemberId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["MemberId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroupMemberByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupOwner.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupOwner.ps1 new file mode 100644 index 0000000000..475735d045 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaGroupOwner.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaGroupOwner { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OwnerId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["OwnerId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroupOwnerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.ps1 new file mode 100644 index 0000000000..dc6b4b29c7 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaLifecyclePolicyGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $GroupId, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaGroupFromLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaObjectSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaObjectSetting.ps1 new file mode 100644 index 0000000000..9599307651 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Remove-EntraBetaObjectSetting.ps1 @@ -0,0 +1,40 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaObjectSetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TargetType"]) { + $params["TargetType"] = $PSBoundParameters["TargetType"] + } + if ($null -ne $PSBoundParameters["TargetObjectId"]) { + $params["TargetObjectId"] = $PSBoundParameters["TargetObjectId"] + } + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $Method = "DELETE" + $URI = ' https://graph.microsoft.com/beta/{0}/{1}/settings/{2}' -f $TargetType,$TargetObjectId, $ID + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Reset-EntraBetaLifeCycleGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Reset-EntraBetaLifeCycleGroup.ps1 new file mode 100644 index 0000000000..f34d614212 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Reset-EntraBetaLifeCycleGroup.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Reset-EntraBetaLifeCycleGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $GroupId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-MgBetaRenewGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 new file mode 100644 index 0000000000..5269c4799f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraBetaGroupIdsContactIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["OrgContactId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgBetaContactMemberOfAsGroup @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.Id + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 new file mode 100644 index 0000000000..4cbf3f8e33 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraBetaGroupIdsGroupIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["GroupId"] = $PSBoundParameters["ObjectId"] + } + if($null -ne $PSBoundParameters["GroupIdsForMembershipCheck"]) + { + $GroupIdData = Get-EntraBetaGroup -All + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgBetaGroupMemberOf @params -Headers $customHeaders + $response = $initalResponse | Where-Object -Filterscript {$_.Id -in ($GroupIdsForMembershipCheck.GroupIds)} + $result=@() + if($response){ + $result = $response.Id + } + $notMember = $GroupIdsForMembershipCheck.GroupIds | Where-Object -Filterscript { $_ -notin $result } + foreach ($Id in $notMember) { + if ($GroupIdData.Id -notcontains $Id) { + Write-Error "Error occurred while executing SelectEntraBetaGroupIdsGroupIsMemberOf +Code: Request_BadRequest +Message: Invalid GUID:$Id" + return + } + } + if($response){ + $response.Id + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 new file mode 100644 index 0000000000..56903e8d32 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Select-EntraBetaGroupIdsUserIsMemberOf { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $initalResponse = Get-MgBetaUserMemberOfAsGroup -Headers $customHeaders -UserId $params["UserId"] + $response = $initalResponse | Where-Object -Filterscript {$_.ID -in ($GroupIdsForMembershipCheck.GroupIds)} + if($response){ + $response.ID + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroup.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroup.ps1 new file mode 100644 index 0000000000..de51529d7b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroup.ps1 @@ -0,0 +1,161 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaGroup { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $GroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Visibility, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $LabelId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAssignableToRole, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRule, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $MailEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $SecurityEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickname, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MembershipRuleProcessingState + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["GroupTypes"]) + { + $params["GroupTypes"] = $PSBoundParameters["GroupTypes"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Visibility"]) + { + $params["Visibility"] = $PSBoundParameters["Visibility"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["LabelId"]) + { + $params["LabelId"] = $PSBoundParameters["LabelId"] + } + if ($null -ne $PSBoundParameters["IsAssignableToRole"]) + { + $params["IsAssignableToRole"] = $PSBoundParameters["IsAssignableToRole"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRule"]) + { + $params["MembershipRule"] = $PSBoundParameters["MembershipRule"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["MailEnabled"]) + { + $params["MailEnabled"] = $PSBoundParameters["MailEnabled"] + } + if ($null -ne $PSBoundParameters["SecurityEnabled"]) + { + $params["SecurityEnabled"] = $PSBoundParameters["SecurityEnabled"] + } + if ($null -ne $PSBoundParameters["MailNickname"]) + { + $params["MailNickname"] = $PSBoundParameters["MailNickname"] + } + if ($null -ne $PSBoundParameters["GroupId"]) + { + $params["GroupId"] = $PSBoundParameters["GroupId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["MembershipRuleProcessingState"]) + { + $params["MembershipRuleProcessingState"] = $PSBoundParameters["MembershipRuleProcessingState"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaGroup @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroupLifecyclePolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroupLifecyclePolicy.ps1 new file mode 100644 index 0000000000..4464f37310 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaGroupLifecyclePolicy.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaGroupLifecyclePolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ManagedGroupTypes, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Int32]] $GroupLifetimeInDays, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $GroupLifecyclePolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AlternateNotificationEmails + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ManagedGroupTypes"]) + { + $params["ManagedGroupTypes"] = $PSBoundParameters["ManagedGroupTypes"] + } + if ($null -ne $PSBoundParameters["GroupLifetimeInDays"]) + { + $params["GroupLifetimeInDays"] = $PSBoundParameters["GroupLifetimeInDays"] + } + if ($null -ne $PSBoundParameters["GroupLifecyclePolicyId"]) + { + $params["GroupLifecyclePolicyId"] = $PSBoundParameters["GroupLifecyclePolicyId"] + } + if ($null -ne $PSBoundParameters["AlternateNotificationEmails"]) + { + $params["AlternateNotificationEmails"] = $PSBoundParameters["AlternateNotificationEmails"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaGroupLifecyclePolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaObjectSetting.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaObjectSetting.ps1 new file mode 100644 index 0000000000..2d1374b4ae --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Groups/Set-EntraBetaObjectSetting.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaObjectSetting { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.MSGraph.Model.DirectorySetting] $DirectorySetting, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["TargetType"]) { + $params["TargetType"] = $PSBoundParameters["TargetType"] + } + if ($null -ne $PSBoundParameters["TargetObjectId"]) { + $params["TargetObjectId"] = $PSBoundParameters["TargetObjectId"] + } + if ($null -ne $PSBoundParameters["DirectorySetting"]) { + $params["DirectorySetting"] = $PSBoundParameters["DirectorySetting"] + } + if ($null -ne $PSBoundParameters["ID"]) { + $params["ID"] = $PSBoundParameters["ID"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $directorySettingsJson = $DirectorySetting| ForEach-Object { + $NonEmptyProperties = $_.psobject.Properties | Where-Object {$_.Value} | Select-Object -ExpandProperty Name + $propertyValues = $_ | Select-Object -Property $NonEmptyProperties | ConvertTo-Json + [regex]::Replace($propertyValues,'(?<=")(\w+)(?=":)',{$args[0].Groups[1].Value.ToLower()}) + } + $response = Invoke-GraphRequest -Headers $customHeaders -Method PATCH -Uri https://graph.microsoft.com/beta/$TargetType/$TargetObjectId/settings/$ID -Body $directorySettingsJson + $response | ConvertTo-Json | ConvertFrom-Json + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.ps1 new file mode 100644 index 0000000000..a81a2a0725 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.ps1 @@ -0,0 +1,25 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraBetaGlobalSecureAccessTenant { + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + # Invoke the API request to enable global secure access tenant + $response = Invoke-GraphRequest -Method POST -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/networkAccess/microsoft.graph.networkaccess.onboard" + + # Check the response and provide feedback + if ($response) { + Write-Output "Global Secure Access Tenant has been successfully enabled." + } else { + Write-Error "Failed to enable Global Secure Access Tenant." + } + } catch { + Write-Error "An error occurred while enabling the Global Secure Access Tenant: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 new file mode 100644 index 0000000000..a8bebf723c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 @@ -0,0 +1,25 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaGlobalSecureAccessTenantStatus { + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + # Invoke the API request to get the tenant status + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/networkAccess/tenantStatus" + + # Check the response and provide feedback + if ($response) { + Write-Output $response + } else { + Write-Error "Failed to retrieve the Global Secure Access Tenant status." + } + } catch { + Write-Error "An error occurred while retrieving the Global Secure Access Tenant status: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.ps1 new file mode 100644 index 0000000000..5b48d094d0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivateAccessApplication { + + [CmdletBinding(DefaultParameterSetName = 'AllPrivateAccessApps')] + param ( + [Alias("ObjectId")] + [Parameter(Mandatory = $True, ParameterSetName = 'SingleAppID')] + [System.String] + $ApplicationId, + + [Parameter(Mandatory = $False, ParameterSetName = 'SingleAppName')] + [System.String] + $ApplicationName + ) + + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + switch ($PSCmdlet.ParameterSetName) { + "AllPrivateAccessApps" { + # Retrieve all private access applications + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri 'https://graph.microsoft.com/beta/applications?$count=true&$select=displayName,appId,id,tags,createdDateTime,servicePrincipalType,createdDateTime,servicePrincipalNames&$filter=tags/Any(x: x eq ''PrivateAccessNonWebApplication'') or tags/Any(x: x eq ''NetworkAccessManagedApplication'') or tags/Any(x: x eq ''NetworkAccessQuickAccessApplication'')' + $response.value + break + } + "SingleAppID" { + # Retrieve a single application by ID + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/applications/$ApplicationId/?`$select=displayName,appId,id,tags,createdDateTime,servicePrincipalType,createdDateTime,servicePrincipalNames" + $response + break + } + "SingleAppName" { + # Retrieve a single application by name + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/applications?`$count=true&`$select=displayName,appId,id,tags,createdDateTime,servicePrincipalType,createdDateTime,servicePrincipalNames&`$filter=DisplayName eq '$ApplicationName'" + $response.value + break + } + } + } catch { + Write-Error "Failed to retrieve the application(s): $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.ps1 new file mode 100644 index 0000000000..f8abcbb7c4 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPrivateAccessApplicationSegment { + + [CmdletBinding(DefaultParameterSetName = 'AllApplicationSegments')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $True, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] + $ApplicationId, + + [Parameter(Mandatory = $False, ParameterSetName = 'SingleApplicationSegment')] + [System.String] + $ApplicationSegmentId + ) + + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + switch ($PSCmdlet.ParameterSetName) { + "AllApplicationSegments" { + # Retrieve all application segments + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/applications/$ApplicationId/onPremisesPublishing/segmentsConfiguration/microsoft.graph.ipSegmentConfiguration/applicationSegments" + $response.value + break + } + "SingleApplicationSegment" { + # Retrieve a single application segment + $response = Invoke-GraphRequest -Method GET -Headers $customHeaders -OutputType PSObject -Uri "https://graph.microsoft.com/beta/applications/$ApplicationId/onPremisesPublishing/segmentsConfiguration/microsoft.graph.ipSegmentConfiguration/applicationSegments/$ApplicationSegmentId" + $response + break + } + } + } catch { + Write-Error "Failed to retrieve the application segment(s): $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..ebc0e8bd3e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.NetworkAccess | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.ps1 new file mode 100644 index 0000000000..c03577f8e4 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.ps1 @@ -0,0 +1,71 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPrivateAccessApplication { + + [CmdletBinding(DefaultParameterSetName = 'AllPrivateAccessApps')] + param ( + [Parameter(Mandatory = $True)] + [System.String] + $ApplicationName, + + [Parameter(Mandatory = $False)] + [System.String] + $ConnectorGroupId + ) + + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + # Prepare the request body for instantiating the Private Access app + $bodyJson = @{ displayName = $ApplicationName } | ConvertTo-Json -Depth 99 -Compress + + # Instantiate the Private Access app + $newApp = Invoke-GraphRequest -Method POST -Headers $customHeaders -Uri 'https://graph.microsoft.com/beta/applicationTemplates/8adf8e6e-67b2-4cf2-a259-e3dc5476c621/instantiate' -Body $bodyJson + + # Prepare the request body for setting the app to be accessible via the ZTNA client + $bodyJson = @{ + "onPremisesPublishing" = @{ + "applicationType" = "nonwebapp" + "isAccessibleViaZTNAClient" = $true + } + } | ConvertTo-Json -Depth 99 -Compress + + $newAppId = $newApp.application.objectId + + # Set the Private Access app to be accessible via the ZTNA client + $params = @{ + Method = 'PATCH' + Uri = "https://graph.microsoft.com/beta/applications/$newAppId/" + Headers = $customHeaders + Body = $bodyJson + } + + Invoke-GraphRequest @params + + # If ConnectorGroupId has been specified, assign the connector group to the app + if ($ConnectorGroupId) { + $bodyJson = @{ + "@odata.id" = "https://graph.microsoft.com/beta/onPremisesPublishingProfiles/applicationproxy/connectorGroups/$ConnectorGroupId" + } | ConvertTo-Json -Depth 99 -Compress + + $params = @{ + Method = 'PUT' + Uri = "https://graph.microsoft.com/beta/applications/$newAppId/connectorGroup/`$ref" + Headers = $customHeaders + Body = $bodyJson + } + + Invoke-GraphRequest @params + } + + Write-Output "Private Access application '$ApplicationName' has been successfully created and configured." + } catch { + Write-Error "Failed to create the Private Access app. Error: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.ps1 new file mode 100644 index 0000000000..970a7f2e0f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPrivateAccessApplicationSegment { + + [CmdletBinding()] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $True, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] + $ApplicationId, + + [Parameter(Mandatory = $True)] + [System.String] + $DestinationHost, + + [Parameter(Mandatory = $False)] + [System.String[]] + $Ports, + + [Parameter(Mandatory = $False)] + [ValidateSet("TCP", "UDP")] + [System.String[]] + $Protocol, + + [Parameter(Mandatory = $True)] + [ValidateSet("ipAddress", "dnsSuffix", "ipRangeCidr", "ipRange", "FQDN")] + [System.String] + $DestinationType + ) + + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $portRanges = @() + + # Process port ranges + foreach ($port in $Ports) { + if (!$port.Contains("-")) { + $portRanges += "$port-$port" + } else { + $portRanges += $port + } + } + + # Build the request body based on the destination type + if ($DestinationType -eq "dnsSuffix") { + $body = @{ + destinationHost = $DestinationHost.ToLower() + destinationType = 'dnsSuffix' + } + } else { + switch ($DestinationType) { + "ipAddress" { $dstType = 'ip' } + "ipRange" { $dstType = 'ipRange' } + "fqdn" { $dstType = 'fqdn' } + "ipRangeCidr" { $dstType = 'ipRangeCidr' } + } + $body = @{ + destinationHost = $DestinationHost.ToLower() + protocol = $Protocol.ToLower() -join "," + ports = $portRanges + destinationType = $dstType + } + } + + # Convert the body to JSON + $bodyJson = $body | ConvertTo-Json -Depth 99 -Compress + + # Define the parameters for the API request + $params = @{ + Method = 'POST' + Uri = "https://graph.microsoft.com/beta/applications/$ApplicationId/onPremisesPublishing/segmentsConfiguration/microsoft.graph.ipSegmentConfiguration/applicationSegments/" + Headers = $customHeaders + Body = $bodyJson + OutputType = 'PSObject' + } + + # Invoke the API request + Invoke-GraphRequest @params + } catch { + Write-Error "Failed to create the application segment: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 new file mode 100644 index 0000000000..2b93d5e31d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 @@ -0,0 +1,36 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaPrivateAccessApplicationSegment { + + [CmdletBinding()] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $True)] + [System.String] + $ApplicationId, + + [Parameter(Mandatory = $False)] + [System.String] + $ApplicationSegmentId + ) + + PROCESS { + try { + # Create custom headers for the request + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + # Construct the URI for the API request + $uri = "https://graph.microsoft.com/beta/applications/$ApplicationId/onPremisesPublishing/segmentsConfiguration/microsoft.graph.ipSegmentConfiguration/applicationSegments/$ApplicationSegmentId" + + # Invoke the API request to delete the application segment + Invoke-GraphRequest -Method DELETE -Headers $customHeaders -OutputType PSObject -Uri $uri + + Write-Output "Application segment with ID $ApplicationSegmentId has been removed successfully." + } catch { + Write-Error "Failed to remove the application segment: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.ps1 new file mode 100644 index 0000000000..b1fa00a624 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationSignInDetailedSummary { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $params["Filter"] = $PSBoundParameters["Filter"] + } + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaReportApplicationSignInDetailedSummary @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $value = $_.Status | ConvertTo-Json | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name Status -Value ($value) -Force + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInSummary.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInSummary.ps1 new file mode 100644 index 0000000000..a0eade9a4a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaApplicationSignInSummary.ps1 @@ -0,0 +1,56 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaApplicationSignInSummary { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Days, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $filterApplied = $null + $topCount = $null + if ($null -ne $PSBoundParameters["Days"]) { + $params["Days"] = $PSBoundParameters["Days"] + } + if ($null -ne $PSBoundParameters["Filter"]) { + $params["Filter"] = $PSBoundParameters["Filter"] + $filterApplied = '?$filter=' + $params["Filter"] + } + if ($PSBoundParameters.ContainsKey("Top")) { + $params["Top"] = $PSBoundParameters["Top"] + $topCount = '?$top=' + $params["Top"] + } + $Method = "GET" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = "https://graph.microsoft.com/beta/reports/getAzureADApplicationSignInSummary(period='D{0}'){1}{2}" -f $Days, $filterApplied, $topCount + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method | ConvertTo-Json | ConvertFrom-Json).value + + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphApplicationSignInSummary + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditDirectoryLog.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditDirectoryLog.ps1 new file mode 100644 index 0000000000..4418fed453 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditDirectoryLog.ps1 @@ -0,0 +1,113 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAuditDirectoryLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaAuditLogDirectoryAudit @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('InitiatedBy', 'TargetResources', 'AdditionalDetails') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditSignInLog.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditSignInLog.ps1 new file mode 100644 index 0000000000..05630fcf08 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Reports/Get-EntraBetaAuditSignInLog.ps1 @@ -0,0 +1,115 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAuditSignInLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{} + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Get-MgBetaAuditLogSignIn @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $_ | Add-Member -MemberType AliasProperty -Name RiskEventTypes -Value RiskEventTypesV2 -Force + + $propsToConvert = @('MfaDetail', 'AppliedConditionalAccessPolicies', 'NetworkLocationDetails', 'Location', 'DeviceDetail', 'Status', 'AuthenticationProcessingDetails') + + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Reports/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Reports/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..fc00a44a59 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Reports/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Reports | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 new file mode 100644 index 0000000000..655650d1bc --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaFeatureRolloutPolicyDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = "https://graph.microsoft.com/v1.0/directoryObjects/$TmpValue" + $params["OdataId"] = $Value + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["FeatureRolloutPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaServicePrincipalPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaServicePrincipalPolicy.ps1 new file mode 100644 index 0000000000..6036de249e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Add-EntraBetaServicePrincipalPolicy.ps1 @@ -0,0 +1,40 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Add-EntraBetaServicePrincipalPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ID"]) { + $id = $PSBoundParameters["ID"] + } + if ($null -ne $PSBoundParameters["RefObjectId"]) { + $RefObjectId = $PSBoundParameters["RefObjectId"] + } + $uri = "https://graph.microsoft.com/beta/serviceprincipals/$id/Policies/" + '$ref' + $body = @{ + "@odata.id" = "https://graph.microsoft.com/beta/legacy/policies/$RefObjectId" + } + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-MgGraphRequest -Headers $customHeaders -Method POST -Uri $uri -Body $body -ContentType "application/json" + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaAuthorizationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaAuthorizationPolicy.ps1 new file mode 100644 index 0000000000..cdc2aba44e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaAuthorizationPolicy.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaAuthorizationPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + + if($PSBoundParameters.ContainsKey("Id")) + { + $params["AuthorizationPolicyId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPolicyAuthorizationPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('DefaultUserRolePermissions') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaConditionalAccessPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..921de3f356 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaConditionalAccessPolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..bb915a858e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.ps1 @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $keysChanged = @{SearchString = "Filter"} + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" + $params["Filter"] = $Value + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Filter"]) + { + $TmpValue = $PSBoundParameters["Filter"] + foreach($i in $keysChanged.GetEnumerator()){ + $TmpValue = $TmpValue.Replace($i.Key, $i.Value) + } + $Value = $TmpValue + $params["Filter"] = $Value + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["FeatureRolloutPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPolicyFeatureRolloutPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaIdentityProvider.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaIdentityProvider.ps1 new file mode 100644 index 0000000000..2ee8f1f29d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaIdentityProvider.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('Id')] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name Type -Value identityProviderType + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value DisplayName + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaNamedLocationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..491de3618a --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaNamedLocationPolicy.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('ipRanges') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..f9da8f7f37 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..2876daa183 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if("$conditionalSet" -eq "includes"){ + $response = Get-MgBetaPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Get-MgBetaPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..9b8f7c3ae3 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPermissionGrantPolicy.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicy.ps1 new file mode 100644 index 0000000000..5ae49c843e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicy.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUrl = "https://graph.microsoft.com/beta/policies/" + $endpoints = @("homeRealmDiscoveryPolicies", + "claimsMappingPolicies", + "tokenIssuancePolicies", + "tokenLifetimePolicies", + "activityBasedTimeoutPolicies", + "featureRolloutPolicies", + "defaultAppManagementPolicy", + "appManagementPolicies", + "authenticationFlowsPolicy", + "authenticationMethodsPolicy", + "permissionGrantPolicies") + + if($PSBoundParameters.ContainsKey("Top") -and ($null -eq $Top -or $Top -eq 0)){ + Write-Error "Invalid page size specified: '0'. Must be between 1 and 999 inclusive. +Status: 400 (BadRequest) +ErrorCode: Request_UnsupportedQuery" + break + } + $response = @() + foreach ($endpoint in $endpoints) { + $url = "${baseUrl}${endpoint}" + try { + $policies = (Invoke-GraphRequest -Headers $customHeaders -Uri $url -Method GET).value + } + catch { + $policies = (Invoke-GraphRequest -Headers $customHeaders -Uri $url -Method GET) + } + + $policies | ForEach-Object { + $_.Type = ($endpoint.Substring(0, 1).ToUpper() + $endpoint.Substring(1) -replace "ies", "y") + $response += $_ + if ($Top -and ($response.Count -ge $Top)) { + break + } + } + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================") + + if ($PSBoundParameters.ContainsKey("ID")) { + $response = $response | Where-Object { $_.id -eq $Id } + if($Null -eq $response ) { + Write-Error "Get-EntraBetaPolicy : Error occurred while executing Get-Policy + Code: Request_BadRequest + Message: Invalid object identifier '$Id' ." + } + } elseif (-not $All -and $Top) { + $response = $response | Select-Object -First $Top + } + + $data = $response | ConvertTo-Json -Depth 50 | ConvertFrom-Json + $respList = @() + foreach ($res in $data) { + switch ($res.type) { + "ActivityBasedTimeoutPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphActivityBasedTimeoutPolicy } + "AppManagementPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAppManagementPolicy } + "ClaimsMappingPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphClaimsMappingPolicy } + "FeatureRolloutPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy } + "HomeRealmDiscoveryPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphHomeRealmDiscoveryPolicy } + "TokenIssuancePolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenIssuancePolicy } + "TokenLifetimePolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenLifetimePolicy } + "PermissionGrantPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPermissionGrantPolicy } + "DefaultAppManagementPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphappManagementPolicy } + "AuthenticationFlowsPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphauthenticationFlowsPolicy } + "AuthenticationMethodsPolicy" { $respType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphauthenticationMethodsPolicy } + default { Write-Error "Unknown type: '$res.type'" } + } + + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $respList += $respType + } + $respList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicyAppliedObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicyAppliedObject.ps1 new file mode 100644 index 0000000000..46942bba74 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaPolicyAppliedObject.ps1 @@ -0,0 +1,42 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaPolicyAppliedObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $Id = $PSBoundParameters["Id"] + $params["Uri"] = "https://graph.microsoft.com/beta/legacy/policies/$Id/appliesTo" + $params["Method"] = "GET" + if ($PSBoundParameters.ContainsKey("ID")) { + $params["Uri"] = "https://graph.microsoft.com/beta/legacy/policies/$Id/appliesTo" + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = (Invoke-GraphRequest -Headers $customHeaders -Method $params.method -Uri $params.uri | ConvertTo-Json -Depth 10 | ConvertFrom-Json).value + $response | Add-Member -MemberType AliasProperty -Value '@odata.type' -Name 'odata.type' + if($response){ + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaServicePrincipalPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaServicePrincipalPolicy.ps1 new file mode 100644 index 0000000000..940f4cf1ab --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaServicePrincipalPolicy.ps1 @@ -0,0 +1,48 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaServicePrincipalPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + $Method = "GET" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = "https://graph.microsoft.com/beta/serviceprincipals/$Id/policies" + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method | ConvertTo-Json -Depth 20 | ConvertFrom-Json).value + + $data = $response + $userList = @() + foreach ($res in $data) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphServicePrincipal + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + + if($_.Name -eq 'type'){ + $userType | Add-Member -MemberType NoteProperty -Name 'ServicePrincipalType' -Value $propertyValue -Force + + }else{ + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + } + $userList += $userType + } + $userList + + + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.ps1 new file mode 100644 index 0000000000..8393ce52b2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaTrustFrameworkPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(ParameterSetName = "GetById", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $OutputFilePath, + + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -eq $PSBoundParameters["Id"] -and $null -eq $PSBoundParameters["OutputFilePath"]) + { + $response = Get-MgBetaTrustFrameworkPolicy @params -Headers $customHeaders + $response + } + elseif($null -ne $PSBoundParameters["Id"]) { + # Define a temporary file path + $Id = $PSBoundParameters["Id"] + $tempFilePath = [System.IO.Path]::GetTempFileName() + + $outFile = $tempFilePath + + if($null -ne $PSBoundParameters["OutputFilePath"]){ + $outFile = $PSBoundParameters["OutputFilePath"] + } + + $V = '$value' + $uri = '/beta/trustframework/policies/'+$Id+'/'+$V + + $response = Invoke-GraphRequest -Headers $customHeaders -Method 'GET' -Uri $uri -OutputFilePath $outFile + + # Read the content from the temporary file + $xmlContent = Get-Content -Path $tempFilePath + + # Display the content if output file path not specified + if($null -eq $PSBoundParameters["OutputFilePath"]){ + $xmlContent + } + + # Clean up the temporary file + Remove-Item -Path $tempFilePath -Force + } + + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..96429399cf --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TrustedIssuer, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TrustedIssuerSki, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + $params["OrganizationId"] = (Get-MgContext).TenantId + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["TrustedIssuerSki"]) + { + $trustedIssuerSki = $PSBoundParameters["TrustedIssuerSki"] + } + if($null -ne $PSBoundParameters["TrustedIssuer"]) + { + $trustedIssuer = $PSBoundParameters["TrustedIssuer"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $responseData = Get-MgBetaOrganizationCertificateBasedAuthConfiguration @params -Headers $customHeaders + $response= @() + if($responseData){ + $responseData.CertificateAuthorities | ForEach-Object { + if ( + ([string]::IsNullOrEmpty($TrustedIssuer) -and [string]::IsNullOrEmpty($TrustedIssuerSki)) -or + (![string]::IsNullOrEmpty($TrustedIssuer) -and ![string]::IsNullOrEmpty($TrustedIssuerSki) -and $_.Issuer -eq $TrustedIssuer -and $_.IssuerSki -eq $TrustedIssuerSki) -or + (![string]::IsNullOrEmpty($TrustedIssuer) -and [string]::IsNullOrEmpty($TrustedIssuerSki) -and $_.Issuer -eq $TrustedIssuer) -or + (![string]::IsNullOrEmpty($TrustedIssuerSki) -and [string]::IsNullOrEmpty($TrustedIssuer) -and $_.IssuerSki -eq $TrustedIssuerSki)) + { + $data = @{ + AuthorityType = "IntermediateAuthority" + TrustedCertificate = $_.Certificate + CrlDistributionPoint = $_.CertificateRevocationListUrl + DeltaCrlDistributionPoint = $_.DeltaCertificateRevocationListUrl + TrustedIssuer = $_.Issuer + TrustedIssuerSki = $_.IssuerSki + } + + if($_.IsRootAuthority){ + $data.AuthorityType = "RootAuthority" + } + $dataJson = ConvertTo-Json $data + $response += [Newtonsoft.Json.JsonConvert]::DeserializeObject($dataJson, [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation]) + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationMethod.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationMethod.ps1 new file mode 100644 index 0000000000..62ce179983 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationMethod.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserAuthenticationMethod { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Enter the User ID (ObjectId or UserPrincipalName) of the user whose authentication requirements you want to update.")] + [Alias("ObjectId")] + [System.String] $UserId + ) + + PROCESS { + try { + + # Initialize headers and URI + $params = @{ } + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserId"]) { + $params["UserId"] = $PSBoundParameters["UserId"] + } + + $params["Url"] = "https://graph.microsoft.com/beta/users/$($params.UserId)/authentication/methods" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + # Make the API call + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.Url -Method GET + + if ($response.ContainsKey('value')) { + $response = $response.value + } + + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $authMethodList = @() + foreach ($res in $data) { + $authMethodType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAuthenticationMethod + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $authMethodType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $authMethodType | Add-Member -MemberType AliasProperty -Name AuthenticationMethodType -Value '@odata.type' + $authMethodList += $authMethodType + } + + return $authMethodList + } + catch { + Write-Error "An error occurred while retrieving user authentication methods: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.ps1 new file mode 100644 index 0000000000..2086df7c4f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.ps1 @@ -0,0 +1,36 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserAuthenticationRequirement { + [CmdletBinding(DefaultParameterSetName = 'UserRequirements')] + param ( + [Alias("ObjectId")] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Enter the User ID (ObjectId or UserPrincipalName) of the user whose authentication requirements you want to retrieve.")] + [System.String] $UserId + ) + + PROCESS { + try { + # Initialize parameters and headers + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "https://graph.microsoft.com/beta/users/$UserId" + $params["Uri"] = "$baseUri/authentication/requirements" + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + # Make the API call + $response = Invoke-GraphRequest -Uri $($params.Uri) -Method GET -Headers $customHeaders | Convertto-json | convertfrom-json + + # Return the response + return $response + } + catch { + Write-Error "An error occurred while retrieving user authentication requirements: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaConditionalAccessPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..263477b2da --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaConditionalAccessPolicy.ps1 @@ -0,0 +1,174 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls] $GrantControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls] $SessionControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet] $Conditions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ModifiedDateTime, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreatedDateTime + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if($null -ne $PSBoundParameters["GrantControls"]) + { + $TmpValue = $PSBoundParameters["GrantControls"] + $hash = @{} + if($TmpValue._Operator) { $hash["Operator"] = $TmpValue._Operator } + if($null -ne $TmpValue.BuiltInControls) { $hash["BuiltInControls"] = $TmpValue.BuiltInControls } + if($TmpValue.CustomAuthenticationFactors) { $hash["CustomAuthenticationFactors"] = $TmpValue.CustomAuthenticationFactors } + if($TmpValue.TermsOfUse) { $hash["TermsOfUse"] = $TmpValue.TermsOfUse } + + $Value = $hash + $params["GrantControls"] = $Value + } + if($null -ne $PSBoundParameters["SessionControls"]) + { + $TmpValue = $PSBoundParameters["SessionControls"] + $Value = @{} + $TmpValue.PSObject.Properties | foreach { + $propName = $_.Name + $propValue = $_.Value + if ($propValue -is [System.Object]) { + $nestedProps = @{} + $propValue.PSObject.Properties | foreach { + $nestedPropName = $_.Name + $nestedPropValue = $_.Value + $nestedProps[$nestedPropName] = $nestedPropValue + } + $Value[$propName] = $nestedProps + } + } + $params["SessionControls"] = $Value + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["Conditions"]) + { + $TmpValue = $PSBoundParameters["Conditions"] + $Value = @{} + $TmpValue.PSObject.Properties | foreach { + $propName = $_.Name + $propValue = $_.Value + if ($propName -eq 'clientAppTypes') { + $Value[$propName] = $propValue + } + elseif ($propValue -is [System.Object]) { + $nestedProps = @{} + $propValue.PSObject.Properties | foreach { + $nestedPropName = $_.Name + $nestedPropValue = $_.Value + $nestedProps[$nestedPropName] = $nestedPropValue + } + $Value[$propName] = $nestedProps + } + } + $params["Conditions"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ModifiedDateTime"]) + { + $params["ModifiedDateTime"] = $PSBoundParameters["ModifiedDateTime"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["CreatedDateTime"]) + { + $params["CreatedDateTime"] = $PSBoundParameters["CreatedDateTime"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..119fb85faa --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.SignIns | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaFeatureRolloutPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..1fa289f77b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaFeatureRolloutPolicy.ps1 @@ -0,0 +1,119 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject]] $AppliesTo, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[Microsoft.Open.MSGraph.Model.MsFeatureRolloutPolicy+FeatureEnum]] $Feature, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAppliedToOrganization + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AppliesTo"]) + { + $params["AppliesTo"] = $PSBoundParameters["AppliesTo"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Feature"]) + { + $params["Feature"] = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["IsAppliedToOrganization"]) + { + $params["IsAppliedToOrganization"] = $PSBoundParameters["IsAppliedToOrganization"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaPolicyFeatureRolloutPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaIdentityProvider.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaIdentityProvider.ps1 new file mode 100644 index 0000000000..b0392069da --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaIdentityProvider.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ClientId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Type, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ClientSecret + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["Id"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["Type"]) + { + $body["identityProviderType"] = $PSBoundParameters["Type"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["displayName"] = $PSBoundParameters["Name"] + } + if($null -ne $PSBoundParameters["ClientId"]) + { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if($null -ne $PSBoundParameters["ClientSecret"]) + { + $body["clientSecret"] = $PSBoundParameters["ClientSecret"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + $body["@odata.type"] = "#microsoft.graph.socialIdentityProvider" + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name Name -Value DisplayName + Add-Member -InputObject $_ -MemberType AliasProperty -Name Type -Value identityProviderType + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaInvitation.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaInvitation.ps1 new file mode 100644 index 0000000000..2f7067c1fa --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaInvitation.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaInvitation { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $InviteRedirectUrl, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $InvitedUserDisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.InvitedUserMessageInfo] $InvitedUserMessageInfo, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $InvitedUserEmailAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ResetRedemption, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.User] $InvitedUser, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $InvitedUserType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $SendInvitationMessage + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["InvitedUser"]) + { + $TmpValue = $PSBoundParameters["InvitedUser"] + $Temp = @{} + foreach ($property in $TmpValue.PSObject.Properties) { + $Temp[$property.Name] = $property.Value + } + $params["InvitedUser"] = $Temp + } + if($null -ne $PSBoundParameters["ResetRedemption"]) + { + $params["ResetRedemption"] = $PSBoundParameters["ResetRedemption"] + } + if($null -ne $PSBoundParameters["InvitedUserMessageInfo"]) + { + $TmpValue = $PSBoundParameters["InvitedUserMessageInfo"] + $Temp = @{} + $Temp["CustomizedMessageBody"] = $TmpValue.CustomizedMessageBody + $Temp["MessageLanguage"] = $TmpValue.MessageLanguage + $Temp["CcRecipients"] = $TmpValue.CcRecipients + $Value = $Temp + $params["InvitedUserMessageInfo"] = $Value + } + if($null -ne $PSBoundParameters["InvitedUserType"]) + { + $params["InvitedUserType"] = $PSBoundParameters["InvitedUserType"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["SendInvitationMessage"]) + { + $params["SendInvitationMessage"] = $PSBoundParameters["SendInvitationMessage"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["InvitedUserEmailAddress"]) + { + $params["InvitedUserEmailAddress"] = $PSBoundParameters["InvitedUserEmailAddress"] + } + if($null -ne $PSBoundParameters["InvitedUserDisplayName"]) + { + $params["InvitedUserDisplayName"] = $PSBoundParameters["InvitedUserDisplayName"] + } + if($null -ne $PSBoundParameters["InviteRedirectUrl"]) + { + $params["InviteRedirectUrl"] = $PSBoundParameters["InviteRedirectUrl"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaInvitation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaNamedLocationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..af0d2d7e95 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaNamedLocationPolicy.ps1 @@ -0,0 +1,136 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IncludeUnknownCountriesAndRegions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange]] $IpRanges, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsTrusted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $OdataType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion]] $CountriesAndRegions + ) + + PROCESS { + $body = @{} + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["IncludeUnknownCountriesAndRegions"]) + { + $body["IncludeUnknownCountriesAndRegions"] = $PSBoundParameters["IncludeUnknownCountriesAndRegions"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $body["Id"] = $PSBoundParameters["Id"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["IsTrusted"]) + { + $body["IsTrusted"] = $PSBoundParameters["IsTrusted"] + } + if($null -ne $PSBoundParameters["OdataType"]) + { + $body["@odata.type"] = $PSBoundParameters["OdataType"] + } + if($null -ne $PSBoundParameters["CountriesAndRegions"]) + { + $body["CountriesAndRegions"] = $PSBoundParameters["CountriesAndRegions"] + } + if($null -ne $PSBoundParameters["IpRanges"]) + { + $Tmp = $PSBoundParameters["IpRanges"] + $hash =@() + foreach($i in $Tmp){ + $hash += @{cidrAddress=$i.CidrAddress} + } + $body["IpRanges"] = $hash + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + $propsToConvert = @('ipRanges') + try { + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaOauth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaOauth2PermissionGrant.ps1 new file mode 100644 index 0000000000..abfe0e8e8c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaOauth2PermissionGrant.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaOauth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'CreateExpanded')] + param ( + [Parameter(ParameterSetName = "CreateExpanded",Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ClientId, + [Parameter(ParameterSetName = "CreateExpanded",Mandatory = $true)] + [System.String] $ConsentType, + [Parameter(ParameterSetName = "CreateExpanded")] + [System.String] $PrincipalId, + [Parameter(ParameterSetName = "CreateExpanded",Mandatory = $true)] + [System.String] $ResourceId, + [Parameter(ParameterSetName = "CreateExpanded")] + [System.String] $Scope, + [Parameter(ParameterSetName = "CreateExpanded",Mandatory = $true)] + [System.Nullable`1[System.DateTime]]$StartTime, + [Parameter(ParameterSetName = "CreateExpanded",Mandatory = $true)] + [System.Nullable`1[System.DateTime]]$ExpiryTime + ) + + PROCESS { + $params = @{} + $body = @{} + $params["Uri"] = "https://graph.microsoft.com/beta/oauth2PermissionGrants" + $params["Method"] = "POST" + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ClientId"]) + { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if($null -ne $PSBoundParameters["ConsentType"]) + { + $body["consentType"] = $PSBoundParameters["ConsentType"] + } + if($null -ne $PSBoundParameters["PrincipalId"]) + { + $body["principalId"] = $PSBoundParameters["PrincipalId"] + } + if($null -ne $PSBoundParameters["ResourceId"]) + { + $body["resourceId"] = $PSBoundParameters["ResourceId"] + } + if($null -ne $PSBoundParameters["Scope"]) + { + $body["scope"] = $PSBoundParameters["Scope"] + } + if($null -ne $PSBoundParameters["ExpiryTime"]) + { + $body["expiryTime"] = $PSBoundParameters["ExpiryTime"] + } + if($null -ne $PSBoundParameters["StartTime"]) + { + $body["startTime"] = $PSBoundParameters["StartTime"] + } + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + if($response){ + $response = $response | ConvertTo-Json | ConvertFrom-Json + $response | ForEach-Object { + if ($null -ne $_) { + $userData = [Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphOAuth2PermissionGrant]::new() + $_.PSObject.Properties | ForEach-Object { + $userData | Add-Member -MemberType NoteProperty -Name $_.Name -Value $_.Value -Force + } + } + } + $userData + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantConditionSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..8b959f2a1b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantConditionSet.ps1 @@ -0,0 +1,146 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ClientApplicationsFromVerifiedPublisherOnly, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationPublisherIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationIds, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Permissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionClassification, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationTenantIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResourceApplication + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["PermissionType"]) + { + $params["PermissionType"] = $PSBoundParameters["PermissionType"] + } + if($null -ne $PSBoundParameters["PermissionClassification"]) + { + $params["PermissionClassification"] = $PSBoundParameters["PermissionClassification"] + } + if($null -ne $PSBoundParameters["ResourceApplication"]) + { + $params["ResourceApplication"] = $PSBoundParameters["ResourceApplication"] + } + if($null -ne $PSBoundParameters["Permissions"]) + { + $params["Permissions"] = $PSBoundParameters["Permissions"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ClientApplicationTenantIds"]) + { + $params["ClientApplicationTenantIds"] = $PSBoundParameters["ClientApplicationTenantIds"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"]) + { + $params["ClientApplicationsFromVerifiedPublisherOnly"] = $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"] + } + if($null -ne $PSBoundParameters["ClientApplicationPublisherIds"]) + { + $params["ClientApplicationPublisherIds"] = $PSBoundParameters["ClientApplicationPublisherIds"] + } + if($null -ne $PSBoundParameters["ClientApplicationIds"]) + { + $params["ClientApplicationIds"] = $PSBoundParameters["ClientApplicationIds"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + if("$conditionalSet" -eq "includes"){ + $response = New-MgBetaPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = New-MgBetaPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..e371b2d5f1 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPermissionGrantPolicy.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPolicy.ps1 new file mode 100644 index 0000000000..3baa7427b6 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaPolicy.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsOrganizationDefault, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Collections.Generic.List`1[System.String]] $Definition, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Type, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AlternativeIdentifier + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Type"] = $Type + $respType = $null + + if($params.type -eq "activityBasedTimeoutPolicy" ) { + $params.type = "activityBasedTimeoutPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphActivityBasedTimeoutPolicy + } + elseif ($params.type -eq "appManagementPolicy") { + $params.type = "appManagementPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAppManagementPolicy + } + elseif ($params.type -eq "claimsMappingPolicies") { + $params.type = "claimsMappingPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphClaimsMappingPolicy + } + elseif ($params.type -eq "featureRolloutPolicy") { + $params.type = "featureRolloutPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy + } + elseif ($params.type -eq "HomeRealmDiscoveryPolicy") { + $params.type = "homeRealmDiscoveryPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphHomeRealmDiscoveryPolicy + } + elseif ($params.type -eq "tokenIssuancePolicy") { + $params.type = "tokenIssuancePolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenIssuancePolicy + } + elseif ($params.type -eq "tokenLifetimePolicy") { + $params.type = "tokenLifetimePolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphTokenLifetimePolicy + } + elseif ($params.type -eq "permissionGrantPolicy") { + $params.type = "permissionGrantPolicies" + $respType = New-Object -TypeName Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPermissionGrantPolicy + } + + $params["Uri"] = "https://graph.microsoft.com/beta/policies/" + $params.type + $Definition =$PSBoundParameters["Definition"] + $DisplayName=$PSBoundParameters["DisplayName"] + $AlternativeIdentifier = $PSBoundParameters["AlternativeIdentifier"] + $KeyCredentials = $PSBoundParameters["KeyCredentials"] + $IsOrganizationDefault =$PSBoundParameters["IsOrganizationDefault"] + $params["Method"] = "POST" + + $body = @{ + Definition = $Definition + DisplayName = $DisplayName + IsOrganizationDefault = $IsOrganizationDefault + AlternativeIdentifier =$AlternativeIdentifier + KeyCredentials = $KeyCredentials + Type = $Type + } + $body = $body | ConvertTo-Json + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.uri -Method $params.method -Body $body | ConvertTo-Json | ConvertFrom-Json + + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $respType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + + } + + $respType + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustFrameworkPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustFrameworkPolicy.ps1 new file mode 100644 index 0000000000..513f06c6c0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustFrameworkPolicy.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaTrustFrameworkPolicy { + [CmdletBinding(DefaultParameterSetName = 'Content')] + param ( + + [Parameter(ParameterSetName = "Content", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Content, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Content")] + [Parameter(ParameterSetName = "File")] + [System.String] $OutputFilePath, + + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $InputFilePath + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + # Define a temporary file path + $tempFilePath = [System.IO.Path]::GetTempFileName() + + $outFile = $tempFilePath + + if($null -ne $PSBoundParameters["OutputFilePath"]){ + $outFile = $PSBoundParameters["OutputFilePath"] + } + + $Body = $PSBoundParameters["Content"] + + if($null -ne $PSBoundParameters["InputFilePath"]) { + $Body = Get-Content -Path $PSBoundParameters["InputFilePath"] + } + + $uri = '/beta/trustframework/policies' + + Invoke-GraphRequest -Headers $customHeaders -Method 'POST' -ContentType 'application/xml' -Uri $uri -Body $Body -OutputFilePath $outFile + + # Read the content from the temporary file + # Display the content if output file path not specified + if($null -eq $PSBoundParameters["OutputFilePath"]){ + $xmlContent = Get-Content -Path $tempFilePath + $xmlContent + } + + # Clean up the temporary file + Remove-Item -Path $tempFilePath -Force + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustedCertificateAuthority.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..4420243b7b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/New-EntraBetaTrustedCertificateAuthority.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/beta/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $newCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previousCerts = @() + Get-EntraBetaTrustedCertificateAuthority | ForEach-Object { + $previousCerts += $_ + if(($_.TrustedIssuer -eq $newCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $newCert.TrustedIssuerSki)){ + Throw [System.Management.Automation.PSArgumentException] "A certificate already exists on the server with associated trustedIssuer and trustedIssuerSki fields." + } + } + $previousCerts += $newCert + $body = @{ + certificateAuthorities = @() + } + $previousCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders + + $customObject = [PSCustomObject]@{ + "@odata.context" = $response["@odata.context"] + certificateAuthorities = @{ + AuthorityType = if ($response.certificateAuthorities.isRootAuthority) { "RootAuthority" } else { "" } + CrlDistributionPoint = $response.certificateAuthorities.certificateRevocationListUrl + DeltaCrlDistributionPoint = $response.certificateAuthorities.deltaCertificateRevocationListUrl + TrustedCertificate = [Convert]::FromBase64String($response.certificateAuthorities.certificate) + TrustedIssuer = $response.certificateAuthorities.issuer + TrustedIssuerSki = $response.certificateAuthorities.issuerSki + } + Id = $response.id + } + $customObject = $customObject | ConvertTo-Json -depth 5 | ConvertFrom-Json + $certificateList = @() + + foreach ($certAuthority in $customObject) { + $certificateType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $certAuthority.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + Add-Member -InputObject $certificateType -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..aa4ccc41ba --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..8215c28a39 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["FeatureRolloutPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaPolicyFeatureRolloutPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 new file mode 100644 index 0000000000..0699a6fa4c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaFeatureRolloutPolicyDirectoryObject { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["DirectoryObjectId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["FeatureRolloutPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaIdentityProvider.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaIdentityProvider.ps1 new file mode 100644 index 0000000000..15e01cd87f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaIdentityProvider.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaIdentityProvider { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaNamedLocationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..afdaaf0ce9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaNamedLocationPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..5ea39f3f61 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["OAuth2PermissionGrantId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..8ffdf83107 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + + if("$conditionalSet" -eq "includes"){ + $response = Remove-MgBetaPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Remove-MgBetaPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..ff398d5175 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPolicy.ps1 new file mode 100644 index 0000000000..976c656265 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaPolicy.ps1 @@ -0,0 +1,40 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $array = ("activityBasedTimeoutPolicies", "defaultAppManagementPolicy", "appManagementPolicies", "authenticationFlowsPolicy", "authenticationMethodsPolicy", "claimsMappingPolicies", "featureRolloutPolicies", "homeRealmDiscoveryPolicies", "permissionGrantPolicies", "tokenIssuancePolicies", "tokenLifetimePolicies") + + foreach ($a in $array) { + $uri = "https://graph.microsoft.com/beta/policies/" + $a + "/" + $id + try { + $response = Invoke-GraphRequest -Uri $uri -Method GET + break + } + catch {} + } + $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + + $type = $Matches[1] + if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $type )) { + $URI = "https://graph.microsoft.com/beta/policies/" + $type + "/" + $id + } + $Method = "DELETE" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.ps1 new file mode 100644 index 0000000000..579f170a1d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.ps1 @@ -0,0 +1,34 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaServicePrincipalPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["Id"]) { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PolicyId"]) { + $params["PolicyId"] = $PSBoundParameters["PolicyId"] + } + $Method = "DELETE" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $URI = 'https://graph.microsoft.com/beta/serviceprincipals/{0}/policies/{1}/$ref' -f $Id,$PolicyId + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.ps1 new file mode 100644 index 0000000000..136b4f8e3f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaTrustFrameworkPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["TrustFrameworkPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaTrustFrameworkPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..bbbe9b17a9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/beta/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $certNotFound = $true + $modifiedCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previousCerts = @() + Get-EntraBetaTrustedCertificateAuthority | ForEach-Object { + if(($_.TrustedIssuer -eq $modifiedCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $modifiedCert.TrustedIssuerSki)){ + $certNotFound = $false + } + else{ + $previousCerts += $_ + } + } + if($certNotFound){ + Throw [System.Management.Automation.PSArgumentException] "Provided certificate authority not found on the server. Please make sure you have provided the correct information in trustedIssuer and trustedIssuerSki fields." + } + $body = @{ + certificateAuthorities = @() + } + $previousCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $certificateList = @() + foreach ($data in $response) { + $certificateType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $certificateType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaAuthorizationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaAuthorizationPolicy.ps1 new file mode 100644 index 0000000000..1131ef155f --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaAuthorizationPolicy.ps1 @@ -0,0 +1,161 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaAuthorizationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $BlockMsolPowerShell, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $PermissionGrantPolicyIdsAssignedToDefaultUserRole, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowedToUseSSPR, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GuestUserRoleId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowEmailVerifiedUsersToJoinOrganization, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AllowedToSignUpEmailBasedSubscriptions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions] $DefaultUserRolePermissions, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $EnabledPreviewFeatures + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["BlockMsolPowerShell"]) + { + $params["BlockMsolPowerShell"] = $PSBoundParameters["BlockMsolPowerShell"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["PermissionGrantPolicyIdsAssignedToDefaultUserRole"]) + { + $params["PermissionGrantPolicyIdsAssignedToDefaultUserRole"] = $PSBoundParameters["PermissionGrantPolicyIdsAssignedToDefaultUserRole"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["AllowedToUseSSPR"]) + { + $params["AllowedToUseSSPR"] = $PSBoundParameters["AllowedToUseSSPR"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["GuestUserRoleId"]) + { + $params["GuestUserRoleId"] = $PSBoundParameters["GuestUserRoleId"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AllowEmailVerifiedUsersToJoinOrganization"]) + { + $params["AllowEmailVerifiedUsersToJoinOrganization"] = $PSBoundParameters["AllowEmailVerifiedUsersToJoinOrganization"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["AllowedToSignUpEmailBasedSubscriptions"]) + { + $params["AllowedToSignUpEmailBasedSubscriptions"] = $PSBoundParameters["AllowedToSignUpEmailBasedSubscriptions"] + } + if($null -ne $PSBoundParameters["DefaultUserRolePermissions"]) + { + $TmpValue = $PSBoundParameters["DefaultUserRolePermissions"] + $hash = @{} + $hash["AllowedToCreateApps"] = $TmpValue.AllowedToCreateApps + $hash["AllowedToCreateSecurityGroups"] = $TmpValue.AllowedToCreateSecurityGroups + $hash["AllowedToReadOtherUsers"] = $TmpValue.AllowedToReadOtherUsers + + $Value = $hash + $params["DefaultUserRolePermissions"] = $Value + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AuthorizationPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["EnabledPreviewFeatures"]) + { + $params["EnabledPreviewFeatures"] = $PSBoundParameters["EnabledPreviewFeatures"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaPolicyAuthorizationPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaConditionalAccessPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaConditionalAccessPolicy.ps1 new file mode 100644 index 0000000000..ae8d81e7e9 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaConditionalAccessPolicy.ps1 @@ -0,0 +1,211 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaConditionalAccessPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls] $GrantControls, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls] $SessionControls, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet] $Conditions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ModifiedDateTime, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreatedDateTime + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if($null -ne $PSBoundParameters["GrantControls"]) + { + $TmpValue = $PSBoundParameters["GrantControls"] + $hash = @{} + if($TmpValue._Operator) { $hash["Operator"] = $TmpValue._Operator } + if($TmpValue.BuiltInControls) { $hash["BuiltInControls"] = $TmpValue.BuiltInControls } + if($TmpValue.CustomAuthenticationFactors) { $hash["CustomAuthenticationFactors"] = $TmpValue.CustomAuthenticationFactors } + if($TmpValue.TermsOfUse) { $hash["TermsOfUse"] = $TmpValue.TermsOfUse } + $Value = $hash + $params["GrantControls"] = $Value + } + if ($null -ne $PSBoundParameters["PolicyId"]) + { + $params["ConditionalAccessPolicyId"] = $PSBoundParameters["PolicyId"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["SessionControls"]) + { + $TmpValue = $PSBoundParameters["SessionControls"] + if($TmpValue.ApplicationEnforcedRestrictions){ + $ApplicationEnforcedRestrictions = @{} + $ApplicationEnforcedRestrictions["IsEnabled"] = $TmpValue.ApplicationEnforcedRestrictions.IsEnabled + } + if($TmpValue.CloudAppSecurity){ + $CloudAppSecurity = @{} + $CloudAppSecurity["IsEnabled"] = $TmpValue.CloudAppSecurity.IsEnabled + $CloudAppSecurity["CloudAppSecurityType"] = $TmpValue.CloudAppSecurity.CloudAppSecurityType + } + if($TmpValue.PersistentBrowser){ + $PersistentBrowser = @{} + $PersistentBrowser["IsEnabled"] = $TmpValue.PersistentBrowser.IsEnabled + $PersistentBrowser["Mode"] = $TmpValue.PersistentBrowser.Mode + } + if($TmpValue.SignInFrequency){ + $SignInFrequency = @{} + $SignInFrequency["IsEnabled"] = $TmpValue.SignInFrequency.IsEnabled + $SignInFrequency["Type"] = $TmpValue.SignInFrequency.Type + $SignInFrequency["Value"] = $TmpValue.SignInFrequency.Value + } + + $hash = @{} + if($TmpValue.ApplicationEnforcedRestrictions) { $hash["ApplicationEnforcedRestrictions"] = $ApplicationEnforcedRestrictions } + if($TmpValue.CloudAppSecurity) { $hash["CloudAppSecurity"] = $CloudAppSecurity } + if($TmpValue.SignInFrequency) { $hash["SignInFrequency"] = $SignInFrequency } + if($TmpValue.PersistentBrowser) { $hash["PersistentBrowser"] = $PersistentBrowser } + $Value = $hash + $params["SessionControls"] = $Value + } + if($null -ne $PSBoundParameters["Conditions"]) + { + $TmpValue = $PSBoundParameters["Conditions"] + if($TmpValue.Applications){ + $Applications=@{} + $Applications["IncludeApplications"] = $TmpValue.Applications.IncludeApplications + $Applications["ExcludeApplications"] = $TmpValue.Applications.ExcludeApplications + $Applications["IncludeUserActions"] = $TmpValue.Applications.IncludeUserActions + $Applications["IncludeProtectionLevels"] = $TmpValue.Applications.IncludeProtectionLevels + } + if($TmpValue.Locations){ + $Locations = @{} + $Locations["IncludeLocations"] = $TmpValue.Locations.IncludeLocations + $Locations["ExcludeLocations"] = $TmpValue.Locations.ExcludeLocations + } + if($TmpValue.Platforms){ + $Platforms = @{} + $Platforms["IncludePlatforms"] = $TmpValue.Platforms.IncludePlatforms + $Platforms["ExcludePlatforms"] = $TmpValue.Platforms.ExcludePlatforms + } + if($TmpValue.Users){ + $Users = @{} + $Users["IncludeUsers"] = $TmpValue.Users.IncludeUsers + $Users["ExcludeUsers"] = $TmpValue.Users.ExcludeUsers + $Users["IncludeGroups"] = $TmpValue.Users.IncludeGroups + $Users["ExcludeGroups"] = $TmpValue.Users.ExcludeGroups + $Users["IncludeRoles"] = $TmpValue.Users.IncludeRoles + $Users["ExcludeRoles"] = $TmpValue.Users.ExcludeRoles + } + + $hash = @{} + if($TmpValue.Applications) {$hash["Applications"] = $Applications } + if($TmpValue.ClientAppTypes) { $hash["ClientAppTypes"] = $TmpValue.ClientAppTypes } + if($TmpValue.Locations) { $hash["Locations"] = $Locations } + if($TmpValue.Platforms) { $hash["Platforms"] = $Platforms } + if($TmpValue.SignInRiskLevels) { $hash["SignInRiskLevels"] = $TmpValue.SignInRiskLevels } + if($TmpValue.Users) { $hash["Users"] = $Users } + $Value = $hash + $params["Conditions"] = $Value + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ModifiedDateTime"]) + { + $params["ModifiedDateTime"] = $PSBoundParameters["ModifiedDateTime"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["CreatedDateTime"]) + { + $params["CreatedDateTime"] = $PSBoundParameters["CreatedDateTime"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaIdentityConditionalAccessPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..cddef236eb --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject]] $AppliesTo, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[Microsoft.Open.MSGraph.Model.MsFeatureRolloutPolicy+FeatureEnum]] $Feature, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsAppliedToOrganization + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["AppliesTo"]) + { + $params["AppliesTo"] = $PSBoundParameters["AppliesTo"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["IsEnabled"]) + { + $params["IsEnabled"] = $PSBoundParameters["IsEnabled"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["FeatureRolloutPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["Feature"]) + { + $params["Feature"] = $PSBoundParameters["Feature"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["IsAppliedToOrganization"]) + { + $params["IsAppliedToOrganization"] = $PSBoundParameters["IsAppliedToOrganization"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaPolicyFeatureRolloutPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaIdentityProvider.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaIdentityProvider.ps1 new file mode 100644 index 0000000000..779209f8fe --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaIdentityProvider.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaIdentityProvider { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Type, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ClientSecret, + [Alias('Id')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $IdentityProviderBaseId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ClientId, + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Name + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["IdentityProviderBaseId"]) + { + $params["IdentityProviderBaseId"] = $PSBoundParameters["IdentityProviderBaseId"] + } + if($null -ne $PSBoundParameters["Type"]) + { + $body["identityProviderType"] = $PSBoundParameters["Type"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Name"]) + { + $body["displayName"] = $PSBoundParameters["Name"] + } + if($null -ne $PSBoundParameters["ClientId"]) + { + $body["clientId"] = $PSBoundParameters["ClientId"] + } + if($null -ne $PSBoundParameters["ClientSecret"]) + { + $body["clientSecret"] = $PSBoundParameters["ClientSecret"] + } + $body["@odata.type"] = "#microsoft.graph.socialIdentityProvider" + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaIdentityProvider @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaNamedLocationPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaNamedLocationPolicy.ps1 new file mode 100644 index 0000000000..a88c81791e --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaNamedLocationPolicy.ps1 @@ -0,0 +1,135 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaNamedLocationPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange]] $IpRanges, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IncludeUnknownCountriesAndRegions, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsTrusted, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $OdataType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion]] $CountriesAndRegions + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $body = @{} + if($null -ne $PSBoundParameters["IncludeUnknownCountriesAndRegions"]) + { + $body["IncludeUnknownCountriesAndRegions"] = $PSBoundParameters["IncludeUnknownCountriesAndRegions"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $body["Id"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["NamedLocationId"] = $PSBoundParameters["PolicyId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["IsTrusted"]) + { + $body["IsTrusted"] = $PSBoundParameters["IsTrusted"] + } + if($null -ne $PSBoundParameters["OdataType"]) + { + $body["@odata.type"] = $PSBoundParameters["OdataType"] + } + if($null -ne $PSBoundParameters["CountriesAndRegions"]) + { + $body["CountriesAndRegions"] = $PSBoundParameters["CountriesAndRegions"] + } + if($null -ne $PSBoundParameters["IpRanges"]) + { + $Tmp = $PSBoundParameters["IpRanges"] + $hash =@() + foreach($i in $Tmp){ + $hash += @{cidrAddress=$i.CidrAddress} + } + $body["IpRanges"] = $hash + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $body["DisplayName"] = $PSBoundParameters["DisplayName"] + } + + $params["BodyParameter"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaIdentityConditionalAccessNamedLocation @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.ps1 new file mode 100644 index 0000000000..0aa7454203 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.ps1 @@ -0,0 +1,154 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPermissionGrantConditionSet { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ClientApplicationsFromVerifiedPublisherOnly, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationPublisherIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationIds, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $PolicyId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Permissions, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PermissionClassification, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ConditionSetType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $ClientApplicationTenantIds, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ResourceApplication, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ClientApplicationTenantIds"]) + { + $params["ClientApplicationTenantIds"] = $PSBoundParameters["ClientApplicationTenantIds"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"]) + { + $params["ClientApplicationsFromVerifiedPublisherOnly"] = $PSBoundParameters["ClientApplicationsFromVerifiedPublisherOnly"] + } + if($null -ne $PSBoundParameters["ClientApplicationPublisherIds"]) + { + $params["ClientApplicationPublisherIds"] = $PSBoundParameters["ClientApplicationPublisherIds"] + } + if($null -ne $PSBoundParameters["PermissionType"]) + { + $params["PermissionType"] = $PSBoundParameters["PermissionType"] + } + if($null -ne $PSBoundParameters["ConditionSetType"]) + { + $conditionalSet = $PSBoundParameters["ConditionSetType"] + } + if($null -ne $PSBoundParameters["Permissions"]) + { + $params["Permissions"] = $PSBoundParameters["Permissions"] + } + if($null -ne $PSBoundParameters["ClientApplicationIds"]) + { + $params["ClientApplicationIds"] = $PSBoundParameters["ClientApplicationIds"] + } + if($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantConditionSetId"] = $PSBoundParameters["Id"] + } + if($null -ne $PSBoundParameters["ResourceApplication"]) + { + $params["ResourceApplication"] = $PSBoundParameters["ResourceApplication"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["PermissionClassification"]) + { + $params["PermissionClassification"] = $PSBoundParameters["PermissionClassification"] + } + if($null -ne $PSBoundParameters["PolicyId"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["PolicyId"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + if("$conditionalSet" -eq "includes"){ + $response = Update-MgBetaPolicyPermissionGrantPolicyInclude @params -Headers $customHeaders + } + elseif("$conditionalSet" -eq "excludes"){ + $response = Update-MgBetaPolicyPermissionGrantPolicyExclude @params -Headers $customHeaders + } + else{ + Write-Error("Message: Resource not found for the segment '$conditionalSet'.") + return + } + + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantPolicy.ps1 new file mode 100644 index 0000000000..300246b961 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPermissionGrantPolicy.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPermissionGrantPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Description, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Description"]) + { + $params["Description"] = $PSBoundParameters["Description"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["PermissionGrantPolicyId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaPolicyPermissionGrantPolicy @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPolicy.ps1 new file mode 100644 index 0000000000..f3718ebc60 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaPolicy.ps1 @@ -0,0 +1,112 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsOrganizationDefault, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $Definition, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Type, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AlternativeIdentifier + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + $policyTypeMap = @{ + "ActivityBasedTimeoutPolicy" = "activityBasedTimeoutPolicies" + "ApplicationManagementPolicy" = "appManagementPolicies" + "DefaultAppManagementPolicy" = "defaultAppManagementPolicy" + "AuthenticationFlowsPolicy" = "authenticationFlowsPolicy" + "AuthenticationMethodsPolicy" = "authenticationMethodsPolicy" + "ClaimsMappingPolicy" = "claimsMappingPolicies" + "FeatureRolloutPolicy" = "featureRolloutPolicies" + "HomeRealmDiscoveryPolicy" = "homeRealmDiscoveryPolicies" + "PermissionGrantPolicy" = "permissionGrantPolicies" + "TokenIssuancePolicy" = "tokenIssuancePolicies" + "TokenLifetimePolicy" = "tokenLifetimePolicies" + } + + $policyTypes = $policyTypeMap.Values + + if ($null -ne $PSBoundParameters["type"]) { + $type = if ($policyTypeMap.ContainsKey($type)) { $policyTypeMap[$type] } else { + Write-Error "Set-EntraBetADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + return; + } + } else { + $type = $null + } + + if(!$type) { + foreach ($pType in $policyTypes) { + $uri = "https://graph.microsoft.com/beta/policies/" + $pType + "/" + $id + try { + $response = Invoke-GraphRequest -Uri $uri -Method GET + break + } + catch {} + } + $policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + $type = $Matches[1] + } + + if($policyTypes -notcontains $type) { + Write-Error "Set-EntraBetADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + } + else { + if ($null -ne $PSBoundParameters["Definition"]) { + $params["Definition"] = $PSBoundParameters["Definition"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["Definition"]) { + $params["Definition"] = $PSBoundParameters["Definition"] + } + if ($null -ne $PSBoundParameters["IsOrganizationDefault"]) { + $params["IsOrganizationDefault"] = $PSBoundParameters["IsOrganizationDefault"] + } + if (($null -ne $PSBoundParameters["id"]) -and ($null -ne $type )) { + $URI = "https://graph.microsoft.com/beta/policies/" + $type + "/" + $id + } + if ($null -ne $PSBoundParameters["IsOrganizationDefault"]) { + $params["IsOrganizationDefault"] = $PSBoundParameters["IsOrganizationDefault"] + } + $Method = "PATCH" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $body = $params | ConvertTo-Json + Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Body $body -Method $Method + } + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.ps1 new file mode 100644 index 0000000000..40c3f0ef23 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaTrustFrameworkPolicy { + [CmdletBinding(DefaultParameterSetName = 'Content')] + param ( + + [Parameter(ParameterSetName = "Content", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Content, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Content")] + [Parameter(ParameterSetName = "File")] + [System.String] $OutputFilePath, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Content")] + [Parameter(ParameterSetName = "File")] + [System.String] $Id, + + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $InputFilePath + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + # Define a temporary file path + $tempFilePath = [System.IO.Path]::GetTempFileName() + + $outFile = $tempFilePath + + if($null -ne $PSBoundParameters["OutputFilePath"]){ + $outFile = $PSBoundParameters["OutputFilePath"] + } + + $Body = $PSBoundParameters["Content"] + + if($null -ne $PSBoundParameters["InputFilePath"]) { + $Body = Get-Content -Path $PSBoundParameters["InputFilePath"] + } + + $Id = $PSBoundParameters["Id"] + + $V = '$value' + $uri = '/beta/trustframework/policies/'+$Id+'/'+$V + + Invoke-GraphRequest -Headers $customHeaders -Method 'PUT' -ContentType 'application/xml' -Uri $uri -Body $Body -OutputFilePath $outFile + + # Read the content from the temporary file + # Display the content if output file path not specified + if($null -eq $PSBoundParameters["OutputFilePath"]){ + $xmlContent = Get-Content -Path $tempFilePath + $xmlContent + } + + # Clean up the temporary file + Remove-Item -Path $tempFilePath -Force + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.ps1 new file mode 100644 index 0000000000..fb607806ca --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaTrustedCertificateAuthority { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation] $CertificateAuthorityInformation + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $tenantId = (Get-MgContext).TenantId + $params["Uri"] = "/beta/organization/$tenantId/certificateBasedAuthConfiguration" + $params["Method"] = "POST" + $certNotFound = $true + $modifiedCert = $PSBoundParameters["CertificateAuthorityInformation"] + $previusCerts = @() + Get-EntraBetaTrustedCertificateAuthority | ForEach-Object { + if(($_.TrustedIssuer -eq $modifiedCert.TrustedIssuer) -and ($_.TrustedIssuerSki -eq $modifiedCert.TrustedIssuerSki)){ + $previusCerts += $modifiedCert + $certNotFound = $false + } + else{ + $previusCerts += $_ + } + } + if($certNotFound){ + Throw [System.Management.Automation.PSArgumentException] "Provided certificate authority not found on the server. Please make sure you have provided the correct information in trustedIssuer and trustedIssuerSki fields." + } + $body = @{ + certificateAuthorities = @() + } + $previusCerts | ForEach-Object { + $isRoot = $false + if("RootAuthority" -eq $_.AuthorityType){ + $isRoot = $true + } + $cert = @{ + isRootAuthority = $isRoot + certificateRevocationListUrl = $_.CrlDistributionPoint + deltaCertificateRevocationListUrl = $_.DeltaCrlDistributionPoint + certificate = [convert]::tobase64string($_.TrustedCertificate) + } + $body.certificateAuthorities += $cert + } + $params["Body"] = ConvertTo-Json $body + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders + + $customObject = [PSCustomObject]@{ + "@odata.context" = $response["@odata.context"] + certificateAuthorities = @{ + AuthorityType = if ($response.certificateAuthorities.isRootAuthority) { "RootAuthority" } else { "" } + CrlDistributionPoint = $response.certificateAuthorities.certificateRevocationListUrl + DeltaCrlDistributionPoint = $response.certificateAuthorities.deltaCertificateRevocationListUrl + TrustedCertificate = [Convert]::FromBase64String($response.certificateAuthorities.certificate) + TrustedIssuer = $response.certificateAuthorities.issuer + TrustedIssuerSki = $response.certificateAuthorities.issuerSki + } + Id = $response.id + } + $customObject = $customObject | ConvertTo-Json -depth 5 | ConvertFrom-Json + $certificateList = @() + + foreach ($certAuthority in $customObject) { + $certificateType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphCertificateBasedAuthConfiguration + $certAuthority.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + Add-Member -InputObject $certificateType -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $certificateList += $certificateType + } + $certificateList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaOauth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaOauth2PermissionGrant.ps1 new file mode 100644 index 0000000000..2344751170 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaOauth2PermissionGrant.ps1 @@ -0,0 +1,41 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraBetaOauth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("Id")] + [System.String] $OAuth2PermissionGrantId, + + [Parameter(Mandatory = $false)] + [System.String] $Scope + ) + + PROCESS { + $params = @{} + $body = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params["Uri"] = "https://graph.microsoft.com/beta/oauth2PermissionGrants/" + $params["Method"] = "PATCH" + + if ($null -ne $PSBoundParameters["OAuth2PermissionGrantId"]) { + $params["Uri"] += $OAuth2PermissionGrantId + } + + if ($null -ne $PSBoundParameters["Scope"]) { + $body["scope"] = $PSBoundParameters["Scope"] + } + + $params["Body"] = $body + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $response + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.ps1 new file mode 100644 index 0000000000..625ec8b8a5 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraBetaUserAuthenticationRequirement { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Enter the User ID (ObjectId or UserPrincipalName) of the user whose authentication requirements you want to update.")] + [Alias("ObjectId")] + [System.String] $UserId, + + [Parameter(Mandatory = $true, HelpMessage = "Specify the per-user MFA state. Valid values are 'enabled', 'disabled', or 'enforced'.")] + [ValidateSet("enabled", "disabled", "enforced")] + [System.String] $PerUserMfaState + ) + + PROCESS { + try { + # Initialize headers and URI + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserId"]) { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["CurrentPassword"]) { + $params["PerUserMfaState"] = $PSBoundParameters["PerUserMfaState"] + } + + $params["Url"] = "https://graph.microsoft.com/beta/users/$UserId/authentication/requirements" + # Create the body for the PATCH request + $body = @{ + perUserMfaState = $PerUserMfaState + } | ConvertTo-Json -Depth 10 + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + # Make the API call + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.Url -Method PATCH -Body $body + + # Return the response + return $response + + + } + catch { + Write-Error "An error occurred while updating user authentication requirements: $_" + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUser.ps1 new file mode 100644 index 0000000000..269da30da2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUser.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUser { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias("ObjectId")] + [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $upnPresent = $false + $baseUri = 'https://graph.microsoft.com/beta/users' + $properties = $null + $params["Method"] = "GET" + $params["Uri"] = "$baseUri" + $query = $null + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $query = "$properties" + } + + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + if ($topCount -gt 999) { + $query += "&`$top=999" + } + else{ + $query += "&`$top=$topCount" + } + } + + if($null -ne $PSBoundParameters["SearchString"]) + { + $TmpValue = $PSBoundParameters["SearchString"] + $SearchString = "`$search=`"userprincipalname:$TmpValue`" OR `"state:$TmpValue`" OR `"mailNickName:$TmpValue`" OR `"mail:$TmpValue`" OR `"jobTitle:$TmpValue`" OR `"displayName:$TmpValue`" OR `"department:$TmpValue`" OR `"country:$TmpValue`" OR `"city:$TmpValue`"" + $query += "&$SearchString" + $customHeaders['ConsistencyLevel'] = 'eventual' + } + if($null -ne $PSBoundParameters["UserId"]) + { + $UserId = $PSBoundParameters["UserId"] + if ($UserId -match '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'){ + $f = '$' + 'Filter' + $Filter = "UserPrincipalName eq '$UserId'" + $query += "&$f=$Filter" + $upnPresent = $true + } + else{ + $params["Uri"] = "$baseUri/$($UserId)" + } + } + if($null -ne $PSBoundParameters["Filter"]) + { + $Filter = $PSBoundParameters["Filter"] + $f = '$' + 'Filter' + $query += "&$f=$Filter" + } + + if($null -ne $query) + { + $query = "?" + $query.TrimStart("&") + $params["Uri"] += $query + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + if ($upnPresent -and ($null -eq $response.value -or $response.value.Count -eq 0)){ + Write-Error "Resource '$UserId' does not exist or one of its queried reference-property objects are not present. + +Status: 404 (NotFound) +ErrorCode: Request_ResourceNotFound" + } + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params["Uri"] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params["Uri"] = $params["Uri"].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch {} + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + } + } + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphUser + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..cacccd6f66 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserAppRoleAssignment.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserCreatedObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserCreatedObject.ps1 new file mode 100644 index 0000000000..c6407d6e57 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserCreatedObject.ps1 @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserCreatedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserCreatedObject @params -Headers $customHeaders + $properties = @{ + ObjectId = "Id" + DeletionTimestamp = "deletedDateTime" + AppOwnerTenantId = "appOwnerOrganizationId" + } + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + foreach ($prop in $properties.GetEnumerator()) { + $propertyName = $prop.Name + $propertyValue = $prop.Value + if ($_.PSObject.Properties.Match($propertyName)) { + $_ | Add-Member -MemberType AliasProperty -Name $propertyName -Value $propertyValue + } + } + $propsToConvert = @('keyCredentials','passwordCredentials','requiredResourceAccess') + foreach ($prop in $propsToConvert) { + try { + if($_.PSObject.Properties.Match($prop)) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + catch {} + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserDirectReport.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserDirectReport.ps1 new file mode 100644 index 0000000000..e46289fd78 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserDirectReport.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserDirectReport { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $topCount = $null + $baseUri = 'https://graph.microsoft.com/beta/users' + $properties = '$select=*' + $Method = "GET" + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + $URI = "$baseUri/$($params.UserId)/directReports?$properties" + } + + if($null -ne $PSBoundParameters["All"]) + { + $URI = "$baseUri/$($params.UserId)/directReports?$properties" + } + if($PSBoundParameters.ContainsKey("Top")) + { + $topCount = $PSBoundParameters["Top"] + $URI = "$baseUri/$($params.UserId)/directReports?`$top=$topCount&$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserExtension.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserExtension.ps1 new file mode 100644 index 0000000000..c31b568679 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserExtension.ps1 @@ -0,0 +1,43 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias("ObjectId")] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "https://graph.microsoft.com/beta/users/$UserId" + $properties = '$select=Identities,OnPremisesDistinguishedName,EmployeeId,CreatedDateTime' + $params["Uri"] = "$baseUri/?$properties" + + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $params["Uri"] = "$baseUri/?$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $data = Invoke-GraphRequest -Uri $($params.Uri) -Method GET -Headers $customHeaders | Convertto-json | convertfrom-json + $data | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name userIdentities -Value identities + } + } + $data + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserLicenseDetail.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserLicenseDetail.ps1 new file mode 100644 index 0000000000..bcf5a187b7 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserLicenseDetail.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserLicenseDetail { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserLicenseDetail @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserManager.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserManager.ps1 new file mode 100644 index 0000000000..df686c55e7 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserManager.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [ALias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Get-MgBetaUserManager @params -Headers $customHeaders -ErrorAction Stop + try { + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $targetList = @() + foreach ($res in $data) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + } + catch {} + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserMembership.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserMembership.ps1 new file mode 100644 index 0000000000..91220a2cbf --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserMembership.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserMembership { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserMemberOf @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.ps1 new file mode 100644 index 0000000000..3f671ea6f2 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserOAuth2PermissionGrant { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserOAuth2PermissionGrant @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedDevice.ps1 new file mode 100644 index 0000000000..b21e3da098 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedDevice.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserOwnedDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserOwnedDevice @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('AdditionalProperties') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedObject.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedObject.ps1 new file mode 100644 index 0000000000..7dac4cb34c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserOwnedObject.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserOwnedObject { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $Method = "GET" + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserId"]) { + $params["UserId"] = $PSBoundParameters["UserId"] + } + + $URI = "/beta/users/$($params.UserId)/ownedObjects/?" + + if ($PSBoundParameters.ContainsKey("Top")) + { + $URI += "&`$top=$Top" + } + + if($null -ne $PSBoundParameters["Property"]) + { + $selectProperties = $PSBoundParameters["Property"] + $selectProperties = $selectProperties -Join ',' + $properties = "`$select=$($selectProperties)" + $URI += "&$properties" + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + $targetList = @() + foreach ($res in $response) { + $targetType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphDirectoryObject + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0,1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $targetType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetList += $targetType + } + $targetList + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserRegisteredDevice.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserRegisteredDevice.ps1 new file mode 100644 index 0000000000..6099ad0810 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserRegisteredDevice.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserRegisteredDevice { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if($null -ne $PSBoundParameters["All"]) + { + if($PSBoundParameters["All"]) + { + $params["All"] = $PSBoundParameters["All"] + } + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Top")) + { + $params["Top"] = $PSBoundParameters["Top"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserRegisteredDevice @params -Headers $customHeaders + $response | ForEach-Object { + if ($null -ne $_) { + $propsToConvert = @('AdditionalProperties') + foreach ($prop in $propsToConvert) { + $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force + } + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserThumbnailPhoto.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserThumbnailPhoto.ps1 new file mode 100644 index 0000000000..42dcd1067d --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Get-EntraBetaUserThumbnailPhoto.ps1 @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraBetaUserThumbnailPhoto { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $View, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FileName, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["View"]) + { + $params["View"] = $PSBoundParameters["View"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["FilePath"]) + { + $params["FilePath"] = $PSBoundParameters["FilePath"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["FileName"]) + { + $params["FileName"] = $PSBoundParameters["FileName"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["Property"]) + { + $params["Property"] = $PSBoundParameters["Property"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Get-MgBetaUserPhoto @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..a9731d8029 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Entra.Beta.Users | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUser.ps1 new file mode 100644 index 0000000000..37602be023 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUser.ps1 @@ -0,0 +1,288 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaUser { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CompanyName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PostalCode, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GivenName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $FacsimileTelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [Microsoft.Open.AzureAD.Model.PasswordProfile] $PasswordProfile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $StreetAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PasswordPolicies, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PhysicalDeliveryOfficeName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserStateChangedOn, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $City, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreationType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ImmutableId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ConsentProvidedForMinor, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ShowInAddressList, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Department, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]] $SignInNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UsageLocation, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredLanguage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OtherMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionProperty, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Surname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $JobTitle, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserPrincipalName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Mobile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AgeGroup, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Country, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompromised + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["PostalCode"]) + { + $params["PostalCode"] = $PSBoundParameters["PostalCode"] + } + if($null -ne $PSBoundParameters["MailNickName"]) + { + $params["MailNickName"] = $PSBoundParameters["MailNickName"] + } + if($null -ne $PSBoundParameters["ShowInAddressList"]) + { + $params["ShowInAddressList"] = $PSBoundParameters["ShowInAddressList"] + } + if($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if($null -ne $PSBoundParameters["Mobile"]) + { + $params["MobilePhone"] = $PSBoundParameters["Mobile"] + } + if($null -ne $PSBoundParameters["JobTitle"]) + { + $params["JobTitle"] = $PSBoundParameters["JobTitle"] + } + if($null -ne $PSBoundParameters["ConsentProvidedForMinor"]) + { + $params["ConsentProvidedForMinor"] = $PSBoundParameters["ConsentProvidedForMinor"] + } + if($null -ne $PSBoundParameters["PhysicalDeliveryOfficeName"]) + { + $params["PhysicalDeliveryOfficeName"] = $PSBoundParameters["PhysicalDeliveryOfficeName"] + } + if($null -ne $PSBoundParameters["OtherMails"]) + { + $params["OtherMails"] = $PSBoundParameters["OtherMails"] + } + if($null -ne $PSBoundParameters["PasswordPolicies"]) + { + $params["PasswordPolicies"] = $PSBoundParameters["PasswordPolicies"] + } + if($null -ne $PSBoundParameters["IsCompromised"]) + { + $params["IsCompromised"] = $PSBoundParameters["IsCompromised"] + } + if($null -ne $PSBoundParameters["SignInNames"]) + { + $params["Identities"] = $PSBoundParameters["SignInNames"] + } + if($null -ne $PSBoundParameters["PreferredLanguage"]) + { + $params["PreferredLanguage"] = $PSBoundParameters["PreferredLanguage"] + } + if($null -ne $PSBoundParameters["UserState"]) + { + $params["ExternalUserState"] = $PSBoundParameters["UserState"] + } + if($null -ne $PSBoundParameters["ImmutableId"]) + { + $params["OnPremisesImmutableId"] = $PSBoundParameters["ImmutableId"] + } + if($null -ne $PSBoundParameters["City"]) + { + $params["City"] = $PSBoundParameters["City"] + } + if($null -ne $PSBoundParameters["AgeGroup"]) + { + $params["AgeGroup"] = $PSBoundParameters["AgeGroup"] + } + if($null -ne $PSBoundParameters["ExtensionProperty"]) + { + $params["ExtensionProperty"] = $PSBoundParameters["ExtensionProperty"] + } + if($null -ne $PSBoundParameters["UsageLocation"]) + { + $params["UsageLocation"] = $PSBoundParameters["UsageLocation"] + } + if($null -ne $PSBoundParameters["UserStateChangedOn"]) + { + $params["ExternalUserStateChangeDateTime"] = $PSBoundParameters["UserStateChangedOn"] + } + if($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if($null -ne $PSBoundParameters["Country"]) + { + $params["Country"] = $PSBoundParameters["Country"] + } + if($null -ne $PSBoundParameters["UserPrincipalName"]) + { + $params["UserPrincipalName"] = $PSBoundParameters["UserPrincipalName"] + } + if($null -ne $PSBoundParameters["GivenName"]) + { + $params["GivenName"] = $PSBoundParameters["GivenName"] + } + if($null -ne $PSBoundParameters["PasswordProfile"]) + { + $TmpValue = $PSBoundParameters["PasswordProfile"] + $Value = @{ + forceChangePasswordNextSignIn = $TmpValue.ForceChangePasswordNextLogin + forceChangePasswordNextSignInWithMfa = $TmpValue.EnforceChangePasswordPolicy + password = $TmpValue.Password + } + $params["passwordProfile"] = $Value + } + if($null -ne $PSBoundParameters["UserType"]) + { + $params["UserType"] = $PSBoundParameters["UserType"] + } + if($null -ne $PSBoundParameters["StreetAddress"]) + { + $params["StreetAddress"] = $PSBoundParameters["StreetAddress"] + } + if($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if($null -ne $PSBoundParameters["Department"]) + { + $params["Department"] = $PSBoundParameters["Department"] + } + if($null -ne $PSBoundParameters["CompanyName"]) + { + $params["CompanyName"] = $PSBoundParameters["CompanyName"] + } + if($null -ne $PSBoundParameters["FacsimileTelephoneNumber"]) + { + $params["FacsimileTelephoneNumber"] = $PSBoundParameters["FacsimileTelephoneNumber"] + } + if($null -ne $PSBoundParameters["Surname"]) + { + $params["Surname"] = $PSBoundParameters["Surname"] + } + if($null -ne $PSBoundParameters["TelephoneNumber"]) + { + $params["BusinessPhones"] = $PSBoundParameters["TelephoneNumber"] + } + if($null -ne $PSBoundParameters["CreationType"]) + { + $params["CreationType"] = $PSBoundParameters["CreationType"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $params = $params | ConvertTo-Json + $response = Invoke-GraphRequest -Headers $customHeaders -Uri 'https://graph.microsoft.com/v1.0/users?$select=*' -Method POST -Body $params + $response = $response | ConvertTo-Json | ConvertFrom-Json + $response | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserState -Value ExternalUserState + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserStateChangedOn -Value ExternalUserStateChangeDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name Mobile -Value mobilePhone + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name DirSyncEnabled -Value OnPremisesSyncEnabled + Add-Member -InputObject $_ -MemberType AliasProperty -Name ImmutableId -Value onPremisesImmutableId + Add-Member -InputObject $_ -MemberType AliasProperty -Name LastDirSyncTime -Value OnPremisesLastSyncDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name ProvisioningErrors -Value onPremisesProvisioningErrors + Add-Member -InputObject $_ -MemberType AliasProperty -Name TelephoneNumber -Value BusinessPhones + + $userData = [Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphUser]::new() + $_.PSObject.Properties | ForEach-Object { + $userData | Add-Member -MemberType NoteProperty -Name $_.Name -Value $_.Value -Force + } + } + } + $userData + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUserAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..c699c8f8bc --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/New-EntraBetaUserAppRoleAssignment.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $PrincipalId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters", Mandatory = $true)] + [System.String] $ResourceId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["AppRoleId"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["PrincipalId"]) + { + $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] + } + if ($null -ne $PSBoundParameters["ResourceId"]) + { + $params["ResourceId"] = $PSBoundParameters["ResourceId"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = New-MgBetaUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUser.ps1 new file mode 100644 index 0000000000..b334e16f27 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUser.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaUser { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaUser @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserAppRoleAssignment.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserAppRoleAssignment.ps1 new file mode 100644 index 0000000000..519708a501 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserAppRoleAssignment.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaUserAppRoleAssignment { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AppRoleAssignmentId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) + { + $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaUserAppRoleAssignment @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserExtension.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserExtension.ps1 new file mode 100644 index 0000000000..591eade001 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserExtension.ps1 @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionName, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionId, + + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Collections.Generic.List`1[System.String]] $ExtensionNames + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ExtensionName"]) + { + $params["ExtensionName"] = $PSBoundParameters["ExtensionName"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["ExtensionId"]) + { + $params["ExtensionId"] = $PSBoundParameters["ExtensionId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ExtensionNames"]) + { + $params["ExtensionNames"] = $PSBoundParameters["ExtensionNames"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaUserExtension @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserManager.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserManager.ps1 new file mode 100644 index 0000000000..71540dd5ae --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Remove-EntraBetaUserManager.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraBetaUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Remove-MgBetaUserManagerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUser.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUser.ps1 new file mode 100644 index 0000000000..afa8f9bc4c --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUser.ps1 @@ -0,0 +1,329 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUser { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CompanyName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PostalCode, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $State, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $GivenName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $FacsimileTelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [Microsoft.Open.AzureAD.Model.PasswordProfile] $PasswordProfile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $StreetAddress, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PasswordPolicies, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PhysicalDeliveryOfficeName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserStateChangedOn, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $City, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $CreationType, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ImmutableId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $ConsentProvidedForMinor, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $ShowInAddressList, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $AccountEnabled, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Department, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]] $SignInNames, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UsageLocation, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $PreferredLanguage, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $TelephoneNumber, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $DisplayName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.List`1[System.String]] $OtherMails, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserState, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionProperty, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Surname, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $JobTitle, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $UserPrincipalName, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Mobile, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $MailNickName, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $AgeGroup, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.String] $Country, + + [Parameter(ParameterSetName = "InvokeByDynamicParameters")] + [System.Nullable`1[System.Boolean]] $IsCompromised + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["CompanyName"]) + { + $params["CompanyName"] = $PSBoundParameters["CompanyName"] + } + if ($null -ne $PSBoundParameters["PostalCode"]) + { + $params["PostalCode"] = $PSBoundParameters["PostalCode"] + } + if ($null -ne $PSBoundParameters["State"]) + { + $params["State"] = $PSBoundParameters["State"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["GivenName"]) + { + $params["GivenName"] = $PSBoundParameters["GivenName"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["FacsimileTelephoneNumber"]) + { + $params["FacsimileTelephoneNumber"] = $PSBoundParameters["FacsimileTelephoneNumber"] + } + if($null -ne $PSBoundParameters["PasswordProfile"]) + { + $TmpValue = $PSBoundParameters["PasswordProfile"] + $Value = @{ + forceChangePasswordNextSignIn = $TmpValue.ForceChangePasswordNextLogin + forceChangePasswordNextSignInWithMfa = $TmpValue.EnforceChangePasswordPolicy + password = $TmpValue.Password + } + $params["PasswordProfile"] = $Value + } + if ($null -ne $PSBoundParameters["StreetAddress"]) + { + $params["StreetAddress"] = $PSBoundParameters["StreetAddress"] + } + if ($null -ne $PSBoundParameters["PasswordPolicies"]) + { + $params["PasswordPolicies"] = $PSBoundParameters["PasswordPolicies"] + } + if ($null -ne $PSBoundParameters["PhysicalDeliveryOfficeName"]) + { + $params["PhysicalDeliveryOfficeName"] = $PSBoundParameters["PhysicalDeliveryOfficeName"] + } + if ($null -ne $PSBoundParameters["UserType"]) + { + $params["UserType"] = $PSBoundParameters["UserType"] + } + if ($null -ne $PSBoundParameters["UserStateChangedOn"]) + { + $params["ExternalUserStateChangeDateTime"] = $PSBoundParameters["UserStateChangedOn"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["City"]) + { + $params["City"] = $PSBoundParameters["City"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["CreationType"]) + { + $params["CreationType"] = $PSBoundParameters["CreationType"] + } + if ($null -ne $PSBoundParameters["ImmutableId"]) + { + $params["OnPremisesImmutableId"] = $PSBoundParameters["ImmutableId"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ConsentProvidedForMinor"]) + { + $params["ConsentProvidedForMinor"] = $PSBoundParameters["ConsentProvidedForMinor"] + } + if ($null -ne $PSBoundParameters["ShowInAddressList"]) + { + $params["ShowInAddressList"] = $PSBoundParameters["ShowInAddressList"] + } + if ($null -ne $PSBoundParameters["AccountEnabled"]) + { + $params["AccountEnabled"] = $PSBoundParameters["AccountEnabled"] + } + if ($null -ne $PSBoundParameters["Department"]) + { + $params["Department"] = $PSBoundParameters["Department"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["SignInNames"]) + { + $params["Identities"] = $PSBoundParameters["SignInNames"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if ($null -ne $PSBoundParameters["UsageLocation"]) + { + $params["UsageLocation"] = $PSBoundParameters["UsageLocation"] + } + if ($null -ne $PSBoundParameters["PreferredLanguage"]) + { + $params["PreferredLanguage"] = $PSBoundParameters["PreferredLanguage"] + } + if ($null -ne $PSBoundParameters["TelephoneNumber"]) + { + $params["BusinessPhones"] = $PSBoundParameters["TelephoneNumber"] + } + if ($null -ne $PSBoundParameters["DisplayName"]) + { + $params["DisplayName"] = $PSBoundParameters["DisplayName"] + } + if ($null -ne $PSBoundParameters["OtherMails"]) + { + $params["OtherMails"] = $PSBoundParameters["OtherMails"] + } + if ($null -ne $PSBoundParameters["UserState"]) + { + $params["ExternalUserState"] = $PSBoundParameters["UserState"] + } + if ($null -ne $PSBoundParameters["ExtensionProperty"]) + { + $params["ExtensionProperty"] = $PSBoundParameters["ExtensionProperty"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["Surname"]) + { + $params["Surname"] = $PSBoundParameters["Surname"] + } + if ($null -ne $PSBoundParameters["JobTitle"]) + { + $params["JobTitle"] = $PSBoundParameters["JobTitle"] + } + if ($null -ne $PSBoundParameters["UserPrincipalName"]) + { + $params["UserPrincipalName"] = $PSBoundParameters["UserPrincipalName"] + } + if ($null -ne $PSBoundParameters["Mobile"]) + { + $params["MobilePhone"] = $PSBoundParameters["Mobile"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["MailNickName"]) + { + $params["MailNickName"] = $PSBoundParameters["MailNickName"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["AgeGroup"]) + { + $params["AgeGroup"] = $PSBoundParameters["AgeGroup"] + } + if ($null -ne $PSBoundParameters["Country"]) + { + $params["Country"] = $PSBoundParameters["Country"] + } + if ($null -ne $PSBoundParameters["IsCompromised"]) + { + $params["IsCompromised"] = $PSBoundParameters["IsCompromised"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaUser @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserExtension.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserExtension.ps1 new file mode 100644 index 0000000000..ebb8e61046 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserExtension.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUserExtension { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionName, + [Alias('ObjectId')] + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionValue, + + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionNameValues + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ExtensionName"]) + { + $params["ExtensionName"] = $PSBoundParameters["ExtensionName"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["Id"]) + { + $params["Id"] = $PSBoundParameters["Id"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ExtensionValue"]) + { + $params["ExtensionValue"] = $PSBoundParameters["ExtensionValue"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ExtensionNameValues"]) + { + $params["ExtensionNameValues"] = $PSBoundParameters["ExtensionNameValues"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaUserExtension @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserLicense.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserLicense.ps1 new file mode 100644 index 0000000000..b0362bff2b --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserLicense.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUserLicense { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Microsoft.Open.AzureAD.Model.AssignedLicenses] $AssignedLicenses, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["ObjectId"]) + { + $params["UserId"] = $PSBoundParameters["ObjectId"] + $UserId = $PSBoundParameters["ObjectId"] + } + $jsonBody = @{ + addLicenses = @(if ($PSBoundParameters.AssignedLicenses.AddLicenses) { + $PSBoundParameters.AssignedLicenses.AddLicenses | Select-Object @{Name='skuId'; Expression={$_.'skuId' -replace 's', 's'.ToLower()}} + } else { + @() + }) + removeLicenses = @(if ($PSBoundParameters.AssignedLicenses.RemoveLicenses) { + $PSBoundParameters.AssignedLicenses.RemoveLicenses + } else { + @() + }) + } | ConvertTo-Json + + $customHeaders['Content-Type'] = 'application/json' + + $graphApiEndpoint = "https://graph.microsoft.com/beta/users/$UserId/microsoft.graph.assignLicense" + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $graphApiEndpoint -Method Post -Body $jsonBody + + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserManager.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserManager.ps1 new file mode 100644 index 0000000000..079f656475 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserManager.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUserManager { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $RefObjectId, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["RefObjectId"]) + { + $TmpValue = $PSBoundParameters["RefObjectId"] + $Value = @{ "@odata.id" = "https://graph.microsoft.com/v1.0/users/$TmpValue"} + $params["BodyParameter"] = $Value + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgBetaUserManagerByRef @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserPassword.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserPassword.ps1 new file mode 100644 index 0000000000..f4c544cde0 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserPassword.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUserPassword { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $ForceChangePasswordNextLogin, + + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Boolean] $EnforceChangePasswordPolicy, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ObjectId, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $Password + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if($null -ne $PSBoundParameters["ObjectId"]) + { + $userId = $PSBoundParameters["ObjectId"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if($null -ne $PSBoundParameters["Password"]) + { + $Temp = $PSBoundParameters["Password"] + $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Temp) + $PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if($null -ne $PSBoundParameters["ForceChangePasswordNextLogin"]) + { + $ForceChangePasswordNextSignIn = $PSBoundParameters["ForceChangePasswordNextLogin"] + } + if($null -ne $PSBoundParameters["EnforceChangePasswordPolicy"]) + { + $EnforceChangePasswordPolicy = $PSBoundParameters["EnforceChangePasswordPolicy"] + } + + $PasswordProfile = @{} + if($null -ne $PSBoundParameters["ForceChangePasswordNextLogin"]) { $PasswordProfile["ForceChangePasswordNextSignIn"] = $ForceChangePasswordNextSignIn } + if($null -ne $PSBoundParameters["EnforceChangePasswordPolicy"]) { $PasswordProfile["ForceChangePasswordNextSignInWithMfa"] = $ForceChangePasswordNextSignInWithMfa } + if($null -ne $PSBoundParameters["Password"]) { $PasswordProfile["password"] = $PlainPassword } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgBetaUser -Headers $customHeaders -UserId $userId -PasswordProfile $PasswordProfile @params + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserThumbnailPhoto.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserThumbnailPhoto.ps1 new file mode 100644 index 0000000000..5421c0dd44 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Set-EntraBetaUserThumbnailPhoto.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraBetaUserThumbnailPhoto { + [CmdletBinding(DefaultParameterSetName = 'File')] + param ( + + [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $FilePath, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "Stream")] + [Parameter(ParameterSetName = "File")] + [Parameter(ParameterSetName = "ByteArray")] + [System.String] $UserId, + + [Parameter(ParameterSetName = "ByteArray", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Byte[]] $ImageByteArray, + + [Parameter(ParameterSetName = "Stream", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.IO.Stream] $FileStream + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["FilePath"]) + { + $params["InFile"] = $PSBoundParameters["FilePath"] + } + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($null -ne $PSBoundParameters["ImageByteArray"]) + { + $params["ImageByteArray"] = $PSBoundParameters["ImageByteArray"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["FileStream"]) + { + $params["FileStream"] = $PSBoundParameters["FileStream"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Set-MgBetaUserPhotoContent @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + + } + } + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaSignedInUserPassword.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaSignedInUserPassword.ps1 new file mode 100644 index 0000000000..a00c8292ee --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaSignedInUserPassword.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraBetaSignedInUserPassword { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $NewPassword, + + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Security.SecureString] $CurrentPassword + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if($null -ne $PSBoundParameters["NewPassword"]) + { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if($null -ne $PSBoundParameters["CurrentPassword"]) + { + $params["CurrentPassword"] = $PSBoundParameters["CurrentPassword"] + } + $currsecur = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($params.CurrentPassword) + $curr = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($currsecur) + + $newsecur = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($params.NewPassword) + $new = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($newsecur) + + $params["Url"] = "https://graph.microsoft.com/beta/me/changePassword" + $body = @{ + currentPassword = $curr + newPassword = $new + } + $body = $body | ConvertTo-Json + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("========================================================================= +") + + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $params.Url -Method POST -Body $body + $response + } +} + diff --git a/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaUserFromFederated.ps1 b/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaUserFromFederated.ps1 new file mode 100644 index 0000000000..a2c4544441 --- /dev/null +++ b/module/EntraBeta/Microsoft.Entra.Beta/Users/Update-EntraBetaUserFromFederated.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Update-EntraBetaUserFromFederated { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $UserPrincipalName = $PSBoundParameters.UserPrincipalName + $UserId = Get-MgBetaUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual + if ($null -ne $UserId) + { + $AuthenticationMethodId = Get-MgBetaUserAuthenticationMethod -UserId $UserId.Id + $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id + $params["UserId"] = $UserId.Id + } + } + if ($PSBoundParameters.ContainsKey("NewPassword")) { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $AuthenticationMethodId) + { + $response = Reset-MgBetaUserAuthenticationMethodPassword @params -Headers $customHeaders + } + $response + } +} + diff --git a/module/EntraBeta/UnMappedFiles/Enable-EntraAzureADAlias.ps1 b/module/EntraBeta/UnMappedFiles/Enable-EntraAzureADAlias.ps1 new file mode 100644 index 0000000000..fc9b79a38c --- /dev/null +++ b/module/EntraBeta/UnMappedFiles/Enable-EntraAzureADAlias.ps1 @@ -0,0 +1,308 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Enable-EntraAzureADAlias { + Set-Alias -Name Get-AzureADMSRoleAssignment -Value Get-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Add-AzureADMSFeatureRolloutPolicyDirectoryObject -Value Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Scope Global -Force + Set-Alias -Name Get-AzureADUserThumbnailPhoto -Value Get-EntraBetaUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name Set-AzureADTenantDetail -Value Set-EntraBetaTenantDetail -Scope Global -Force + Set-Alias -Name Remove-AzureADMSIdentityProvider -Value Remove-EntraBetaIdentityProvider -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantPolicy -Value Set-EntraBetaPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationSignInDetailedSummary -Value Get-EntraBetaApplicationSignInDetailedSummary -Scope Global -Force + Set-Alias -Name Set-AzureADDirectorySetting -Value Set-EntraBetaDirectorySetting -Scope Global -Force + Set-Alias -Name Remove-AzureADUserAppRoleAssignment -Value Remove-EntraBetaUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-AzureADMSCustomSecurityAttributeDefinition -Value New-EntraBetaCustomSecurityAttributeDefinition -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationKey -Value Remove-EntraBetaApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADApplication -Value Remove-EntraBetaApplication -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationOwner -Value Remove-EntraBetaApplicationOwner -Scope Global -Force + Set-Alias -Name New-AzureADApplicationKeyCredential -Value New-EntraBetaApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Remove-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Remove-EntraBetaServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRole -Value Get-EntraBetaDirectoryRole -Scope Global -Force + Set-Alias -Name Enable-AzureADDirectoryRole -Value Enable-EntraBetaDirectoryRole -Scope Global -Force + Set-Alias -Name New-AzureADGroupAppRoleAssignment -Value New-EntraBetaGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwner -Value Get-EntraBetaServicePrincipalOwner -Scope Global -Force + Set-Alias -Name New-AzureADMSGroup -Value New-EntraBetaGroup -Scope Global -Force + Set-Alias -Name Reset-AzureADMSLifeCycleGroup -Value Reset-EntraBetaLifeCycleGroup -Scope Global -Force + Set-Alias -Name Get-AzureADAuditSignInLogs -Value Get-EntraBetaAuditSignInLog -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationLogo -Value Set-EntraBetaApplicationLogo -Scope Global -Force + Set-Alias -Name Set-AzureADMSNamedLocationPolicy -Value Set-EntraBetaNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleTemplate -Value Get-EntraBetaDirectoryRoleTemplate -Scope Global -Force + Set-Alias -Name Remove-AzureADMSFeatureRolloutPolicy -Value Remove-EntraBetaFeatureRolloutPolicy -Scope Global -Force + Set-Alias -Name New-AzureADDirectorySetting -Value New-EntraBetaDirectorySetting -Scope Global -Force + Set-Alias -Name Set-AzureADServicePrincipal -Value Set-EntraBetaServicePrincipal -Scope Global -Force + Set-Alias -Name New-AzureADMSTrustFrameworkPolicy -Value New-EntraBetaTrustFrameworkPolicy -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsUserIsMemberOf -Value Select-EntraBetaGroupIdsUserIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADDeletedApplication -Value Remove-EntraBetaDeletedApplication -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantConditionSet -Value New-EntraBetaPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Set-AzureADDomain -Value Set-EntraBetaDomain -Scope Global -Force + Set-Alias -Name Get-AzureADUserRegisteredDevice -Value Get-EntraBetaUserRegisteredDevice -Scope Global -Force + Set-Alias -Name New-AzureADApplicationPasswordCredential -Value New-EntraBetaApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Set-AzureADMSAuthorizationPolicy -Value Set-EntraBetaAuthorizationPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationKeyCredential -Value Remove-EntraBetaApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Confirm-AzureADDomain -Value Confirm-EntraBetaDomain -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalPasswordCredential -Value Remove-EntraBetaServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Add-AzureADApplicationPolicy -Value Add-EntraBetaApplicationPolicy -Scope Global -Force + Set-Alias -Name Add-AzureADMScustomSecurityAttributeDefinitionAllowedValues -Value Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsGroupIsMemberOf -Value Select-EntraBetaGroupIdsGroupIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADUserExtension -Value Remove-EntraBetaUserExtension -Scope Global -Force + Set-Alias -Name Get-AzureADDomainVerificationDnsRecord -Value Get-EntraBetaDomainVerificationDnsRecord -Scope Global -Force + Set-Alias -Name Get-AzureADMSApplicationTemplate -Value Get-EntraBetaApplicationTemplate -Scope Global -Force + Set-Alias -Name Get-AzureADDomain -Value Get-EntraBetaDomain -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalPolicy -Value Remove-EntraBetaServicePrincipalPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalPolicy -Value Get-EntraBetaServicePrincipalPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSPasswordSingleSignOnCredential -Value New-EntraBetaPasswordSingleSignOnCredential -Scope Global -Force + Set-Alias -Name Get-AzureADMSPrivilegedRoleSetting -Value Get-EntraBetaPrivilegedRoleSetting -Scope Global -Force + Set-Alias -Name Get-AzureADObjectSetting -Value Get-EntraBetaObjectSetting -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationPassword -Value New-EntraBetaApplicationPassword -Scope Global -Force + Set-Alias -Name Get-AzureADUserCreatedObject -Value Get-EntraBetaUserCreatedObject -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedDirectoryObject -Value Get-EntraBetaDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name Get-AzureADMSAttributeSet -Value Get-EntraBetaAttributeSet -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnit -Value New-EntraBetaAdministrativeUnit -Scope Global -Force + Set-Alias -Name Remove-AzureADScopedRoleMembership -Value Remove-EntraBetaScopedRoleMembership -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipal -Value New-EntraBetaServicePrincipal -Scope Global -Force + Set-Alias -Name Remove-AzureADServiceAppRoleAssignment -Value Remove-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplication -Value Get-EntraBetaApplicationProxyApplication -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsContactIsMemberOf -Value Select-EntraBetaGroupIdsContactIsMemberOf -Scope Global -Force + Set-Alias -Name Remove-AzureADGroup -Value Remove-EntraBetaGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSPasswordSingleSignOnCredential -Value Get-EntraBetaPasswordSingleSignOnCredential -Scope Global -Force + Set-Alias -Name Get-AzureADDirectoryRoleMember -Value Get-EntraBetaDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplication -Value Set-EntraBetaApplication -Scope Global -Force + Set-Alias -Name Get-AzureADMSLifecyclePolicyGroup -Value Get-EntraBetaLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Remove-AzureADTrustedCertificateAuthority -Value Remove-EntraBetaTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Get-AzureADMSPrivilegedRoleAssignmentRequest -Value Get-EntraBetaPrivilegedRoleAssignmentRequest -Scope Global -Force + Set-Alias -Name Get-AzureADAdministrativeUnitMember -Value Get-EntraBetaAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Get-AzureADMSPrivilegedRoleDefinition -Value Get-EntraBetaPrivilegedRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-AzureADMSNamedLocationPolicy -Value Remove-EntraBetaNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADDomainNameReference -Value Get-EntraBetaDomainNameReference -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipal -Value Get-EntraBetaServicePrincipal -Scope Global -Force + Set-Alias -Name New-AzureADMSAdministrativeUnitMember -Value New-EntraBetaAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Get-AzureADUser -Value Get-EntraBetaUser -Scope Global -Force + Set-Alias -Name Remove-AzureADMSRoleAssignment -Value Remove-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalCreatedObject -Value Get-EntraBetaServicePrincipalCreatedObject -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationFromApplicationTemplate -Value New-EntraBetaApplicationFromApplicationTemplate -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignment -Value Get-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Revoke-AzureADUserAllRefreshToken -Value Revoke-EntraBetaUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Get-AzureADMSAuthorizationPolicy -Value Get-EntraBetaAuthorizationPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationPassword -Value Remove-EntraBetaApplicationPassword -Scope Global -Force + Set-Alias -Name Remove-AzureADMSApplicationVerifiedPublisher -Value Remove-EntraBetaApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Get-AzureADUserOwnedObject -Value Get-EntraBetaUserOwnedObject -Scope Global -Force + Set-Alias -Name Get-AzureADUserLicenseDetail -Value Get-EntraBetaUserLicenseDetail -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalPasswordCredential -Value Get-EntraBetaServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name Revoke-AzureADSignedInUserAllRefreshToken -Value Revoke-EntraBetaSignedInUserAllRefreshToken -Scope Global -Force + Set-Alias -Name Get-AzureADUserMembership -Value Get-EntraBetaUserMembership -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOAuth2PermissionGrant -Value Get-EntraBetaServicePrincipalOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Set-AzureADMSIdentityProvider -Value Set-EntraBetaIdentityProvider -Scope Global -Force + Set-Alias -Name Remove-AzureADMSGroupLifecyclePolicy -Value Remove-EntraBetaGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSCustomSecurityAttributeDefinitionAllowedValue -Value Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + Set-Alias -Name Set-AzureADUserExtension -Value Set-EntraBetaUserExtension -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroup -Value Set-EntraBetaGroup -Scope Global -Force + Set-Alias -Name Set-AzureADObjectSetting -Value Set-EntraBetaObjectSetting -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantPolicy -Value Remove-EntraBetaPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSGroupLifecyclePolicy -Value Set-EntraBetaGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSAttributeSet -Value New-EntraBetaAttributeSet -Scope Global -Force + Set-Alias -Name Get-AzureADGroupOwner -Value Get-EntraBetaGroupOwner -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationOwner -Value Get-EntraBetaApplicationOwner -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationSignInSummary -Value Get-EntraBetaApplicationSignInSummary -Scope Global -Force + Set-Alias -Name Add-AzureADGroupMember -Value Add-EntraBetaGroupMember -Scope Global -Force + Set-Alias -Name Get-AzureADUserManager -Value Get-EntraBetaUserManager -Scope Global -Force + Set-Alias -Name Get-AzureADSubscribedSku -Value Get-EntraBetaSubscribedSku -Scope Global -Force + Set-Alias -Name Get-AzureADMSRoleDefinition -Value Get-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredUser -Value Add-EntraBetaDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Get-AzureADGroupMember -Value Get-EntraBetaGroupMember -Scope Global -Force + Set-Alias -Name Set-AzureADUserManager -Value Set-EntraBetaUserManager -Scope Global -Force + Set-Alias -Name New-AzureADApplicationExtensionProperty -Value New-EntraBetaApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name New-AzureADMSGroupLifecyclePolicy -Value New-EntraBetaGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSRoleDefinition -Value Set-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Set-AzureADMSApplicationVerifiedPublisher -Value Set-EntraBetaApplicationVerifiedPublisher -Scope Global -Force + Set-Alias -Name Get-AzureADGroupAppRoleAssignment -Value Get-EntraBetaGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPermissionGrantConditionSet -Value Remove-EntraBetaPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADContactManager -Value Get-EntraBetaContactManager -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalOwner -Value Remove-EntraBetaServicePrincipalOwner -Scope Global -Force + Set-Alias -Name New-AzureADMSFeatureRolloutPolicy -Value New-EntraBetaFeatureRolloutPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADPolicy -Value Set-EntraBetaPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSRoleDefinition -Value Remove-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Add-AzureADDirectoryRoleMember -Value Add-EntraBetaDirectoryRoleMember -Scope Global -Force + Set-Alias -Name Add-AzureADDeviceRegisteredOwner -Value Add-EntraBetaDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADObjectByObjectId -Value Get-EntraBetaObjectByObjectId -Scope Global -Force + Set-Alias -Name Get-AzureADTrustedCertificateAuthority -Value Get-EntraBetaTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name New-AzureADUserAppRoleAssignment -Value New-EntraBetaUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-AzureADMSPermissionGrantPolicy -Value New-EntraBetaPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSApplication -Value New-EntraBetaApplication -Scope Global -Force + Set-Alias -Name Get-AzureADTenantDetail -Value Get-EntraBetaTenantDetail -Scope Global -Force + Set-Alias -Name Set-AzureADUserPassword -Value Set-EntraBetaUserPassword -Scope Global -Force + Set-Alias -Name Get-AzureADPolicyAppliedObject -Value Get-EntraBetaPolicyAppliedObject -Scope Global -Force + Set-Alias -Name Get-AzureADServiceAppRoleAssignedTo -Value Get-EntraBetaServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupLifecyclePolicy -Value Get-EntraBetaGroupLifecyclePolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSGroupPermissionGrant -Value Get-EntraBetaGroupPermissionGrant -Scope Global -Force + Set-Alias -Name Remove-AzureADDomain -Value Remove-EntraBetaDomain -Scope Global -Force + Set-Alias -Name Get-AzureADScopedRoleMembership -Value Get-EntraBetaScopedRoleMembership -Scope Global -Force + Set-Alias -Name Get-AzureADDeletedApplication -Value Get-EntraBetaDeletedApplication -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredOwner -Value Remove-EntraBetaDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADMSIdentityProvider -Value Get-EntraBetaIdentityProvider -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationKeyCredential -Value Get-EntraBetaApplicationKeyCredential -Scope Global -Force + Set-Alias -Name Get-AzureADUserOwnedDevice -Value Get-EntraBetaUserOwnedDevice -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationPolicy -Value Get-EntraBetaApplicationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalMembership -Value Get-EntraBetaServicePrincipalMembership -Scope Global -Force + Set-Alias -Name Get-AzureADPolicy -Value Get-EntraBetaPolicy -Scope Global -Force + Set-Alias -Name New-AzureADMSInvitation -Value New-EntraBetaInvitation -Scope Global -Force + Set-Alias -Name Remove-AzureADMSDeletedDirectoryObject -Value Remove-EntraBetaDeletedDirectoryObject -Scope Global -Force + Set-Alias -Name Remove-AzureADAdministrativeUnitMember -Value Remove-EntraBetaAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Get-AzureADMSPrivilegedResource -Value Get-EntraBetaPrivilegedResource -Scope Global -Force + Set-Alias -Name Set-AzureADMSCustomSecurityAttributeDefinitionAllowedValue -Value Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + Set-Alias -Name New-AzureADMSIdentityProvider -Value New-EntraBetaIdentityProvider -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationExtensionProperty -Value Get-EntraBetaApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Remove-AzureADMSLifecyclePolicyGroup -Value Remove-EntraBetaLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSFeatureRolloutPolicy -Value Get-EntraBetaFeatureRolloutPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSPasswordSingleSignOnCredential -Value Remove-EntraBetaPasswordSingleSignOnCredential -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredUser -Value Get-EntraBetaDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupMember -Value Remove-EntraBetaGroupMember -Scope Global -Force + Set-Alias -Name New-AzureADMSConditionalAccessPolicy -Value New-EntraBetaConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Update-AzureADSignedInUserPassword -Value Update-EntraBetaSignedInUserPassword -Scope Global -Force + Set-Alias -Name Set-AzureADMSAdministrativeUnit -Value Set-EntraBetaAdministrativeUnit -Scope Global -Force + Set-Alias -Name Get-AzureADUserOAuth2PermissionGrant -Value Get-EntraBetaUserOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name New-AzureADPrivilegedRoleAssignment -Value New-EntraBetaPrivilegedRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADUserExtension -Value Get-EntraBetaUserExtension -Scope Global -Force + Set-Alias -Name New-AzureADTrustedCertificateAuthority -Value New-EntraBetaTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Get-AzureADMSNamedLocationPolicy -Value Get-EntraBetaNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationLogo -Value Get-EntraBetaApplicationLogo -Scope Global -Force + Set-Alias -Name Remove-AzureADDeviceRegisteredUser -Value Remove-EntraBetaDeviceRegisteredUser -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalPasswordCredential -Value New-EntraBetaServicePrincipalPasswordCredential -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleDefinition -Value New-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Set-AzureADMSPermissionGrantConditionSet -Value Set-EntraBetaPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Get-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Get-EntraBetaServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Set-AzureADMSAttributeSet -Value Set-EntraBetaAttributeSet -Scope Global -Force + Set-Alias -Name Get-AzureADApplication -Value Get-EntraBetaApplication -Scope Global -Force + Set-Alias -Name Get-AzureADMSTrustFrameworkPolicy -Value Get-EntraBetaTrustFrameworkPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplication -Value Remove-EntraBetaApplicationProxyApplication -Scope Global -Force + Set-Alias -Name Get-AzureADDevice -Value Get-EntraBetaDevice -Scope Global -Force + Set-Alias -Name New-AzureADObjectSetting -Value New-EntraBetaObjectSetting -Scope Global -Force + Set-Alias -Name New-AzureADPolicy -Value New-EntraBetaPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSCustomSecurityAttributeDefinition -Value Set-EntraBetaCustomSecurityAttributeDefinition -Scope Global -Force + Set-Alias -Name Get-AzureADContact -Value Get-EntraBetaContact -Scope Global -Force + Set-Alias -Name Remove-AzureADPolicy -Value Remove-EntraBetaPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADMSConditionalAccessPolicy -Value Remove-EntraBetaConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Add-AzureADAdministrativeUnitMember -Value Add-EntraBetaAdministrativeUnitMember -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalKeyCredential -Value Get-EntraBetaServicePrincipalKeyCredential -Scope Global -Force + Set-Alias -Name Set-AzureADDevice -Value Set-EntraBetaDevice -Scope Global -Force + Set-Alias -Name Set-AzureADTrustedCertificateAuthority -Value Set-EntraBetaTrustedCertificateAuthority -Scope Global -Force + Set-Alias -Name Select-AzureADGroupIdsServicePrincipalIsMemberOf -Value Select-EntraBetaGroupIdsServicePrincipalIsMemberOf -Scope Global -Force + Set-Alias -Name Set-AzureADUserThumbnailPhoto -Value Set-EntraBetaUserThumbnailPhoto -Scope Global -Force + Set-Alias -Name Set-AzureADMSPasswordSingleSignOnCredential -Value Set-EntraBetaPasswordSingleSignOnCredential -Scope Global -Force + Set-Alias -Name Get-AzureADPrivilegedRole -Value Get-EntraBetaPrivilegedRole -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupAppRoleAssignment -Value Remove-EntraBetaGroupAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADContact -Value Remove-EntraBetaContact -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationExtensionProperty -Value Remove-EntraBetaApplicationExtensionProperty -Scope Global -Force + Set-Alias -Name Get-AzureADContactMembership -Value Get-EntraBetaContactMembership -Scope Global -Force + Set-Alias -Name Remove-AzureADGroupOwner -Value Remove-EntraBetaGroupOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationPolicy -Value Remove-EntraBetaApplicationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADContactDirectReport -Value Get-EntraBetaContactDirectReport -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipal -Value Remove-EntraBetaServicePrincipal -Scope Global -Force + Set-Alias -Name Add-AzureADApplicationOwner -Value Add-EntraBetaApplicationOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADMSTrustFrameworkPolicy -Value Remove-EntraBetaTrustFrameworkPolicy -Scope Global -Force + Set-Alias -Name Add-AzureADGroupOwner -Value Add-EntraBetaGroupOwner -Scope Global -Force + Set-Alias -Name Restore-AzureADDeletedApplication -Value Restore-EntraBetaDeletedApplication -Scope Global -Force + Set-Alias -Name Set-AzureADMSPrivilegedRoleSetting -Value Set-EntraBetaPrivilegedRoleSetting -Scope Global -Force + Set-Alias -Name Get-AzureADGroup -Value Get-EntraBetaGroup -Scope Global -Force + Set-Alias -Name Get-AzureADMSDeletedGroup -Value Get-EntraBetaDeletedGroup -Scope Global -Force + Set-Alias -Name New-AzureADDevice -Value New-EntraBetaDevice -Scope Global -Force + Set-Alias -Name Add-AzureADMSLifecyclePolicyGroup -Value Add-EntraBetaLifecyclePolicyGroup -Scope Global -Force + Set-Alias -Name New-AzureADUser -Value New-EntraBetaUser -Scope Global -Force + Set-Alias -Name New-AzureADMSApplicationKey -Value New-EntraBetaApplicationKey -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationPasswordCredential -Value Remove-EntraBetaApplicationPasswordCredential -Scope Global -Force + Set-Alias -Name Get-AzureADUserAppRoleAssignment -Value Get-EntraBetaUserAppRoleAssignment -Scope Global -Force + Set-Alias -Name Remove-AzureADUserManager -Value Remove-EntraBetaUserManager -Scope Global -Force + Set-Alias -Name New-AzureADMSRoleAssignment -Value New-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-AzureADDirectorySettingTemplate -Value Get-EntraBetaDirectorySettingTemplate -Scope Global -Force + Set-Alias -Name Get-AzureADServicePrincipalOwnedObject -Value Get-EntraBetaServicePrincipalOwnedObject -Scope Global -Force + Set-Alias -Name Set-AzureADMSTrustFrameworkPolicy -Value Set-EntraBetaTrustFrameworkPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADMSCustomSecurityAttributeDefinition -Value Get-EntraBetaCustomSecurityAttributeDefinition -Scope Global -Force + Set-Alias -Name Remove-AzureADAdministrativeUnit -Value Remove-EntraBetaAdministrativeUnit -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantPolicy -Value Get-EntraBetaPermissionGrantPolicy -Scope Global -Force + Set-Alias -Name New-AzureADDomain -Value New-EntraBetaDomain -Scope Global -Force + Set-Alias -Name Add-AzureADScopedRoleMembership -Value Add-EntraBetaScopedRoleMembership -Scope Global -Force + Set-Alias -Name Remove-AzureADObjectSetting -Value Remove-EntraBetaObjectSetting -Scope Global -Force + Set-Alias -Name Set-AzureADUser -Value Set-EntraBetaUser -Scope Global -Force + Set-Alias -Name Add-AzureADServicePrincipalOwner -Value Add-EntraBetaServicePrincipalOwner -Scope Global -Force + Set-Alias -Name Remove-AzureADOAuth2PermissionGrant -Value Remove-EntraBetaOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Remove-AzureADMSFeatureRolloutPolicyDirectoryObject -Value Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Scope Global -Force + Set-Alias -Name Add-AzureADServicePrincipalPolicy -Value Add-EntraBetaServicePrincipalPolicy -Scope Global -Force + Set-Alias -Name Remove-AzureADDirectoryRoleMember -Value Remove-EntraBetaDirectoryRoleMember -Scope Global -Force + Set-Alias -Name New-AzureADServiceAppRoleAssignment -Value New-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-AzureADMSNamedLocationPolicy -Value New-EntraBetaNamedLocationPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADDirectorySetting -Value Get-EntraBetaDirectorySetting -Scope Global -Force + Set-Alias -Name Remove-AzureADDevice -Value Remove-EntraBetaDevice -Scope Global -Force + Set-Alias -Name Get-AzureADAdministrativeUnit -Value Get-EntraBetaAdministrativeUnit -Scope Global -Force + Set-Alias -Name Get-AzureADDomainServiceConfigurationRecord -Value Get-EntraBetaDomainServiceConfigurationRecord -Scope Global -Force + Set-Alias -Name Set-AzureADUserLicense -Value Set-EntraBetaUserLicense -Scope Global -Force + Set-Alias -Name Remove-AzureADDirectorySetting -Value Remove-EntraBetaDirectorySetting -Scope Global -Force + Set-Alias -Name Set-AzureADMSPrivilegedRoleAssignmentRequest -Value Set-EntraBetaPrivilegedRoleAssignmentRequest -Scope Global -Force + Set-Alias -Name Add-AzureADMSServicePrincipalDelegatedPermissionClassification -Value Add-EntraBetaServicePrincipalDelegatedPermissionClassification -Scope Global -Force + Set-Alias -Name Set-AzureADMSConditionalAccessPolicy -Value Set-EntraBetaConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Set-AzureADMSFeatureRolloutPolicy -Value Set-EntraBetaFeatureRolloutPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceRegisteredOwner -Value Get-EntraBetaDeviceRegisteredOwner -Scope Global -Force + Set-Alias -Name Get-AzureADMSPermissionGrantConditionSet -Value Get-EntraBetaPermissionGrantConditionSet -Scope Global -Force + Set-Alias -Name Remove-AzureADUser -Value Remove-EntraBetaUser -Scope Global -Force + Set-Alias -Name Get-AzureADMSConditionalAccessPolicy -Value Get-EntraBetaConditionalAccessPolicy -Scope Global -Force + Set-Alias -Name Get-AzureADAuditDirectoryLogs -Value Get-EntraBetaAuditDirectoryLog -Scope Global -Force + Set-Alias -Name Get-AzureADOAuth2PermissionGrant -Value Get-EntraBetaOAuth2PermissionGrant -Scope Global -Force + Set-Alias -Name Get-AzureADContract -Value Get-EntraBetaContract -Scope Global -Force + Set-Alias -Name Get-AzureADUserDirectReport -Value Get-EntraBetaUserDirectReport -Scope Global -Force + Set-Alias -Name Get-CrossCloudVerificationCode -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-RbacApplicationRoleAssignment -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-RbacApplicationRoleDefinition -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-RbacApplicationRoleAssignment -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-RbacApplicationRoleDefinition -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-RbacApplicationRoleAssignment -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-RbacApplicationRoleDefinition -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-RbacApplicationRoleDefinition -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationCustomDomainCertificate -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Open-AzureADMSPrivilegedRoleAssignmentRequest -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationSingleSignOn -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADContactThumbnailPhoto -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADExternalDomainFederation -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADCurrentSessionInfo -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Close-AzureADMSPrivilegedRoleAssignmentRequest -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADExternalDomainFederation -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADContactManager -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationPasswordCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplication -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADDeviceConfiguration -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnector -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Restore-AzureADMSDeletedDirectoryObject -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorMemberOf -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationProxyConnectorGroupMembers -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Set-AzureADApplicationProxyApplicationConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name New-AzureADServicePrincipalKeyCredential -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Add-AzureADMSPrivilegedResource -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADPrivilegedRoleAssignment -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADExtensionProperty -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADExternalDomainFederation -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Remove-AzureADApplicationProxyConnectorGroup -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Get-AzureADApplicationServiceEndpoint -Value Get-EntraUnsupportedCommand -Scope Global -Force + Set-Alias -Name Connect-AzureAD -Value Connect-EntraBeta -Scope Global -Force + Set-Alias -Name Disconnect-AzureAD -Value Disconnect-EntraBeta -Scope Global -Force + Set-Alias -Name Remove-EntraBetaRoleAssignment -Value Remove-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraBetaRoleAssignment -Value Get-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraBetaRoleAssignment -Value New-EntraBetaDirectoryRoleAssignment -Scope Global -Force + Set-Alias -Name Set-EntraBetaRoleDefinition -Value Set-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-EntraBetaRoleDefinition -Value Get-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Remove-EntraBetaRoleDefinition -Value Remove-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name New-EntraBetaRoleDefinition -Value New-EntraBetaDirectoryRoleDefinition -Scope Global -Force + Set-Alias -Name Get-EntraBetaServiceAppRoleAssignedTo -Value Get-EntraBetaServicePrincipalAppRoleAssignedTo -Scope Global -Force + Set-Alias -Name Remove-EntraBetaServiceAppRoleAssignment -Value Remove-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Get-EntraBetaServiceAppRoleAssignment -Value Get-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name New-EntraBetaServiceAppRoleAssignment -Value New-EntraBetaServicePrincipalAppRoleAssignment -Scope Global -Force + Set-Alias -Name Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValues -Value Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -Scope Global -Force + Set-Alias -Name Get-EntraBetaAuditDirectoryLogs -Value Get-EntraBetaAuditDirectoryLog -Scope Global -Force + Set-Alias -Name Get-EntraBetaAuditSignInLogs -Value Get-EntraBetaAuditSignInLog -Scope Global -Force +} + diff --git a/module/EntraBeta/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 b/module/EntraBeta/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 new file mode 100644 index 0000000000..24daf53824 --- /dev/null +++ b/module/EntraBeta/UnMappedFiles/Get-EntraUnsupportedCommand.ps1 @@ -0,0 +1,8 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraUnsupportedCommand { + Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." +} + diff --git a/module/EntraBeta/UnMappedFiles/New-EntraBetaCustomHeaders.ps1 b/module/EntraBeta/UnMappedFiles/New-EntraBetaCustomHeaders.ps1 new file mode 100644 index 0000000000..16c1e3b342 --- /dev/null +++ b/module/EntraBeta/UnMappedFiles/New-EntraBetaCustomHeaders.ps1 @@ -0,0 +1,29 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function New-EntraBetaCustomHeaders { + <# + .SYNOPSIS + Creates a custom header for use in telemetry. + .DESCRIPTION + The custom header created is a User-Agent with header value " EntraPowershell/ " + .EXAMPLE + New-EntraBetaCustomHeaders -Command Get-EntraUser + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [string] + $Command + ) + + $psVersion = $global:PSVersionTable.PSVersion + $entraVersion = (Get-module Microsoft.Graph.Entra.Beta | select version).Version.ToString() + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" + $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' + $customHeaders["User-Agent"] = $userAgentHeaderValue + + $customHeaders +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/UnMappedFiles/Test-EntraScript.ps1 b/module/EntraBeta/UnMappedFiles/Test-EntraScript.ps1 new file mode 100644 index 0000000000..b9bd962b8d --- /dev/null +++ b/module/EntraBeta/UnMappedFiles/Test-EntraScript.ps1 @@ -0,0 +1,139 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Test-EntraScript { + <# + .SYNOPSIS + Checks, whether the provided script is using AzureAD commands that are not supported by Microsoft.Graph.Entra. + + .DESCRIPTION + Checks, whether the provided script is using AzureAD commands that are not supported by Microsoft.Graph.Entra. + + .PARAMETER Path + Path to the script file(s) to scan. + Or name of the content, when also specifying -Content + + .PARAMETER Content + Code content to scan. + Used when scanning code that has no file representation (e.g. straight from a repository). + + .PARAMETER Quiet + Only return $true or $false, based on whether the script could run under Microsoft.Graph.Entra ($true) or not ($false) + + .EXAMPLE + PS C:\> Test-EntraScript -Path .\usercreation.ps1 -Quiet + + Returns whether the script "usercreation.ps1" could run under Microsoft.Graph.Entra + + .EXAMPLE + PS C:\> Get-ChildItem -Path \\contoso.com\it\code -Recurse -Filter *.ps1 | Test-EntraScript + + Returns a list of all scripts that would not run under the Microsoft.Graph.Entra module, listing each issue with line and code. + #> + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias('FullName', 'Name')] + [string[]] + $Path, + + [Parameter(ValueFromPipelineByPropertyName = $true)] + [string] + $Content, + + [switch] + $Quiet + ) + + begin { + function Test-ScriptCommand { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)] + [Alias('FullName')] + [string] + $Name, + + [Parameter(Mandatory = $true)] + [string] + $Content, + + [switch] + $Quiet, + + [AllowEmptyCollection()] + [string[]] + $RequiredCommands, + + [AllowEmptyCollection()] + [string[]] + $ForbiddenCommands + ) + + $ast = [System.Management.Automation.Language.Parser]::ParseInput($Content, [ref]$null, [ref]$null) + $allCommands = $ast.FindAll({ $args[0] -is [System.Management.Automation.Language.CommandAst] }, $true) + $allCommandNames = @($allCommands).ForEach{ $_.CommandElements[0].Value } + + $findings = @() + foreach ($command in $allCommands) { + if ($command.CommandElements[0].Value -notin $ForbiddenCommands) { continue } + $findings += [PSCustomObject]@{ + PSTypeName = 'Microsoft.Graph.Entra.CommandRequirement' + Name = $Name + Line = $command.Extent.StartLineNumber + Type = 'UnsupportedCommand' + Command = $command.CommandElements[0].Value + Code = $command.Extent.Text + } + } + foreach ($requiredCommand in $RequiredCommands) { + if ($requiredCommand -notin $allCommandNames) { continue } + $findings += [PSCustomObject]@{ + PSTypeName = 'Microsoft.Graph.Entra.CommandRequirement' + Name = $Name + Line = -1 + Type = 'RequiredCommandMissing' + Command = $requiredCommand + Code = '' + } + } + + if (-not $Quiet) { + $findings + return + } + + $findings -as [bool] + } + + $testParam = @{ + Quiet = $Quiet + ForbiddenCommands = $script:MISSING_CMDS + } + } + process { + if ($Path -and $Content) { + Test-ScriptCommand -Name @($Path)[0] -Content $Content + return + } + foreach ($entry in $Path) { + try { $resolvedPaths = Resolve-Path -Path $entry -ErrorAction Stop } + catch { + Write-Error $_ + continue + } + + foreach ($resolvedPath in $resolvedPaths) { + if (-not (Test-Path -Path $resolvedPath -PathType Leaf)) { + Write-Warning "Not a file: $resolvedPath" + continue + } + + $scriptContent = (Get-Content -LiteralPath $resolvedPath) -join "`n" + Test-ScriptCommand -Name $resolvedPath -Content $scriptContent @testParam + } + } + } +}# ------------------------------------------------------------------------------ + diff --git a/module/EntraBeta/config/ModuleMetadata.json b/module/EntraBeta/config/ModuleMetadata.json index c1625afb00..e479667056 100644 --- a/module/EntraBeta/config/ModuleMetadata.json +++ b/module/EntraBeta/config/ModuleMetadata.json @@ -2,6 +2,7 @@ "guid": "3a8a0270-121c-4455-845d-497458213f96", "authors": "Microsoft", "owners": "Microsoft", + "entraDescription":"Microsoft Entra Powershell", "description": "Microsoft Entra PowerShell Beta: Microsoft Entra PowerShell is a scenario-driven module that allows administrators to efficiently manage Entra ID resources, including users, groups, applications, and policies, among others", "requireLicenseAcceptance": "true", "requiredModules" : [ @@ -31,6 +32,8 @@ "Entra" ], "releaseNotes": "See https://github.com/microsoftgraph/entra-powershell.", - "version": "0.19.0", - "Prerelease": "preview" + "version": "0.20.0", + "Prerelease": "preview", + "dotNetVersion":"4.7.2", + "powershellVersion":"5.1" } diff --git a/module/EntraBeta/config/ModuleSettings.json b/module/EntraBeta/config/ModuleSettings.json index 16ef03892a..fab5528226 100644 --- a/module/EntraBeta/config/ModuleSettings.json +++ b/module/EntraBeta/config/ModuleSettings.json @@ -1,6 +1,6 @@ { "sourceModule" : "AzureADPreview", - "moduleName" : "Microsoft.Graph.Entra.Beta", + "moduleName" : "Microsoft.Entra.Beta", "newPrefix" : "EntraBeta", "typePrefix" : "Microsoft.Open.", "destinationModuleName" : [ diff --git a/module/EntraBeta/config/dependencyMapping.json b/module/EntraBeta/config/dependencyMapping.json new file mode 100644 index 0000000000..aff4ed3b10 --- /dev/null +++ b/module/EntraBeta/config/dependencyMapping.json @@ -0,0 +1,10 @@ +{ + "Microsoft.Entra.Beta.Users":["Microsoft.Graph.Beta.Users","Microsoft.Graph.Beta.Users.Actions","Microsoft.Graph.Beta.Users.Functions"], + "Microsoft.Entra.Beta.Authentication":["Microsoft.Graph.Authentication"], + "Microsoft.Entra.Beta.Groups":["Microsoft.Graph.Beta.Groups"], + "Microsoft.Entra.Beta.DirectoryManagement":["Microsoft.Graph.Beta.Identity.DirectoryManagement"], + "Microsoft.Entra.Beta.Governance":["Microsoft.Graph.Beta.Identity.Governance"], + "Microsoft.Entra.Beta.SignIns":["Microsoft.Graph.Beta.Identity.SignIns"], + "Microsoft.Entra.Beta.Applications":["Microsoft.Graph.Beta.Applications"], + "Microsoft.Entra.Beta.Reports":["Microsoft.Graph.Beta.Reports"] +} \ No newline at end of file diff --git a/module/EntraBeta/config/moduleMapping.json b/module/EntraBeta/config/moduleMapping.json new file mode 100644 index 0000000000..f7188a321e --- /dev/null +++ b/module/EntraBeta/config/moduleMapping.json @@ -0,0 +1,299 @@ +{ + "Get-EntraBetaUser": "Users", + "Set-EntraBetaUser": "Users", + "New-EntraBetaUser": "Users", + "Remove-EntraBetaUser": "Users", + "Get-EntraBetaUserAppRoleAssignment": "Users", + "Get-EntraBetaUserCreatedObject": "Users", + "Get-EntraBetaUserDirectReport": "Users", + "Get-EntraBetaUserExtension": "Users", + "Get-EntraBetaUserLicenseDetail": "Users", + "Get-EntraBetaUserManager": "Users", + "Get-EntraBetaUserMembership": "Users", + "Get-EntraBetaUserOAuth2PermissionGrant": "Users", + "Get-EntraBetaUserOwnedDevice": "Users", + "Get-EntraBetaUserOwnedObject": "Users", + "Get-EntraBetaUserRegisteredDevice": "Users", + "Get-EntraBetaUserThumbnailPhoto": "Users", + "New-EntraBetaUserAppRoleAssignment": "Users", + "Remove-EntraBetaUserAppRoleAssignment": "Users", + "Remove-EntraBetaUserExtension": "Users", + "Remove-EntraBetaUserManager": "Users", + "Reset-EntraBetaStrongAuthenticationMethodByUpn": "Authentication", + "Set-EntraBetaUserExtension": "Users", + "Set-EntraBetaUserLicense": "Users", + "Set-EntraBetaUserManager": "Users", + "Set-EntraBetaUserPassword": "Users", + "Set-EntraBetaUserThumbnailPhoto": "Users", + "Update-EntraBetaSignedInUserPassword": "Users", + "Get-EntraBetaGroup": "Groups", + "New-EntraBetaGroup": "Groups", + "Set-EntraBetaGroup": "Groups", + "Remove-EntraBetaGroup": "Groups", + "Get-EntraBetaGroupMember": "Groups", + "Get-EntraBetaGroupOwner": "Groups", + "Add-EntraBetaGroupMember": "Groups", + "Add-EntraBetaGroupOwner": "Groups", + "Add-EntraBetaLifecyclePolicyGroup": "Groups", + "Get-EntraBetaDeletedGroup": "Groups", + "Get-EntraBetaGroupAppRoleAssignment": "Groups", + "Get-EntraBetaGroupLifecyclePolicy": "Groups", + "Get-EntraBetaGroupPermissionGrant": "Groups", + "Get-EntraBetaLifecyclePolicyGroup": "Groups", + "New-EntraBetaGroupAppRoleAssignment": "Groups", + "New-EntraBetaGroupLifecyclePolicy": "Groups", + "Remove-EntraBetaGroupAppRoleAssignment": "Groups", + "Remove-EntraBetaGroupLifecyclePolicy": "Groups", + "Remove-EntraBetaGroupMember": "Groups", + "Remove-EntraBetaGroupOwner": "Groups", + "Remove-EntraBetaLifecyclePolicyGroup": "Groups", + "Reset-EntraBetaLifeCycleGroup": "Groups", + "Select-EntraBetaGroupIdsContactIsMemberOf": "Groups", + "Select-EntraBetaGroupIdsGroupIsMemberOf": "Groups", + "Select-EntraBetaGroupIdsUserIsMemberOf": "Groups", + "Set-EntraBetaGroupLifecyclePolicy": "Groups", + "Get-EntraBetaDevice": "DirectoryManagement", + "Remove-EntraBetaDevice": "DirectoryManagement", + "Add-EntraBetaDeviceRegisteredOwner": "DirectoryManagement", + "Add-EntraBetaDeviceRegisteredUser": "DirectoryManagement", + "Get-EntraBetaDeviceRegisteredOwner": "DirectoryManagement", + "Get-EntraBetaDeviceRegisteredUser": "DirectoryManagement", + "Set-EntraBetaDevice": "DirectoryManagement", + "New-EntraBetaDevice": "DirectoryManagement", + "Remove-EntraBetaDeviceRegisteredOwner": "DirectoryManagement", + "Remove-EntraBetaDeviceRegisteredUser": "DirectoryManagement", + "Get-EntraBetaApplication": "Applications", + "Set-EntraBetaApplication": "Applications", + "New-EntraBetaApplication": "Applications", + "Remove-EntraBetaApplication": "Applications", + "Get-EntraBetaServicePrincipal": "Applications", + "Add-EntraBetaApplicationOwner": "Applications", + "Add-EntraBetaApplicationPolicy": "Applications", + "Add-EntraBetaServicePrincipalDelegatedPermissionClassification": "Applications", + "Add-EntraBetaServicePrincipalOwner": "Applications", + "Add-EntraBetaServicePrincipalPolicy": "SignIns", + "Get-EntraBetaApplicationExtensionProperty": "Applications", + "Get-EntraBetaApplicationKeyCredential": "Applications", + "Get-EntraBetaApplicationLogo": "Applications", + "Get-EntraBetaApplicationOwner": "Applications", + "Get-EntraBetaApplicationPolicy": "Applications", + "Get-EntraBetaApplicationPasswordCredential": "Applications", + "Get-EntraBetaApplicationServiceEndpoint": "Applications", + "Get-EntraBetaDeletedApplication": "Applications", + "Get-EntraBetaApplicationTemplate": "Applications", + "Get-EntraBetaServicePrincipalCreatedObject": "Applications", + "Get-EntraBetaServicePrincipalDelegatedPermissionClassification": "Applications", + "Get-EntraBetaServicePrincipalKeyCredential": "Applications", + "Get-EntraBetaServicePrincipalMembership": "Applications", + "Get-EntraBetaServicePrincipalOAuth2PermissionGrant": "Applications", + "Get-EntraBetaServicePrincipalOwnedObject": "Applications", + "Get-EntraBetaServicePrincipalOwner": "Applications", + "Get-EntraBetaServicePrincipalPasswordCredential": "Applications", + "New-EntraBetaApplicationFromApplicationTemplate": "Applications", + "New-EntraBetaApplicationExtensionProperty": "Applications", + "New-EntraBetaApplicationKey": "Applications", + "New-EntraBetaApplicationKeyCredential": "Applications", + "New-EntraBetaApplicationPassword": "Applications", + "New-EntraBetaApplicationPasswordCredential": "Applications", + "New-EntraBetaServicePrincipal": "Applications", + "New-EntraBetaServicePrincipalPasswordCredential": "Applications", + "Remove-EntraBetaApplicationExtensionProperty": "Applications", + "Remove-EntraBetaApplicationKey": "Applications", + "Remove-EntraBetaApplicationKeyCredential": "Applications", + "Remove-EntraBetaApplicationOwner": "Applications", + "Remove-EntraBetaApplicationPassword": "Applications", + "Remove-EntraBetaApplicationPasswordCredential": "Applications", + "Remove-EntraBetaApplicationPolicy": "Applications", + "Remove-EntraBetaApplicationVerifiedPublisher": "Applications", + "Remove-EntraBetaDeletedApplication": "Applications", + "Remove-EntraBetaDeletedDirectoryObject": "DirectoryManagement", + "Remove-EntraBetaServicePrincipal": "Applications", + "Remove-EntraBetaServicePrincipalDelegatedPermissionClassification": "Applications", + "Remove-EntraBetaServicePrincipalOwner": "Applications", + "Remove-EntraBetaServicePrincipalPolicy": "SignIns", + "Remove-EntraBetaServicePrincipalPasswordCredential": "Applications", + "Restore-EntraBetaDeletedApplication": "Applications", + "Select-EntraBetaGroupIdsServicePrincipalIsMemberOf": "Applications", + "Set-EntraBetaApplicationLogo": "Applications", + "Set-EntraBetaApplicationVerifiedPublisher": "Applications", + "Set-EntraBetaServicePrincipal": "Applications", + "Revoke-EntraBetaSignedInUserAllRefreshToken": "Authentication", + "Revoke-EntraBetaUserAllRefreshToken": "Authentication", + "Disconnect-Entra": "Authentication", + "Get-EntraContext": "Authentication", + "Connect-Entra": "Authentication", + "Get-EntraBetaTenantDetail": "DirectoryManagement", + "Set-EntraBetaTenantDetail": "DirectoryManagement", + "Add-EntraBetaDirectoryRoleMember": "DirectoryManagement", + "Enable-EntraBetaDirectoryRole": "DirectoryManagement", + "Get-EntraBetaDeletedDirectoryObject": "DirectoryManagement", + "Get-EntraBetaDirectoryRole": "DirectoryManagement", + "Get-EntraBetaDirectoryRoleMember": "DirectoryManagement", + "Get-EntraBetaDirectoryRoleTemplate": "DirectoryManagement", + "Get-EntraBetaDirSyncConfiguration": "DirectoryManagement", + "Get-EntraBetaDirSyncFeature": "DirectoryManagement", + "Set-EntraBetaDirSyncEnabled": "DirectoryManagement", + "Get-EntraBetaHasObjectsWithDirSyncProvisioningError": "DirectoryManagement", + "Get-EntraBetaDirectorySettingTemplate": "DirectoryManagement", + "Get-EntraBetaDirectorySetting": "DirectoryManagement", + "New-EntraBetaDirectorySetting": "DirectoryManagement", + "Remove-EntraBetaDirectoryRoleMember": "DirectoryManagement", + "Remove-EntraBetaDirectorySetting": "DirectoryManagement", + "Restore-EntraBetaDeletedDirectoryObject": "DirectoryManagement", + "Set-EntraBetaDirectorySetting": "DirectoryManagement", + "Set-EntraBetaDirSyncConfiguration": "DirectoryManagement", + "Set-EntraBetaDirSyncFeature": "DirectoryManagement", + "Get-EntraBetaDomain": "DirectoryManagement", + "Get-EntraBetaDomainFederationSettings": "DirectoryManagement", + "Get-EntraBetaDomainNameReference": "DirectoryManagement", + "Get-EntraBetaDomainServiceConfigurationRecord": "DirectoryManagement", + "Get-EntraBetaDomainVerificationDnsRecord": "DirectoryManagement", + "New-EntraBetaDomain": "DirectoryManagement", + "Remove-EntraBetaDomain": "DirectoryManagement", + "Set-EntraBetaDomain": "DirectoryManagement", + "Set-EntraBetaDomainFederationSettings": "DirectoryManagement", + "Get-EntraBetaNamedLocationPolicy": "SignIns", + "Get-EntraBetaFeatureRolloutPolicy": "SignIns", + "Get-EntraBetaPolicy": "SignIns", + "Get-EntraBetaPermissionGrantConditionSet": "SignIns", + "Get-EntraBetaPermissionGrantPolicy": "SignIns", + "Get-EntraBetaPolicyAppliedObject": "SignIns", + "Get-EntraBetaPasswordPolicy": "DirectoryManagement", + "New-EntraBetaNamedLocationPolicy": "SignIns", + "New-EntraBetaFeatureRolloutPolicy": "SignIns", + "New-EntraBetaPermissionGrantConditionSet": "SignIns", + "New-EntraBetaPermissionGrantPolicy": "SignIns", + "New-EntraBetaPolicy": "SignIns", + "Remove-EntraBetaNamedLocationPolicy": "SignIns", + "Remove-EntraBetaFeatureRolloutPolicyDirectoryObject": "SignIns", + "Remove-EntraBetaPermissionGrantConditionSet": "SignIns", + "Remove-EntraBetaPermissionGrantPolicy": "SignIns", + "Remove-EntraBetaPolicy": "SignIns", + "Set-EntraBetaNamedLocationPolicy": "SignIns", + "Set-EntraBetaPermissionGrantConditionSet": "SignIns", + "Set-EntraBetaPermissionGrantPolicy": "SignIns", + "Set-EntraBetaFeatureRolloutPolicy": "SignIns", + "Set-EntraBetaPolicy": "SignIns", + "Set-EntraBetaAuthorizationPolicy": "SignIns", + "Get-EntraBetaAuthorizationPolicy": "SignIns", + "Get-EntraBetaOAuth2PermissionGrant": "SignIns", + "New-EntraBetaOauth2PermissionGrant": "SignIns", + "Remove-EntraBetaOAuth2PermissionGrant": "SignIns", + "Get-EntraBetaApplicationSignInSummary": "Reports", + "Get-EntraBetaApplicationSignInDetailedSummary": "Reports", + "Get-EntraBetaPrivilegedRoleSetting": "Governance", + "Get-EntraBetaPrivilegedRoleDefinition": "Governance", + "Get-EntraBetaPrivilegedRoleAssignmentRequest": "Governance", + "Get-EntraBetaPrivilegedRole": "Governance", + "Get-EntraBetaPrivilegedResource": "Governance", + "New-EntraBetaPrivilegedRoleAssignment": "Governance", + "Set-EntraBetaPrivilegedRoleAssignmentRequest": "Governance", + "Set-EntraBetaPrivilegedRoleSetting": "Governance", + "Get-EntraBetaAccountSku": "DirectoryManagement", + "Get-EntraBetaFederationProperty": "DirectoryManagement", + "Enable-EntraAzureADAlias": "Migration", + "Test-EntraScript": "Migration", + "Get-EntraBetaAttributeSet": "DirectoryManagement", + "Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraBetaCustomSecurityAttributeDefinition": "DirectoryManagement", + "New-EntraBetaCustomSecurityAttributeDefinition": "DirectoryManagement", + "Set-EntraBetaCustomSecurityAttributeDefinition": "DirectoryManagement", + "Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraBetaContact": "DirectoryManagement", + "Get-EntraBetaContactDirectReport": "DirectoryManagement", + "Get-EntraBetaContactManager": "DirectoryManagement", + "Get-EntraBetaContactMembership": "DirectoryManagement", + "Get-EntraBetaContactThumbnailPhoto": "xxxxxxxxxxxxxxxx", + "Remove-EntraBetaContact": "DirectoryManagement", + "Get-EntraBetaContract": "DirectoryManagement", + "Get-EntraBetaTrustedCertificateAuthority": "SignIns", + "New-EntraBetaTrustedCertificateAuthority": "SignIns", + "Remove-EntraBetaTrustedCertificateAuthority": "SignIns", + "Set-EntraBetaTrustedCertificateAuthority": "SignIns", + "Get-EntraBetaTrustFrameworkPolicy": "SignIns", + "New-EntraBetaTrustFrameworkPolicy": "SignIns", + "Remove-EntraBetaTrustFrameworkPolicy": "SignIns", + "Set-EntraBetaTrustFrameworkPolicy": "SignIns", + "Get-EntraBetaIdentityProvider": "SignIns", + "New-EntraBetaIdentityProvider": "SignIns", + "Remove-EntraBetaIdentityProvider": "SignIns", + "Set-EntraBetaIdentityProvider": "SignIns", + "Get-EntraBetaPartnerInformation": "DirectoryManagement", + "Set-EntraBetaPartnerInformation": "DirectoryManagement", + "Add-EntraBetaAdministrativeUnitMember": "DirectoryManagement", + "Get-EntraBetaAdministrativeUnit": "DirectoryManagement", + "Get-EntraBetaAdministrativeUnitMember": "DirectoryManagement", + "New-EntraBetaAdministrativeUnitMember": "DirectoryManagement", + "New-EntraBetaAdministrativeUnit": "DirectoryManagement", + "Remove-EntraBetaAdministrativeUnit": "DirectoryManagement", + "Remove-EntraBetaAdministrativeUnitMember": "DirectoryManagement", + "Set-EntraBetaAdministrativeUnit": "DirectoryManagement", + "Get-EntraBetaPrivateAccessApplicationSegment": "NetworkAccess", + "New-EntraBetaPrivateAccessApplicationSegment": "NetworkAccess", + "Remove-EntraBetaPrivateAccessApplicationSegment": "NetworkAccess", + "Set-EntraBetaPasswordSingleSignOnCredential": "Applications", + "Get-EntraBetaPasswordSingleSignOnCredential": "Applications", + "New-EntraBetaPasswordSingleSignOnCredential": "Applications", + "Remove-EntraBetaPasswordSingleSignOnCredential": "Applications", + "Get-EntraBetaApplicationProxyApplication": "Applications", + "New-EntraBetaApplicationProxyApplication": "Applications", + "Remove-EntraBetaApplicationProxyApplication": "Applications", + "Set-EntraBetaApplicationProxyApplication": "Applications", + "Set-EntraBetaApplicationProxyApplicationSingleSignOn": "Applications", + "Set-EntraBetaApplicationProxyApplicationConnectorGroup": "Applications", + "Get-EntraBetaApplicationProxyApplicationConnectorGroup": "Applications", + "Get-EntraBetaApplicationProxyConnector": "Applications", + "Get-EntraBetaApplicationProxyConnectorGroup": "Applications", + "Get-EntraBetaApplicationProxyConnectorGroupMembers": "Applications", + "Get-EntraBetaApplicationProxyConnectorMemberOf": "Applications", + "New-EntraBetaApplicationProxyConnectorGroup": "Applications", + "Remove-EntraBetaApplicationProxyApplicationConnectorGroup": "Applications", + "Remove-EntraBetaApplicationProxyConnectorGroup": "Applications", + "Set-EntraBetaApplicationProxyConnector": "Applications", + "Set-EntraBetaApplicationProxyConnectorGroup": "Applications", + "Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Add-EntraBetaFeatureRolloutPolicyDirectoryObject": "SignIns", + "Add-EntraBetaScopedRoleMembership": "DirectoryManagement", + "Confirm-EntraBetaDomain": "DirectoryManagement", + "Get-EntraBetaConditionalAccessPolicy": "SignIns", + "Get-EntraBetaObjectByObjectId": "DirectoryManagement", + "Get-EntraBetaObjectSetting": "Groups", + "Get-EntraBetaScopedRoleMembership": "DirectoryManagement", + "Get-EntraBetaServicePrincipalPolicy": "SignIns", + "Get-EntraBetaSubscribedSku": "DirectoryManagement", + "Get-EntraUnsupportedCommand": "Migration", + "New-EntraBetaAttributeSet": "DirectoryManagement", + "New-EntraBetaConditionalAccessPolicy": "SignIns", + "New-EntraBetaInvitation": "SignIns", + "New-EntraBetaObjectSetting": "Groups", + "Remove-EntraBetaConditionalAccessPolicy": "SignIns", + "Remove-EntraBetaFeatureRolloutPolicy": "SignIns", + "Remove-EntraBetaObjectSetting": "Groups", + "Remove-EntraBetaScopedRoleMembership": "DirectoryManagement", + "Set-EntraBetaAttributeSet": "DirectoryManagement", + "Set-EntraBetaConditionalAccessPolicy": "SignIns", + "Set-EntraBetaObjectSetting": "Groups", + "Get-EntraBetaAuditDirectoryLog": "Reports", + "Get-EntraBetaAuditSignInLog": "Reports", + "Get-EntraBetaDirectoryObjectOnPremisesProvisioningError": "DirectoryManagement", + "Get-EntraBetaDirectoryRoleAssignment": "Governance", + "Get-EntraBetaDirectoryRoleDefinition": "Governance", + "Get-EntraBetaServicePrincipalAppRoleAssignedTo": "Applications", + "Get-EntraBetaServicePrincipalAppRoleAssignment": "Applications", + "New-EntraBetaDirectoryRoleAssignment": "Governance", + "New-EntraBetaDirectoryRoleDefinition": "Governance", + "New-EntraBetaServicePrincipalAppRoleAssignment": "Applications", + "Remove-EntraBetaDirectoryRoleAssignment": "Governance", + "Remove-EntraBetaDirectoryRoleDefinition": "Governance", + "Remove-EntraBetaServicePrincipalAppRoleAssignment": "Applications", + "Set-EntraBetaDirectoryRoleDefinition": "Governance", + "Update-EntraBetaUserFromFederated": "Users", + "Enable-EntraBetaGlobalSecureAccessTenant":"NetworkAccess", + "Get-EntraBetaGlobalSecureAccessTenantStatus":"NetworkAccess", + "Get-EntraBetaPrivateAccessApplication":"NetworkAccess", + "Get-EntraBetaUserAuthenticationMethod":"SignIns", + "Get-EntraBetaUserAuthenticationRequirement":"SignIns", + "New-EntraBetaPrivateAccessApplication":"NetworkAccess", + "Update-EntraBetaOauth2PermissionGrant":"SignIns", + "Update-EntraBetaUserAuthenticationRequirement":"SignIns" +} \ No newline at end of file diff --git a/module/docfx.json b/module/docfx.json index 5c7747e82b..f101fa02e1 100644 --- a/module/docfx.json +++ b/module/docfx.json @@ -18,7 +18,7 @@ ], "versions": { "entra-powershell-preview": { "dest": "entra-powershell-preview" }, - "entra-powershell-beta-preview": { "dest": "entra-powershell-beta-preview" }, + "entra-powershell-beta-preview": { "dest": "entra-powershell-beta-preview" } }, "overwrite": [], "externalReference": [], @@ -27,10 +27,10 @@ "extendBreadcrumb": true, "feedback_system": "Standard", "ms.devlang": "powershell", - "ms.prod": "powershell", "ms.topic": "reference", "ms.author": "stevemutungi", "author": "SteveMutungi254", + "uhfHeaderId": "MSDocsHeader-DotNet" }, "template": [], "markdownEngineName": "markdig", diff --git a/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..af87cac3b6 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationOwner.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraBetaApplicationOwner +description: This article provides details on the Add-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaApplicationOwner + +## Synopsis + +Adds an owner to an application. + +## Syntax + +```powershell +Add-EntraBetaApplicationOwner + -ApplicationId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. + +## Examples + +### Example 1: Add a user as an owner to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +Add-EntraBetaApplicationOwner -ApplicationId $application.Id -RefObjectId $user.Id +``` + +This example demonstrates how to add an owner to an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the ID of an application. +- `-RefObjectId` parameter specifies the ID of a user. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) + +[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationPolicy.md b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationPolicy.md new file mode 100644 index 0000000000..ec90a50f68 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaApplicationPolicy.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraBetaApplicationPolicy +description: This article provides details on the Add-EntraBetaApplicationPolicy command. + + +ms.topic: reference +ms.date: 07/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaApplicationPolicy + +schema: 2.0.0 +--- + +# Add-EntraBetaApplicationPolicy + +## Synopsis + +Adds an application policy. + +## Syntax + +```powershell +Add-EntraBetaApplicationPolicy + -Id + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaApplicationPolicy` cmdlet adds a Microsoft Entra ID application policy. Specify `Id` and `RefObjectId` parameters to add an application policy. + +## Examples + +### Example 1: Add an application policy + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + RefObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Add-EntraBetaApplicationPolicy @params +``` + +This example demonstrates how to add an application policy. + +## Parameters + +### -RefObjectId + +Specifies the ID of the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The ID of the application for which you need to set the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationPolicy](Get-EntraBetaApplicationPolicy.md) + +[Remove-EntraBetaApplicationPolicy](Remove-EntraBetaApplicationPolicy.md) diff --git a/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..36d9979080 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,163 @@ +--- +title: Add-EntraBetaServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Add-EntraBetaServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Add-EntraBetaServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Add a classification for a delegated permission. + +## Syntax + +```powershell +Add-EntraBetaServicePrincipalDelegatedPermissionClassification + -PermissionId + -Classification + -PermissionName + -ServicePrincipalId + [] +``` + +## Description + +The `Add-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet creates a delegated permission classification for the given permission on service principal. + +## Examples + +### Example 1: Create Delegated Permission Classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$PermissionId = $ServicePrincipal.PublishedPermissionScopes[0].Id +$PermissionName = $ServicePrincipal.PublishedPermissionScopes[0].Value + +$params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + PermissionId = $PermissionId + Classification = 'Low' + PermissionName = $PermissionName +} + +Add-EntraBetaServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +T2qU_E28O0GgkLLIYRPsTwE low fc946a4f-bc4d-413b-a090-b2c86113ec4f LicenseManager.AccessAsUser +``` + +This command creates a delegated permission classification for the given permission on the service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-PermissionId` parameter specifies the ID for a delegated permission. +- `-Classification` parameter specifies the classification for a delegated permission. +- `-PermissionName` parameter specifies the name for a delegated permission. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionId + +The ID for a delegated permission. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionName + +The name for a delegated permission. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Classification + +The classification for a delegated permission. +This parameter can take one of the following values: + +- Low: Specifies a classification for a permission as low impact. + +- Medium: Specifies a classification for a permission as medium impact. + +- High: Specifies a classification for a permission as high impact. + +```yaml +Type: ClassificationEnum +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Remove-EntraBetaServicePrincipalDelegatedPermissionClassification](Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md) + +[Get-EntraBetaServicePrincipalDelegatedPermissionClassification](Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..37dac535ee --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Add-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,105 @@ +--- +title: Add-EntraBetaServicePrincipalOwner +description: This article provides details on the Add-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaServicePrincipalOwner + +## Synopsis + +Adds an owner to a service principal. + +## Syntax + +```powershell +Add-EntraBetaServicePrincipalOwner + -ServicePrincipalId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Add a user as an owner to a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$owner = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +Add-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -RefObjectId $owner.Id +``` + +This example demonstrates how to add an owner to a service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-RefObjectId` parameter specifies the user object Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaUser](../Users/Get-EntraBetaUser.md) + +[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplication.md new file mode 100644 index 0000000000..9998639a45 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplication.md @@ -0,0 +1,275 @@ +--- +title: Get-EntraBetaApplication +description: This article provides details on the Get-EntraBetaApplication command. + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplication + +schema: 2.0.0 +--- + +# Get-EntraBetaApplication + +## Synopsis + +Gets an application. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaApplication + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraBetaApplication + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaApplication + -ApplicationId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplication` cmdlet gets a Microsoft Entra ID application. + +## Examples + +### Example 1: Get an application by ApplicationId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication -ApplicationId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +ToGraph_443democc3c aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This example demonstrates how to retrieve specific application by providing ID. + +### Example 2: Get all applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication -All +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +test app aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADandPersonalMicrosoftAccount contoso.com +ToGraph_443DEM cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +test adms eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADandPersonalMicrosoftAccount contoso.com +test adms app azure gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADandPersonalMicrosoftAccount contoso.com +test adms2 iiiiiiii-aaaa-bbbb-cccc-jjjjjjjjjjjj jjjjjjjj-bbbb-cccc-dddd-kkkkkkkkkkkk AzureADandPersonalMicrosoftAccount contoso.com +``` + +This example demonstrates how to get all applications from Microsoft Entra ID. + +### Example 3: Get applications with expiring secrets + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication | + Where-Object { + $_.PasswordCredentials.keyId -ne $null -and + $_.PasswordCredentials.EndDateTime -lt (Get-Date).AddDays(30) + } | + ForEach-Object { + $_.DisplayName, + $_.Id, + $_.PasswordCredentials + } +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + AppOne 8/19/2024 9:00:00 PM 1jQ aaaaaaaa-0b0b-1c1c-2d2d-333333333333 8/6/2024 6:07:47 PM +``` + +This example retrieves applications with expiring secrets within 30 days. + +### Example 4: Get an application by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication -Filter "DisplayName eq 'ToGraph_443DEMO'" +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +ToGraph_443DEMO cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +``` + +In this example, we retrieve application by its display name from Microsoft Entra ID. + +### Example 5: Search among retrieved applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication -SearchString 'My new application 2' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application 2 kkkkkkkk-cccc-dddd-eeee-llllllllllll llllllll-dddd-eeee-ffff-mmmmmmmmmmmm AzureADandPersonalMicrosoftAccount contoso.com +``` + +This example demonstrates how to retrieve applications for specific string from Microsoft Entra ID. + +### Example 6: Retrieve an application by identifierUris + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplication -Filter "identifierUris/any(uri:uri eq 'https://wingtips.wingtiptoysonline.com')" +``` + +This example demonstrates how to retrieve applications by its identifierUris from Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplication](New-EntraBetaApplication.md) + +[Remove-EntraBetaApplication](Remove-EntraBetaApplication.md) + +[Set-EntraBetaApplication](Set-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..7e91177f28 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaApplicationExtensionProperty +description: This article provides details on the Get-EntraBetaApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationExtensionProperty + +## Synopsis + +Gets application extension properties. + +## Syntax + +```powershell +Get-EntraBetaApplicationExtensionProperty + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. + +## Examples + +### Example 1: Get extension properties + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ------------- ---------------------- ---- ------------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} +``` + +This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraBetaApplication` to get application ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) + +[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..03df320ea1 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,87 @@ +--- +title: Get-EntraBetaApplicationKeyCredential +description: This article provides details on the Get-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationKeyCredential + +## Synopsis + +Gets the key credentials for an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationKeyCredential + -ObjectId + [] +``` + +## Description + +The `Get-EntraBetaApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. + +## Examples + +### Example 1: Get key credentials + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationKeyCredential -ObjectId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- +{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify +``` + +This command gets the key credentials for the specified application. +`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraBetaApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) + +[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationLogo.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationLogo.md new file mode 100644 index 0000000000..5386b8084e --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationLogo.md @@ -0,0 +1,137 @@ +--- +title: Get-EntraBetaApplicationLogo +description: This article provides details on the Get-EntraBetaApplicationLogo command. + + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationLogo + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationLogo + +## Synopsis + +Retrieve the logo of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationLogo + -ApplicationId + [-FileName ] + [-FilePath ] + [-View ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. + +## Examples + +### Example 1: Get an application logo for an application by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaApplicationLogo -ApplicationId $application.Id -FilePath 'D:\outfile1.jpg' +``` + +This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. + +## Parameters + +### -FileName + +If provided, the application logo is saved to the file using the specified file name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FilePath + +If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the application for which the logo is to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -View + +If set to $true, the application's logo is displayed in a new window on the screen. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +### System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationLogo](Set-EntraBetaApplicationLogo.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..4a78172069 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationOwner.md @@ -0,0 +1,211 @@ +--- +title: Get-EntraBetaApplicationOwner +description: This article provides details on the Get-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationOwner + +## Synopsis + +Gets the owner of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationOwner + -ApplicationId + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. + +## Examples + +### Example 1: Get the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaApplicationOwner -ApplicationId $application.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 2: Get the details about the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -SearchString '' +$applicationOwners = Get-EntraBetaApplicationOwner -ObjectId $application.ObjectId +$ownerDetails = $applicationOwners | ForEach-Object { + $ownerDetail = Get-EntraBetaObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + displayName = $ownerDetail.displayName + Id = $ownerDetail.Id + UserPrincipalName = $ownerDetail.UserPrincipalName + UserType = $ownerDetail.UserType + accountEnabled = $ownerDetail.accountEnabled + } +} +$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize +``` + +```Output +displayName Id UserPrincipalName UserType accountEnabled +----------- -- ----------------- -------- -------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True +Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. + +### Example 3: Get all owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaApplicationOwner -ApplicationId $application.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 4: Get top two owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaApplicationOwner -ApplicationId $application.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) + +[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..4aa96cde6c --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaApplicationPasswordCredential +description: This article provides details on the Get-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationPasswordCredential +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationPasswordCredential + +## Synopsis + +Gets the password credential for an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationPasswordCredential + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. + +## Examples + +### Example 1: Get password credential for specified application + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 +``` + +This example shows how to retrieve the password credential for specified application. + +- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ApplicationId + +The objectID of the application for which to get the password credential. Use `Get-EntraBetaApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationPasswordCredential](New-EntraBetaApplicationPasswordCredential.md) + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPolicy.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPolicy.md new file mode 100644 index 0000000000..5f31de13f3 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationPolicy.md @@ -0,0 +1,89 @@ +--- +title: Get-EntraBetaApplicationPolicy +description: This article provides details on the Get-EntraBetaApplicationPolicy command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationPolicy + +## Synopsis + +Gets an application policy. + +## Syntax + +```powershell +Get-EntraBetaApplicationPolicy + -Id + [] +``` + +## Description + +The `Get-EntraBetaApplicationPolicy` cmdlet gets a Microsoft Entra ID application policy. + +## Examples + +### Example 1: Get an application policy + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Get-EntraBetaApplicationPolicy -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} NewUpdated aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command gets the specified application policy. + +- `-Id` Parameter Specifies the ID of the application for which you need to retrieve the policy. + +## Parameters + +### -Id + +The ID of the application for which you need to retrieve the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationPolicy](Add-EntraBetaApplicationPolicy.md) + +[Remove-EntraBetaApplicationPolicy](Remove-EntraBetaApplicationPolicy.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplication.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplication.md new file mode 100644 index 0000000000..f8cacf7c0c --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplication.md @@ -0,0 +1,113 @@ +--- +title: Get-EntraBetaApplicationProxyApplication +description: This article provides details on the Get-EntraBetaApplicationProxyApplication. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyApplication + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyApplication + +## Synopsis + +Retrieves an application configured for Application Proxy in Microsoft Entra ID. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyApplication + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyApplication` cmdlet retrieves an application configured for Application Proxy in Microsoft Entra ID. Specify `ApplicationId` parameter to retrieve application configured for application proxy. + +## Examples + +### Example 1: Retrieves an application configured for Application Proxy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso App Proxy'" +Get-EntraBetaApplicationProxyApplication -ApplicationId $application.Id +``` + +```Output +AlternateUrl ApplicationServerTimeout ApplicationType ExternalAuthenticationType ExternalUrl +------------ ------------------------ --------------- -------------------------- ----------- + Long enterpriseapp aadPreAuthentication +https://testp-m365x99297270.msapppr... +``` + +This example retrieves an application configured for Application Proxy. + +- `ApplicationId` parameter specifies the application ID. + +## Parameters + +### -ApplicationId + +The ApplicationId is a unique identifier for the application. You can find it using the `Get-EntraBetaApplication` command in PowerShell, or in the Microsoft Entra admin portal by navigating to **Entra ID** > **Enterprise Applications** > **All Applications**, selecting your application, and viewing the **Properties** tab. Use the `ObjectId` value. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyApplication](New-EntraBetaApplicationProxyApplication.md) + +[Set-EntraBetaApplicationProxyApplication](Set-EntraBetaApplicationProxyApplication.md) + +[Remove-EntraBetaApplicationProxyApplication](Remove-EntraBetaApplicationProxyApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md new file mode 100644 index 0000000000..e7a86dc1ee --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md @@ -0,0 +1,96 @@ +--- +title: Get-EntraBetaApplicationProxyApplicationConnectorGroup +description: This article provides details on the Get-EntraBetaApplicationProxyApplicationConnectorGroup. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyApplicationConnectorGroup + +## Synopsis + +The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for a specific application. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyApplicationConnectorGroup + -ObjectId + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for the specified application. +The application must be configured for Application Proxy in Microsoft Entra ID. + +## Examples + +### Example 1: retrieves the connector group assigned for the specified application + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso App Proxy'" +Get-EntraBetaApplicationProxyApplicationConnectorGroup -ObjectId $application.Id +``` + +```Output +Id Name ConnectorGroupType IsDefault +-- ---- ------------------ --------- +bbbbbbbb-1111-2222-3333-cccccccccccc test-group applicationProxy False +``` + +This example retrieves the connector group assigned for the specified application. + +- `ObjectId` parameter specifies the application ID. + +## Parameters + +### -ObjectId + +ObjectId is the ID of the application. +This ObjectId can be found using the `Get-EntraBetaApplication` command. +You can also find this ObjectId in the Microsoft Portal by navigating to Microsoft Entra ID, Enterprise Applications, All Applications, Select your application, go to the properties tab, and use the ObjectId on that page. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationProxyApplicationConnectorGroup](Set-EntraBetaApplicationProxyApplicationConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyApplicationConnectorGroup](Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnector.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnector.md new file mode 100644 index 0000000000..4169cb13b0 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnector.md @@ -0,0 +1,243 @@ +--- +title: Get-EntraBetaApplicationProxyConnector +description: This article provides details on the Get-EntraBetaApplicationProxyConnector command. + + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyConnector + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyConnector + +## Synopsis + +The `Get-EntraBetaApplicationProxyConnector` cmdlet a list of all connectors, or if specified, details of a specific connector. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaApplicationProxyConnector + [-All] + [-Top ] + [-Filter ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaApplicationProxyConnector + [-SearchString ] + [-All] + [] +``` + +### GetById + +```powershell +Get-EntraBetaApplicationProxyConnector + -OnPremisesPublishingProfileId + [-All] + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyConnector` cmdlet retrieves the details for a given connector. +If no connectorId is specified, it retrieves all the connectors assigned to the tenant. + +## Examples + +### Example 1: Retrieve all connectors + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnector +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command Retrieve all connectors. + +### Example 2: Retrieve information for a specific connector + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnector -OnPremisesPublishingProfileId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to Retrieve information for a specific connector. + +- `OnPremisesPublishingProfileId` parameter specifies the connector ID. + +### Example 3: Retrieve information for a top one connector + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnector -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to Retrieve information for a top one connector. + +### Example 4: Retrieve information with SearchString parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnector -SearchString 'Entra PowerShell AppProxy Connector' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to Retrieve information using SearchString. + +### Example 5: Retrieve information using machineName property + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnector -Filter "machineName eq 'AppProxy Machine'" +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to Retrieve information using machineName property. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. +Details on querying with oData can be found here: + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OnPremisesPublishingProfileId + +The ID of the specific connector. +You can find this ID by running the command without this parameter to get the desired ID, or by going into the portal and viewing connector details. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Set-EntraBetaApplicationProxyConnector](Set-EntraBetaApplicationProxyConnector.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.md new file mode 100644 index 0000000000..526b8c6de8 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroup.md @@ -0,0 +1,248 @@ +--- +title: Get-EntraBetaApplicationProxyConnectorGroup +description: This article provides details on the Get-EntraBetaApplicationProxyConnectorGroup. + + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyConnectorGroup + +## Synopsis + +The `Get-EntraBetaApplicationProxyConnectorGroup` cmdlet retrieves a list of all connector groups, or if specified, details of a specific connector group. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaApplicationProxyConnectorGroup + [-All] + [-Top ] + [-Filter ] + [] +``` + +### GetByValue + +```powershell +Get-EntraBetaApplicationProxyConnectorGroup + [-SearchString ] + [-All] + [] +``` + +### GetById + +```powershell +Get-EntraBetaApplicationProxyConnectorGroup + -Id + [-All] + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyConnectorGroup` cmdlet retrieves a list of all connector groups, or if specified, details of the specified connector group. + +## Examples + +### Example 1: Retrieve all connector groups + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroup +``` + +```Output +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +bbbbbbbb-1111-2222-3333-cccccccccccc applicationProxy False Test eur +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb applicationProxy True Default eur +``` + +This example retrieves all connector groups. + +### Example 2: Retrieve a specific connector group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroup -Id 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Name Value +---- ----- +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +bbbbbbbb-1111-2222-3333-cccccccccccc applicationProxy False Test eur +``` + +This example retrieves a specific connector group. + +- `Id` parameter specifies the connector group ID. + +### Example 3: Retrieve Top one connector groups + +```powershell +Get-EntraBetaApplicationProxyConnectorGroup -Top 1 +``` + +```Output +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +bbbbbbbb-1111-2222-3333-cccccccccccc applicationProxy False Test eur +``` + +This example retrieves top one connector groups. + +### Example 4: Retrieve a connector groups with filter parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroup -Filter "name eq 'Default'" +``` + +```Output +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb applicationProxy True Default eur +``` + +This example retrieves a connector groups with filter parameter. + +### Example 5: Retrieve a connector groups with String parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroup -SearchString 'Test' +``` + +```Output +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +bbbbbbbb-1111-2222-3333-cccccccccccc applicationProxy False Test eur +``` + +This example retrieves a connector groups with String parameter. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. +Details on querying with oData can be found here: + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The ID of the specific connector group. +You can find this ID by running the command without this parameter to get the desired ID, or by going into the portal and viewing connector group details. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies the search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyConnectorGroup](New-EntraBetaApplicationProxyConnectorGroup.md) + +[Set-EntraBetaApplicationProxyConnectorGroup](Set-EntraBetaApplicationProxyConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyConnectorGroup](Remove-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.md new file mode 100644 index 0000000000..7e4fc54e1e --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorGroupMembers.md @@ -0,0 +1,178 @@ +--- +title: Get-EntraBetaApplicationProxyConnectorGroupMembers +description: This article provides details on the Get-EntraBetaApplicationProxyConnectorGroupMembers. + + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroupMembers + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyConnectorGroupMembers + +## Synopsis + +The `Get-EntraBetaApplicationProxyConnectorGroupMembers` get all the Application Proxy connectors associated with the given connector group. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyConnectorGroupMembers + -OnPremisesPublishingProfileId + [-All] + [-Top ] + [-Filter ] +``` + +## Description + +The `Get-EntraBetaApplicationProxyConnectorGroupMembers` get all the Application Proxy connectors associated with the given connector group. + +## Examples + +### Example 1: Gets all the connectors in the group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroupMembers -OnPremisesPublishingProfileId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id ExternalIP MachineName Status Version +-- ---------- ----------- ------ ------- +bbbbbbbb-1111-2222-3333-cccccccccccc 106.195.6.123 AppProxy Machine active 1.5.3437.0 + +``` + +This example retrieves all the connectors in the group. + +- `OnPremisesPublishingProfileId` parameter specifies the connector group ID. + +### Example 2: Gets top one connector in the group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorGroupMembers -OnPremisesPublishingProfileId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Top 1 +``` + +```Output +Id ExternalIP MachineName Status Version +-- ---------- ----------- ------ ------- +bbbbbbbb-1111-2222-3333-cccccccccccc 106.195.6.123 AppProxy Machine active 1.5.3437.0 +``` + +This example retrieves top one connector in the group. + +- `OnPremisesPublishingProfileId` parameter specifies the connector group ID. + +### Example 3: Gets the connectors in the group with filter parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + OnPremisesPublishingProfileId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Filter = "machineName eq 'AppProxy Machine'" +} +Get-EntraBetaApplicationProxyConnectorGroupMembers @params +``` + +```Output +Id ExternalIP MachineName Status Version +-- ---------- ----------- ------ ------- +bbbbbbbb-1111-2222-3333-cccccccccccc 106.195.6.123 AppProxy Machine active 1.5.3437.0 + +``` + +This example retrieves a connector in the group using machineName property. + +- `OnPremisesPublishingProfileId` parameter specifies the connector group ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. This parameter controls which objects are returned. Details on querying with oData can be found here: + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OnPremisesPublishingProfileId + +The ID of the Connector group. This ID can be found by running the `Get-EntraBetaApplicationProxyConnectorGroup` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +## Inputs + +### System.String + +System. Nullable`1[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] +System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.md new file mode 100644 index 0000000000..14203aabb8 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationProxyConnectorMemberOf.md @@ -0,0 +1,92 @@ +--- +title: Get-EntraBetaApplicationProxyConnectorMemberOf +description: This article provides details on the Get-EntraBetaApplicationProxyConnectorMemberOf command. + + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationProxyConnectorMemberOf + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyConnectorMemberOf + +## Synopsis + +The `Get-EntraBetaApplicationProxyConnectorMemberOf` command gets the ConnectorGroup that the specified Connector is a member of. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyConnectorMemberOf + -OnPremisesPublishingProfileId + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyConnectorMemberOf` command gets the ConnectorGroup that the specified Connector is a member of. +If no group is assigned to the connector, by default it is in 'Default.' + +## Examples + +### Example 1: Gets ConnectorGroup With Specified Connector ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyConnectorMemberOf -OnPremisesPublishingProfileId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id ConnectorGroupType IsDefault Name Region +-- ------------------ --------- ---- ------ +bbbbbbbb-1111-2222-3333-cccccccccccc applicationProxy False Backup Application Servers +``` + +This example retrieves the ConnectorGroup With Specified Connector ID. + +- `-OnPremisesPublishingProfileId` parameter specifies the connector ID. + +## Parameters + +### -OnPremisesPublishingProfileId + +The ID of the connector. You can find ID by running `Get-EntraBetaApplicationProxyConnector`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaApplicationProxyConnector](Get-EntraBetaApplicationProxyConnector.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationServiceEndpoint.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationServiceEndpoint.md new file mode 100644 index 0000000000..848972a25a --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationServiceEndpoint.md @@ -0,0 +1,165 @@ +--- +title: Get-EntraBetaApplicationServiceEndpoint +description: This article provides details on the Get-EntraBetaApplicationServiceEndpoint command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationServiceEndpoint + +## Synopsis + +Retrieve the service endpoint of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationServiceEndpoint + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. + +The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. + +Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. + +## Examples + +### Example 1: Retrieve the application service endpoint by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id +``` + +This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 2: Get all service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -All +``` + +This example demonstrates how to retrieve all service endpoints of a specified application. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 3: Get top five service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -Top 5 +``` + +This example demonstrates how to retrieve five service endpoints of a specified application. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -All + +Return all service endpoints. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the object ID of the application for which the service endpoint is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of results that are returned. +The default is 100. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationTemplate.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationTemplate.md new file mode 100644 index 0000000000..ce818ece77 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaApplicationTemplate.md @@ -0,0 +1,124 @@ +--- +title: Get-EntraBetaApplicationTemplate +description: This article provides details on the Get-EntraBetaApplicationTemplate command. + + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationTemplate + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationTemplate + +## Synopsis + +Retrieve a list of applicationTemplate objects. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaApplicationTemplate + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaApplicationTemplate + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. + +## Examples + +### Example 1. Gets a list of application template objects + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplicationTemplate +``` + +This command gets all the application template objects + +### Example 2. Gets an application template object + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$applicationTemplate = Get-EntraBetaApplicationTemplate -Filter "DisplayName eq 'Dynamics CRM Online'" +Get-EntraBetaApplicationTemplate -Id $applicationTemplate.Id +``` + +```Output +Id Categories Description +-- ---------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses +``` + +This command gets an application template object for the given id. + +- `-Id` Specifies the unique identifier of an application template. + +## Parameters + +### -Id + +The unique identifier of an application template. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplate + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaDeletedApplication.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaDeletedApplication.md new file mode 100644 index 0000000000..79be9b55ed --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaDeletedApplication.md @@ -0,0 +1,257 @@ +--- +title: Get-EntraBetaDeletedApplication +description: This article provides details on the Get-EntraBetaDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDeletedApplication + +schema: 2.0.0 +--- + +# Get-EntraBetaDeletedApplication + +## Synopsis + +Retrieves the list of previously deleted applications. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDeletedApplication + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaDeletedApplication + [-SearchString ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDeletedApplication` cmdlet Retrieves the list of previously deleted applications. + +Note: Deleted security groups are permanently removed and cannot be retrieved. + +## Examples + +### Example 1: Get list of deleted applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +TestApp3 eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADMyOrg contoso.com +TestApp4 gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADMyOrg contoso.com +``` + +This cmdlet retrieves the list of deleted applications. + +### Example 2: Get list of deleted applications using All parameter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication -All +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +TestApp3 eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADMyOrg contoso.com +TestApp4 gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADMyOrg contoso.com +``` + +This cmdlet retrieves the list of deleted applications using All parameter. + +### Example 3: Get top two deleted applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +``` + +This cmdlet retrieves top two deleted applications. + +### Example 4: Get deleted applications using SearchString parameter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication -SearchString 'TestApp1' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This cmdlet retrieves deleted applications using SearchString parameter. + +### Example 5: Get deleted applications filter by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication -Filter "DisplayName eq 'TestApp1'" +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This cmdlet retrieves deleted applications having specified display name. + +### Example 6: Get deleted applications with deletion age in days + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaDeletedApplication | + Select-Object DisplayName, Id, AppId, SignInAudience, PublisherDomain, DeletedDateTime, + @{Name='DeletionAgeInDays'; Expression={(Get-Date) - $_.DeletedDateTime | Select-Object -ExpandProperty Days}} | + Format-Table -AutoSize +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain DeletedDateTime DeletionAgeInDays +----------- -- ----- -------------- --------------- --------------- ----------------- +Entra PowerShell App aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com 9/18/2024 7:41:44 AM 1 +``` + +This cmdlet retrieves deleted applications with deletion age in days. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Retrieve only those deleted applications that satisfy the filter. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Retrieve only those applications that satisfy the -SearchString value. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of applications returned by this cmdlet. +The default value is 100. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.md new file mode 100644 index 0000000000..8ed4d84d76 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.md @@ -0,0 +1,117 @@ +--- +title: Get-EntraBetaPasswordSingleSignOnCredential +description: This article provides details on the Get-EntraBetaPasswordSingleSignOnCredential command. + +ms.topic: reference +ms.date: 07/09/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPasswordSingleSignOnCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaPasswordSingleSignOnCredential + +## Synopsis + +Gets the password Single-Sign-On (SSO) credentials. + +## Syntax + +```powershell +Get-EntraBetaPasswordSingleSignOnCredential + -ObjectId + -PasswordSSOObjectId + [] +``` + +## Description + +This cmdlet enables users to read their Password Single-Sign-On credentials for an application that they're part of. Specify `ObjectId` and `PasswordSSOCredential` parameters for retrieve SSO credentials. +Admin could read the group credentials as well. +Note that the password field is hidden for security purpose. + +## Examples + +### Example 1: Get password single-sign-on credentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$servicePrincipal = Get-EntraBetaservicePrincipal -SearchString '' +$params = @{ + ObjectId = $servicePrincipal.Id + PasswordSSOObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Get-EntraBetaPasswordSingleSignOnCredential @params +``` + +```Output +Id +-- +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example returns a password SSO credential for the given ObjectId and PasswordSSOObjectId. + +- `PasswordSSOObjectId` parameter specifies the ID of the user or group this credential set belongs to. +- `ObjectId` parameter specifies the ID of a service principal. You can use `Get-EntraBetaservicePrincipal` cmdlet to get service principal object ID. + +## Parameters + +### -ObjectId + +The unique identifier of the object specific Microsoft Entra ID object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordSSOObjectId + +The ID of the user or group this credential set belongs to. + +```yaml +Type: System.PasswordSSOObjectId +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.PasswordSSOCredentials + +## Notes + +## Related Links + +[New-EntraBetaPasswordSingleSignOnCredential](New-EntraBetaPasswordSingleSignOnCredential.md) + +[Set-EntraBetaPasswordSingleSignOnCredential](Set-EntraBetaPasswordSingleSignOnCredential.md) + +[Remove-EntraBetaPasswordSingleSignOnCredential](Remove-EntraBetaPasswordSingleSignOnCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..c3c505d109 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipal.md @@ -0,0 +1,370 @@ +--- +title: Get-EntraBetaServicePrincipal +description: This article provides details on the Get-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipal + +## Synopsis + +Gets a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaServicePrincipal + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaServicePrincipal + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaServicePrincipal + -ServicePrincipalId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 2: Retrieve a service principal by ServicePrincipalId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This command retrieves specific service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve all service principals from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -All +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 4: Retrieve top two service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +``` + +This command retrieves top two service principals from the directory. + +### Example 5: Get a service principal by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a service principal by its display name. + +### Example 6: Retrieve a list of all service principal, which has a display name that contains "Helpdesk Application" + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -SearchString 'Helpdesk Application' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a list of service principal, which has the specified display name. + +### Example 7: Retrieve all Enterprise apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all enterprise apps. + +### Example 8: Retrieve all App proxy apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all app proxy apps. + +### Example 9: Retrieve all disabled apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "accountEnabled eq false" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all disabled apps. + +### Example 10: Retrieve all Global Secure Access apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all Global secure access apps. + +### Example 11: List all applications without user assignment + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all applications without user assignment. + +### Example 12: List all SAML application details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" +$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize +``` + +```Output +Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses +-- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- +00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} +``` + +This example demonstrates how to retrieve all SAML application details. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md new file mode 100644 index 0000000000..ee34964de9 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md @@ -0,0 +1,204 @@ +--- +title: Get-EntraBetaServicePrincipalAppRoleAssignedTo +description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignedTo command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalAppRoleAssignedTo + +## Synopsis + +Gets app role assignments for this app or service, granted to users, groups, and other service principals. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalAppRoleAssignedTo + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups, and other service principals. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Get app role assignment by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Helpdesk Application aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Helpdesk Application +``` + +This example shows how to get app role assignments for an app or service, granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Get all app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb +``` + +This command gets the all app role assignments for the service principal granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Get five app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -Top 5 +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb +``` + +This command gets the five app role assignments for the service principal granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +`Get-EntraBetaServiceAppRoleAssignedTo` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignedTo`. + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..a10107c653 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,198 @@ +--- +title: Get-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Gets a service principal application role assignment. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalAppRoleAssignment + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets application role assignments for specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +### Example 2: Retrieve all application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User3 ProvisioningPowerBi 021510b7-e753-40… +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User4 ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets all application role assignments for specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +### Example 3: Retrieve the top three application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -Top 3 +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets top three application role assignments for specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraBetaServiceAppRoleAssignment` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) + +[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.md new file mode 100644 index 0000000000..df4fd65c93 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalCreatedObject.md @@ -0,0 +1,157 @@ +--- +title: Get-EntraBetaServicePrincipalCreatedObject +description: This article provides details on the Get-EntraBetaServicePrincipalCreatedObject command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalCreatedObject + +## Synopsis + +Get objects created by a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalCreatedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the objects that created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id +``` + +This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve the all objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -All +``` + +This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve the top two objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -Top 2 +``` + +This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..2f16da7c88 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraBetaServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Get-EntraBetaServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Retrieve the delegated permission classification objects on a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. + +## Examples + +### Example 1: Get a list of delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile +``` + +This command retrieves all delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. + +### Example 2: Get a delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$permissionClassification = Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" +Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +### Example 3: Get a delegated permission classification with filter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the filtered delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) + +[Remove-EntraBetaServicePrincipalDelegatedPermissionClassification](Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..67a4b3d852 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalKeyCredential.md @@ -0,0 +1,88 @@ +--- +title: Get-EntraBetaServicePrincipalKeyCredential +description: This article provides details on the Get-EntraBetaServicePrincipalKeyCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalKeyCredential + +## Synopsis + +Get key credentials for a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalKeyCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the key credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- + 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign +``` + +This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal object Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the application for which to get the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalMembership.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalMembership.md new file mode 100644 index 0000000000..8bb9364878 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalMembership.md @@ -0,0 +1,179 @@ +--- +title: Get-EntraBetaServicePrincipalMembership +description: This article provides details on the Get-EntraBetaServicePrincipalMembership command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalMembership + +## Synopsis + +Get a service principal membership. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalMembership + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +``` + +This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve all memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 +33334444-dddd-5555-eeee-6666ffff7777 +``` + +This command gets all memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve top two memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 + +``` + +This command gets top two memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md new file mode 100644 index 0000000000..7e075a40f7 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md @@ -0,0 +1,178 @@ +--- +title: Get-EntraBetaServicePrincipalOAuth2PermissionGrant +description: This article provides details on the Get-EntraBetaServicePrincipalOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOAuth2PermissionGrant + +## Synopsis + +Gets an OAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOAuth2PermissionGrant + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOAuth2PermissionGrant` cmdlet gets an OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This cmdlet retrieves a OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 2: Get all OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get all OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 3: Get two OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -Top 2 +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get top two OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.md new file mode 100644 index 0000000000..b5b4b2adc3 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwnedObject.md @@ -0,0 +1,175 @@ +--- +title: Get-EntraBetaServicePrincipalOwnedObject +description: This article provides details on the Get-EntraBetaServicePrincipalOwnedObject command. + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOwnedObject + +## Synopsis + +Gets an object owned by a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOwnedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The command retrieves the owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 2: Retrieve the all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 3: Retrieve top one owned object of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..8fdaf71bdb --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,180 @@ +--- +title: Get-EntraBetaServicePrincipalOwner +description: This article provides details on the Get-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOwner + +## Synopsis + +Get the owner of a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOwner + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owner of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This example gets the owners of a specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 2: Retrieve all the owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -All | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This command gets all the owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 3: Retrieve top two owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -Top 2 | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This command gets top two owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..ccf3588d60 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Get-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,92 @@ +--- +title: Get-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the Get-EntraBetaServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Get credentials for a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the password credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 + 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 + 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 +``` + +This example retrieves the password credentials for specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the service principal for which to get password credentials. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) + +[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplication.md new file mode 100644 index 0000000000..9d268358cb --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplication.md @@ -0,0 +1,565 @@ +--- +title: New-EntraBetaApplication +description: This article provides details on the New-EntraBetaApplication command. + + +ms.topic: reference +ms.date: 06/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplication + +schema: 2.0.0 +--- + +# New-EntraBetaApplication + +## Synopsis + +Creates (registers) a new application object. + +## Syntax + +```powershell +New-EntraBetaApplication + -DisplayName + [-Api ] + [-OptionalClaims ] + [-PreAuthorizedApplications ] + [-Web ] + [-IsFallbackPublicClient ] + [-RequiredResourceAccess ] + [-PublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-OrgRestrictions ] + [-KeyCredentials ] + [-TokenEncryptionKeyId ] + [-IdentifierUris ] + [-ParentalControlSettings ] + [-GroupMembershipClaims ] + [-AddIns ] + [-Tags ] + [-AppRoles ] + [-PasswordCredentials ] + [-SignInAudience ] + [-InformationalUrl ] + [] +``` + +## Description + +Creates (registers) a new application object. Specify the `DisplayName` parameter to create a new application. + +## Examples + +### Example 1: Create an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +New-EntraBetaApplication -DisplayName 'My new application' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg domain.mail.contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 2: Create an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +New-EntraBetaApplication -DisplayName 'My new application' -IdentifierUris 'https://mynewapp.contoso.com' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg domain.mail.contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 3: Create an application using Api parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$api = @{ RequestedAccessTokenVersion = 2 } +New-EntraBetaApplication -DisplayName 'My new application' -Api $api +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg domain.mail.contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 4: Create an application using AppRoles parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$types = @() +$types += 'User' +$approle = New-Object Microsoft.Open.MSGraph.Model.AppRole +$approle.AllowedMemberTypes = $types +$approle.Description = 'msiam_access' +$approle.DisplayName = 'msiam_access' +$approle.Id = '643985ce-3eaf-4a67-9550-ecca25cb6814' +$approle.Value = 'Application' +$approle.IsEnabled = $true +New-EntraBetaApplication -DisplayName 'My new application' -AppRoles $approle +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg domain.mail.contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 5: Create an application using OptionalClaims parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$optionalClaims = @{ IdToken = [PSCustomObject]@{ Name = "claimName"; Source = "claimSource" } } +New-EntraBetaApplication -DisplayName 'My new application' -OptionalClaims $optionalClaims +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg domain.mail.contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +## Parameters + +### -AddIns + +Defines custom behavior that a consuming service can use to call an app in specific contexts. + +For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. + +This will let services like Office 365 call the application in the context of a document the user is working on. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +User-defined URI(s) that uniquely identify a Web application within its Microsoft Entra ID tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant. + +The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Microsoft Entra ID PowerShell cmdlet parameter). + +Extra URIs can be added via the application manifest; see Understanding the Microsoft Entra ID Application Manifest for details. +This collection is also used to populate the Web application's servicePrincipalNames collection. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is false that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgRestrictions + +Reserved for future use. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreAuthorizedApplications + +Lists applications and requested permissions for implicit consent. +Requires an admin to have provided consent to the application. + +preAuthorizedApplications don't require the user to consent to the requested permissions. +Permissions listed in preAuthorizedApplications don't require user consent. + +However, any additional requested permissions not listed in preAuthorizedApplications require user consent. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). +Default is false. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System.Nullable`one[System.Boolean] + +## Outputs + +### Microsoft.Open.MSGraph.Model.MsApplication + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Remove-EntraBetaApplication](Remove-EntraBetaApplication.md) + +[Set-EntraBetaApplication](Set-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..df3cbd07f9 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,198 @@ +--- +title: New-EntraBetaApplicationExtensionProperty +description: This article provides details on the New-EntraBetaApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationExtensionProperty + +## Synopsis + +Creates an application extension property. + +## Syntax + +```powershell +New-EntraBetaApplicationExtensionProperty + -ApplicationId + [-DataType ] + -Name + [-TargetObjects ] + [] +``` + +## Description + +The `New-EntraBetaApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Create an extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute' +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the string type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. + +### Example 2: Create an extension property with data type parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute1' -DataType 'Boolean' +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the specified data type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-DataType` parameter specifies the data type of the value the extension property can hold. + +### Example 3: Create an extension property with targets parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$targets = New-Object System.Collections.Generic.List[System.String] +$targets.Add('User') +New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute2' -TargetObjects $targets +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} +``` + +The example shows how to create an application extension property with the specified target objects for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. + +## Parameters + +### -DataType + +Specifies the data type of the value the extension property can hold. Following values are supported. + +- Binary - 256 bytes maximum +- Boolean +- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. +- Integer - 32-bit value. +- LargeInteger - 64-bit value. +- String - 256 characters maximum + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Specifies the name of the extension property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjects + +Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. + +- User +- Group +- AdministrativeUnit +- Application +- Device +- Organization + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) + +[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.md new file mode 100644 index 0000000000..e3b0be935b --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationFromApplicationTemplate.md @@ -0,0 +1,86 @@ +--- +title: New-EntraBetaApplicationFromApplicationTemplate +description: This article provides details on the New-EntraBetaApplicationFromApplicationTemplate command. + + +ms.service: entra +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationFromApplicationTemplate + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationFromApplicationTemplate + +## Synopsis +Instantiates an application. + +## Syntax + +``` +New-EntraBetaApplicationFromApplicationTemplate -Id -DisplayName + [] +``` + +## Description +This cmdlet allows users to create application from application template + +## Examples + +### 1. Creates an application from application template +``` +PS C:\> $instantiated_app = New-EntraBetaApplicationTemplate -Id e8b7b394-057d-4203-a93a-1879c28ece38 -DisplayName bugzilla-copy1 +``` + +This command instantiates a new application based on application template referenced by the id. + +## Parameters + +### -Id +The unique identifier of an object in Azure Active Directory + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName +Application template display name + +```yaml +Type: ApplicationTemplateDisplayName +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplateCopy +## Notes +## Related Links diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKey.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKey.md new file mode 100644 index 0000000000..49d0842d13 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKey.md @@ -0,0 +1,153 @@ +--- +title: New-EntraBetaApplicationKey +description: This article provides details on the New-EntraBetaApplicationKey command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationKey + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationKey + +## Synopsis + +Adds a new key to an application. + +## Syntax + +```powershell +New-EntraBetaApplicationKey + -ObjectId + -KeyCredential + -Proof + [-PasswordCredential ] + [] +``` + +## Description + +Adds a new key to an application. + +## Examples + +### Example 1: Add a key credential to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $app.Id + KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } + PasswordCredential = @{ DisplayName = 'mypassword' } + Proof = '{token}' +} + +New-EntraBetaApplicationKey @params +``` + +This command adds a key credential to an specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyCredential` parameter specifies the application key credential to add. +- `-PasswordCredential` parameter specifies the application password credential to add. +- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. + +## Parameters + +### -KeyCredential + +The application key credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: KeyCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +The application password credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +A signed JWT token used as a proof of possession of the existing keys. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.KeyCredential + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationKey](Remove-EntraBetaApplicationKey.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..8f6b2858e3 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,254 @@ +--- +title: New-EntraBetaApplicationKeyCredential +description: This article provides details on the New-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationKeyCredential + +## Synopsis + +Creates a key credential for an application. + +## Syntax + +```powershell +New-EntraBetaApplicationKeyCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-Type ] + [-Usage ] + [-Value ] + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraBetaApplicationKeyCredential` cmdlet creates a key credential for an application. + +An application can use this command along with `Remove-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. + +As part of the request validation, proof of possession of an existing key is verified before the action can be performed. + +## Examples + +### Example 1: Create a new application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$params = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = 'EntraPowerShellKey' + StartDate = '2024-03-21T14:14:14Z' + Type = 'Symmetric' + Usage = 'Sign' + Value = '' +} +New-EntraBetaApplicationKeyCredential @params +``` + +```Output +CustomKeyIdentifier : {84, 101, 115, 116} +EndDate : 2024-03-21T14:14:14Z +KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +StartDate : 2025-03-21T14:14:14Z +Type : Symmetric +Usage : Sign +Value : {49, 50, 51} +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +You can use the `Get-EntraBetaApplication` cmdlet to retrieve the application Object ID. + +### Example 2: Use a certificate to add an application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object +$cer.Import('C:\Users\ContosoUser\appcert.cer') +$bin = $cer.GetRawCertData() +$base64Value = [System.Convert]::ToBase64String($bin) +$bin = $cer.GetCertHash() +$base64Thumbprint = [System.Convert]::ToBase64String($bin) +$keyid = [System.Guid]::NewGuid().ToString() + +$params = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = $base64Thumbprint + Type = 'AsymmetricX509Cert' + Usage = 'Verify' + Value = $base64Value + StartDate = $cer.GetEffectiveDateString() + EndDate = $cer.GetExpirationDateString() +} +New-EntraBetaApplicationKeyCredential @params +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +## Parameters + +### -CustomKeyIdentifier + +Specifies a custom key ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +Specifies the time when the key becomes invalid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +Specifies the time when the key becomes valid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of the key. + +```yaml +Type: KeyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Usage + +Specifies the key usage. + +- `AsymmetricX509Cert`: The usage must be `Verify`. +- `X509CertAndPassword`: The usage must be `Sign`. + +```yaml +Type: KeyUsage +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Value + +Specifies the value for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) + +[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPassword.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPassword.md new file mode 100644 index 0000000000..f04fc91310 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPassword.md @@ -0,0 +1,115 @@ +--- +title: New-EntraBetaApplicationPassword +description: This article provides details on the New-EntraBetaApplicationPassword command. + +ms.topic: reference +ms.date: 08/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationPassword + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationPassword + +## Synopsis + +Adds a strong password to an application. + +## Syntax + +```powershell +New-EntraBetaApplicationPassword + -ObjectId + -PasswordCredential + [] +``` + +## Description + +Adds a strong password to an application. + +## Examples + +### Example 1: Add a password to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$passwordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential +$passwordCredential.StartDateTime = Get-Date -Year 2024 -Month 10 -Day 23 +$passwordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 +$passwordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('ERP App Password') +$passwordCredential.Hint = 'erpapppassword' +$passwordCredential.DisplayName = 'ERP App Password' +New-EntraBetaApplicationPassword -ObjectId $application.Id -PasswordCredential $passwordCredential +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM +``` + +This example adds a password to the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +Represents a password credential associated with an application or a service principal. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationPassword](Remove-EntraBetaApplicationPassword.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..e19d0c32e9 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,198 @@ +--- +title: New-EntraBetaApplicationPasswordCredential +description: This article provides details on the New-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationPasswordCredential + +## Synopsis + +Creates a password credential for an application. + +## Syntax + +```powershell +New-EntraBetaApplicationPasswordCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-StartDate ] + [-EndDate ] + [] +``` + +## Description + +The `New-EntraBetaApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. + +### Example 2: Create a password credential using CustomKeyIdentifier parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDat + eTime +------------------- ----------- ----------- ---- ----- ---------- -------- +100 101 109 111 80 97 115 115 119 111 114 100 demoPassword 6/10/2026 7:43:45 AM 9tb tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_EaU6cqG 6/10/... +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-CustomKeyIdentifier` Speicifies unique binary identifier. + +### Example 3: Create a password credential using StartDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$startDate = (Get-Date).AddYears(0) +New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -StartDate $startDate +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-StartDate` Speicifies the date and time at which the password becomes valid. + +### Example 4: Create a password credential using EndDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$endDate = (Get-Date).AddYears(2) +New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -EndDate $endDate +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-EndDate` Speicifies The date and time at which the password expires. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -CustomKeyIdentifier + +A unique binary identifier. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +The date and time at which the password expires. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyApplication.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyApplication.md new file mode 100644 index 0000000000..9e8599b9b5 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyApplication.md @@ -0,0 +1,388 @@ +--- +title: New-EntraBetaApplicationProxyApplication +description: This article provides details on the New-EntraBetaApplicationProxyApplication command. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationProxyApplication + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationProxyApplication + +## Synopsis + +The `New-EntraBetaApplicationProxyApplication` cmdlet creates a new application configured for Application Proxy in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraBetaApplicationProxyApplication + -DisplayName + -ExternalUrl + -InternalUrl + [-ExternalAuthenticationType ] + [-IsTranslateHostHeaderEnabled ] + [-IsHttpOnlyCookieEnabled ] + [-IsSecureCookieEnabled ] + [-IsPersistentCookieEnabled ] + [-IsTranslateLinksInBodyEnabled ] + [-ApplicationServerTimeout ] + [-ConnectorGroupId ] + [] +``` + +## Description + +The `New-EntraBetaApplicationProxyApplication` cmdlet creates a new application configured for Application Proxy in Microsoft Entra ID. +To ensure this application is usable, also make sure you assign users and configure SSO if needed. +Without specifying a ConnectorGroupId, this application by default uses the `Default` connector group in your tenant. + +## Examples + +### Example 1: Creating a new application with only the basic required settings, and the default domain for applications + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + DisplayName = 'Finance Tracker' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' +} +New-EntraBetaApplicationProxyApplication @params + +``` + +```Output +ObjectId : bbbbbbbb-1111-2222-3333-cccccccccccc +externalAuthenticationType : +applicationServerTimeout : +externalUrl : https://finance-awcycles.msappproxy.net/ +internalUrl : http://finance/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example creating a new application with only the basic required settings, and the default domain for applications. + +- `-DisplayName` parameter specifies the display name of new application. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. + +### Example 2: Creating a new application with ApplicationServerTimeout and ExternalAuthenticationType parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + DisplayName = 'Finance Tracker' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' + ApplicationServerTimeout = Long + ExternalAuthenticationType = 'aadPreAuthentication' +} +New-EntraBetaApplicationProxyApplication @params +``` + +```Output +ObjectId : bbbbbbbb-1111-2222-3333-cccccccccccc +externalAuthenticationType : aadPreAuthentication +applicationServerTimeout : Long +externalUrl : https://testp4-m365x99297270.msappproxy.net/ +internalUrl : https://testp4.com/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example creating a new application with `ApplicationServerTimeout` and `ExternalAuthenticationType` parameter. + +- `-DisplayName` parameter specifies the display name of new application. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. +- `-ApplicationServerTimeout` parameter specifies the application server timeout to set. +- `-ExternalAuthenticationType` parameter specifies the external authentication type. + +### Example 3: Creating a new application with IsHttpOnlyCookieEnabled, IsSecureCookieEnabled, IsTranslateLinksInBodyEnabled and ConnectorGroupId parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + DisplayName = 'Finance Tracker' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' + IsHttpOnlyCookieEnabled = $false + IsSecureCookieEnabled = $false + IsPersistentCookieEnabled = $false + IsTranslateLinksInBodyEnabled = $false + ConnectorGroupId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +New-EntraBetaApplicationProxyApplication @params +``` + +```Output +ObjectId : bbbbbbbb-1111-2222-3333-cccccccccccc +externalAuthenticationType : aadPreAuthentication +applicationServerTimeout : Long +externalUrl : https://testp4-m365x99297270.msappproxy.net/ +internalUrl : https://testp4.com/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example creating a new application with `IsHttpOnlyCookieEnabled`, `IsSecureCookieEnabled`, `IsTranslateLinksInBodyEnabled`, and `ConnectorGroupId` parameter. + +- `-DisplayName` parameter specifies the display name of new application. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. +- `-ConnectorGroupId` parameter specifies the Connector group ID that assigned to this application. +- `-IsHttpOnlyCookieEnabled` parameter specifies the application proxy to include the HTTPOnly flag in HTTP response headers. +- `-IsSecureCookieEnabled` parameter specifies the application proxy to include the Secure flag in HTTP response headers. +- `-IsPersistentCookieEnabled` parameter specifies application proxy to set its access cookies to not expire when the web browser is closed. +- `-IsTranslateLinksInBodyEnabled` parameter specifies the translates urls in body. + +## Parameters + +### -ApplicationServerTimeout + +Set this value to Long only if your application is slow to authenticate and connect. + +```yaml +Type: ApplicationServerTimeoutEnum +Parameter Sets: (All) +Aliases: +Accepted values: Default, Long + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConnectorGroupId + +Provide the ID of the Connector group you would like assigned to this application. +You can find this value by using the `Get-EntraBetaApplicationProxyConnectorGroup` command. +Connectors process the remote access to your application, and connector groups help you organize connectors and apps by region, network, or purpose. +If you don't have any connector groups created yet, your app is assigned to Default. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +The display name of the new application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExternalAuthenticationType + +How Application Proxy verifies users before giving them access to your application. +AadPreAuthentication: Application Proxy redirects users to sign in with Microsoft Entra ID, which authenticates their permissions for the directory and application. +We recommend keeping this option as the default, so that you can take advantage of Microsoft Entra ID security features like conditional access and multifactor authentication. +Pass through: Users don't have to authenticate against Microsoft Entra ID to access the application. +You can still set up authentication requirements on the backend. + +```yaml +Type: ExternalAuthenticationTypeEnum +Parameter Sets: (All) +Aliases: +Accepted values: AadPreAuthentication, Passthru + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExternalUrl + +The address your users go to in order to access the app from outside your network. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -InternalUrl + +The URL that you use to access the application from inside your private network. +You can provide a specific path on the backend server to publish, while the rest of the server is unpublished. +In this way, you can publish different sites on the same server as different apps, and give each one its own name and access rules. +If you publish a path, make sure that it includes all the necessary images, scripts, and style sheets for your application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsTranslateHostHeaderEnabled + +If set to true, translates urls in headers. +Keep this value true unless your application required the original host header in the authentication request. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsTranslateLinksInBodyEnabled + +If set to true, translates urls in body. +Keep this value as No unless you have to hardcoded HTML links to other on-premises applications, and don't use custom domains. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsHttpOnlyCookieEnabled + +Yes allows application proxy to include the HTTPOnly flag in HTTP response headers. This flag provides extra security benefits, for example, it prevents client-side scripting (CSS) from copying or modifying the cookies. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsPersistentCookieEnabled + +Yes allows application proxy to set its access cookies to not expire when the web browser is closed. The persistence lasts until the access token expires, or until the user manually deletes the persistent cookies. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsSecureCookieEnabled + +Yes allows application proxy to include the Secure flag in HTTP response headers. Secure Cookies enhances security by transmitting cookies over a TLS secured channel such as HTTPS. TLS prevents cookie transmission in clear text. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[Microsoft.Open.MSGraph.Model.ApplicationProxyApplicationObject+ExternalAuthenticationTypeEnum, Microsoft.Open.MS.GraphV10.Client, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null\]\] System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[Microsoft.Open.MSGraph.Model.ApplicationProxyApplicationObject+ApplicationServerTimeoutEnum, Microsoft.Open.MS.GraphV10.Client, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationProxyApplication](Set-EntraBetaApplicationProxyApplication.md) + +[Get-EntraBetaApplicationProxyApplication](Get-EntraBetaApplicationProxyApplication.md) + +[Remove-EntraBetaApplicationProxyApplication](Remove-EntraBetaApplicationProxyApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.md new file mode 100644 index 0000000000..2b6e2ceae6 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaApplicationProxyConnectorGroup.md @@ -0,0 +1,99 @@ +--- +title: New-EntraBetaApplicationProxyConnectorGroup +description: This article provides details on the New-EntraBetaApplicationProxyConnectorGroupcommand. + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaApplicationProxyConnectorGroup + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationProxyConnectorGroup + +## Synopsis + +The `New-EntraBetaApplicationProxyConnectorGroup` cmdlet creates a new Application Proxy Connector group. + +## Syntax + +```powershell +New-EntraBetaApplicationProxyConnectorGroup + -Name + [] +``` + +## Description + +The `New-EntraBetaApplicationProxyConnectorGroup` cmdlet creates a new Application Proxy connector group. + +## Examples + +### Example 1: Create a new Connector Group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +New-EntraBetaApplicationProxyConnectorGroup -Name 'Backup Application Servers' +``` + +```Output +Name Value +---- ----- +id aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +@odata.context https://graph.microsoft.com/beta/$metadata#onPremisesPublishingProfiles('applicationProxy')/connectorGroups/$entity +isDefault False +name Backup Application Servers +region eur +connectorGroupType applicationProxy +``` + +This example creates a new Connector Group using specified name. + +- `-Name` parameter specifies the new connector group name. + +## Parameters + +### -Name + +The name of the new Connector Group. + +```yaml +Type: System.Name +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Microsoft.Open.MSGraph.Model.Name + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationProxyConnectorGroup](Set-EntraBetaApplicationProxyConnectorGroup.md) + +[Get-EntraBetaApplicationProxyConnectorGroup](Get-EntraBetaApplicationProxyConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyConnectorGroup](Remove-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.md new file mode 100644 index 0000000000..95aee6ae7a --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaPasswordSingleSignOnCredential.md @@ -0,0 +1,121 @@ +--- +title: New-EntraBetaPasswordSingleSignOnCredential +description: This article provides details on the New-EntraBetaPasswordSingleSignOnCredential command. + +ms.topic: reference +ms.date: 07/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPasswordSingleSignOnCredential + +schema: 2.0.0 +--- + +# New-EntraBetaPasswordSingleSignOnCredential + +## Synopsis + +Creates the password Single-Sign-On (SSO) credentials. + +## Syntax + +```powershell +New-EntraBetaPasswordSingleSignOnCredential + -ObjectId + -PasswordSSOCredential + [] +``` + +## Description + +This cmdlet enables users to create their Password Single-Sign-On credentials for an application that they're part of. Specify `ObjectId` and `PasswordSSOCredential` parameters to create an SSO credentials. +Admin could create the group credentials as well. + +## Examples + +### Example 1: New password single-sign-on credentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$credentials = New-Object -TypeName Microsoft.Open.MSGraph.Model.PasswordSSOCredentials +$credentials.Id = '' +$servicePrincipal = Get-EntraBetaservicePrincipal -SearchString '' +$creds1 = [Microsoft.Open.MSGraph.Model.PasswordSSOCredential]@{FieldId="param_emailOrUserName"; Value="foobar@ms.com"; Type="text"} +$creds2 = [Microsoft.Open.MSGraph.Model.PasswordSSOCredential]@{FieldId="param_password"; Value="my-secret"; Type="password"} +$credentials.Credentials = @($creds1, $creds2) +$params = @{ + ObjectId = $servicePrincipal.Id + PasswordSSOCredential = $credentials +} +New-EntraBetaPasswordSingleSignOnCredential @params +``` + +```Output +Id +-- +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to create an password SSO credential for the given ObjectId and PasswordSSOObjectId. + +- `-PasswordSSOObjectId` parameter specifies the User or Group ID. +- `-ObjectId` parameter specifies the object ID of a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the object specific Microsoft Entra ID object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordSSOCredential + +User or group ID. + +```yaml +Type: System.PasswordSSOCredentials +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.PasswordSSOCredentials + +## Notes + +## Related Links + +[Set-EntraBetaPasswordSingleSignOnCredential](Set-EntraBetaPasswordSingleSignOnCredential.md) + +[Get-EntraBetaPasswordSingleSignOnCredential](Get-EntraBetaPasswordSingleSignOnCredential.md) + +[Remove-EntraBetaPasswordSingleSignOnCredential](Remove-EntraBetaPasswordSingleSignOnCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..71d14003fd --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipal.md @@ -0,0 +1,398 @@ +--- +title: New-EntraBetaServicePrincipal +description: This article provides details on the New-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipal + +## Synopsis + +Creates a service principal. + +## Syntax + +```powershell +New-EntraBetaServicePrincipal + [-AccountEnabled ] + [-Tags ] + [-DisplayName ] + [-AlternativeNames ] + -AppId + [-KeyCredentials ] + [-ReplyUrls ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-Homepage ] + [-AppRoleAssignmentRequired ] + [-PasswordCredentials ] + [-ServicePrincipalNames ] + [] +``` + +## Description + +Create a new service Principal. + +For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: + +- Application Administrator +- Cloud Application Administrator + +For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. + +## Examples + +### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +$params = @{ + AccountEnabled = $true + AppId = $application.AppId + AppRoleAssignmentRequired = $true + DisplayName = $application.DisplayName + Tags = {WindowsAzureActiveDirectoryIntegratedApp} +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. + +- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-DisplayName` parameter specifies the service principal display name. +- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. + +### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +$params = @{ + AppId = $application.AppId + Homepage = 'https://localhost/home' + LogoutUrl = 'htpp://localhost/logout' + ReplyUrls = 'https://localhost/redirect' +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-Homepage` parameter specifies the home page or landing page of the application. +- `-LogoutUrl` parameter specifies the logout URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 3: Create a new service principal by KeyCredentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 07 -Day 23 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') +$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" + +New-EntraBetaServicePrincipal -AppId $application.AppId -KeyCredentials $creds +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. + +### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" +New-EntraBetaServicePrincipal -AppId $application.AppId -AlternativeNames 'sktest2' -ServicePrincipalType 'Application' -ServicePrincipalNames $application.AppId +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-AlternativeNames` parameter specifies the alternative names for this service principal. +- `-ServicePrincipalType` parameter specifies the type of the service principal. +- `-ServicePrincipalNames` parameter specifies an array of service principal names. + +## Parameters + +### -AccountEnabled + +True if the service principal account is enabled; otherwise, false. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +The unique identifier for the associated application (its appId property). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the service principal display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the service principal. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the logout URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies an array of service principal names. +Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. +A client uses ServicePrincipalNames to: + +- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. +- Specify a resource URI to acquire an access token, which is the URI returned in the claim. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The type of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Tags linked to this service principal. + +Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..0b72aa739a --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,227 @@ +--- +title: New-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the New-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Assigns a service principal to an application role. + +## Syntax + +```powershell +New-EntraBetaServicePrincipalAppRoleAssignment + -ResourceId + -Id + -ObjectId + -PrincipalId + [] +``` + +## Description + +The `New-EntraBetaServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Assign an app role to a service principal + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$resourceServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Microsoft Graph'" +$appRole = $resourceServicePrincipal.AppRoles | Where-Object { $_.Value -eq "User.ReadBasic.All" } + +New-EntraBetaServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -Id $appRole.Id -ResourceId $resourceServicePrincipal.Id +``` + +### Example 2: Assign an app role to another service principal + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" +New-EntraBetaServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -ResourceId $servicePrincipalObject.Id -Id $servicePrincipalObject.Approles[1].Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. + +- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. +- `-ResourceId`parameter specifies the ObjectId of the resource service principal. +- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. +- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. + +### Example 3: Assign an app role to a user + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" +$user = Get-EntraBetaUser -UserId 'PattiF@Contoso.com' + +New-EntraBetaServicePrincipalAppRoleAssignment ` + -ObjectId $servicePrincipalObject.Id ` + -ResourceId $servicePrincipalObject.Id ` + -Id $servicePrincipalObject.Approles[1].Id ` + -PrincipalId $user.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +``` + +This example demonstrates how to assign an app role to a user in Microsoft Entra ID. +You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraBetaUser` to get a user Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. +- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. + +### Example 4: Assign an app role to a group + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" +$group = Get-EntraBetaGroup -Filter "displayName eq 'Contoso marketing'" + +New-EntraBetaServicePrincipalAppRoleAssignment ` + -ObjectId $servicePrincipalObject.Id ` + -ResourceId $servicePrincipalObject.Id ` + -Id $servicePrincipalObject.Approles[1].Id ` + -PrincipalId $group.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to assign an app role to a group in Microsoft Entra ID. +You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraBetaGroup` to get a group Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. +- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. + +## Parameters + +### -Id + +Specifies the ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies a principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +Specifies a resource ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`New-EntraBetaServiceAppRoleAssignment` is an alias for `New-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) + +[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..b0b851ac65 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/New-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,160 @@ +--- +title: New-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the New-EntraBetaServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Creates a password credential for a service principal. + +## Syntax + +```powershell +New-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraBetaServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential with StartDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +New-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -StartDate '2024-11-04T14:14:14Z' +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-StarteDate` parameter specifies the date and time at which the password becomes valid. + +### Example 2: Create a password credential with EndDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +New-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -EndDate '2024-11-04T14:14:14Z' +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. + +## Parameters + +### -EndDate + +The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) + +[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplication.md new file mode 100644 index 0000000000..54c8d2b1d2 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplication.md @@ -0,0 +1,93 @@ +--- +title: Remove-EntraBetaApplication +description: This article provides details on the Remove-EntraBetaApplication command. + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplication + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplication + +## Synopsis + +Deletes an application object. + +## Syntax + +```powershell +Remove-EntraBetaApplication + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraBetaApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. + +## Examples + +### Example 1: Remove an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraBetaApplication -ApplicationId $application.Id +``` + +This example demonstrates how to delete an application object. + +### Example 2: Remove an application using pipelining + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" | Remove-EntraBetaApplication +``` + +This example demonstrates how to delete an application object using pipelining. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[New-EntraBetaApplication](New-EntraBetaApplication.md) + +[Set-EntraBetaApplication](Set-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..a415ec7b6f --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaApplicationExtensionProperty +description: This article provides details on the Remove-EntraBetaApplicationExtensionProperty command. + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationExtensionProperty + +## Synopsis + +Removes an application extension property. + +## Syntax + +```powershell +Remove-EntraBetaApplicationExtensionProperty + -ApplicationId + -ExtensionPropertyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$extension = Get-EntraApplicationExtensionProperty -ApplicationId $application.Id | Where-Object {$_.Name -eq 'extension_3ed1a24748dd4e4cb91fc0ab09576ff0_NewAttribute'} +Remove-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -ExtensionPropertyId $extension.Id +``` + +This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. + +## Parameters + +### -ExtensionPropertyId + +Specifies the unique ID of the extension property to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) + +[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKey.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKey.md new file mode 100644 index 0000000000..4803798a25 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKey.md @@ -0,0 +1,127 @@ +--- +title: Remove-EntraBetaApplicationKey +description: This article provides details on the Remove-EntraBetaApplicationKey command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationKey + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationKey + +## Synopsis + +Removes a key from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationKey + -ObjectId + [-KeyId ] + [-Proof ] + [] +``` + +## Description + +Removes a key from an application. + +## Examples + +### Example 1: Remove a key credential from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraBetaApplicationKey -ObjectId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -Proof '{token}' +``` + +This command removes the specified key credential from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. +- `-Proof` parameter specifies the JWT token provided as a proof of possession. + +## Parameters + +### -ObjectId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The key Id corresponding to the key object to be removed. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +The JWT token provided as a proof of possession. + +A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: + +- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. +- `iss`: Issuer needs to be the ID of the application that initiates the request. +- `nbf`: Not before time. +- `exp`: Expiration time should be the value of nbf + 10 minutes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationKey](New-EntraBetaApplicationKey.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..59c6778d1f --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaApplicationKeyCredential +description: This article provides details on the Remove-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationKeyCredential + +## Synopsis + +Removes a key credential from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationKeyCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationKeyCredential` cmdlet removes a key credential from an application. + +An application can use this command along with `New-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraBetaApplicationKeyCredential -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +``` + +This command removes the specified key credential from the specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-KeyId` Specifies a custom key ID. Use `Get-EntraBetaApplicationKeyCredential` to get the keyId details. + +## Parameters + +### -KeyId + +Specifies a custom key ID. The unique identifier for the password. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) + +[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..a1e5029ae3 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationOwner.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaApplicationOwner +description: This article provides details on the Remove-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationOwner + +## Synopsis + +Removes an owner from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationOwner + -OwnerId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$owner = Get-EntraBetaApplicationOwner -ApplicationId $application.Id | Where-Object {$_.userPrincipalName -eq 'SawyerM@contoso.com'} +Remove-EntraBetaApplicationOwner -ApplicationId $application.Id -OwnerId $owner.Id +``` + +This example removes the specified owner from the specified application. You can use the command `Get-EntraBetaApplication` to get application Id. + +- `-ApplicationId` parameter specifies the the unique identifier of a application. +- `-OwnerId` parameter specifies the ID of the owner. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) + +[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPassword.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPassword.md new file mode 100644 index 0000000000..0e41b5a95b --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPassword.md @@ -0,0 +1,101 @@ +--- +title: Remove-EntraBetaApplicationPassword +description: This article provides details on the Remove-EntraBetaApplicationPassword command. + +ms.topic: reference +ms.date: 08/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationPassword + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationPassword + +## Synopsis + +Remove a password from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationPassword + -ObjectId + [-KeyId ] + [] +``` + +## Description + +Remove a password from an application. + +## Examples + +### Example 1: Removes a password from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$applicationPassword = Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} +Remove-EntraBetaApplicationPassword -ObjectId $application.Id -KeyId $applicationPassword.KeyId +``` + +This example removes the specified password from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. + +## Parameters + +### -ObjectId + +The unique identifier of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The unique identifier for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationPassword](New-EntraBetaApplicationPassword.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..1c0c35d08a --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraBetaApplicationPasswordCredential +description: This article provides details on the Remove-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationPasswordCredential + +## Synopsis + +Removes a password credential from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationPasswordCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk Application'" +$applicationPassword = Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} +Remove-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -KeyId $applicationPassword.KeyId +``` + +This example demonstrates how to remove the password credential for an application. + +- `ApplicationId` Specifies the ID of the application. Use `Get-EntraBetaApplication` to get application ApplicationId value. +- `KeyId` Specifies the ID of the password credential. Use `Get-EntraBetaApplicationPasswordCredential` to retrieve a specific credential details. + +## Parameters + +### -KeyId + +Specifies the ID of the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of the application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaApplicationPasswordCredential](Get-EntraBetaApplicationPasswordCredential.md) + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPolicy.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPolicy.md new file mode 100644 index 0000000000..9913533461 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationPolicy.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaApplicationPolicy +description: This article provides details on the Remove-EntraBetaApplicationPolicy command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationPolicy + +## Synopsis + +Removes an application policy. + +## Syntax + +```powershell +Remove-EntraBetaApplicationPolicy + -Id + -PolicyId +[] +``` + +## Description + +The `Remove-EntraBetaApplicationPolicy` cmdlet removes an application policy from Microsoft Entra ID. Specify `Id`and `PolicyId` parameters to remove an specific application policy. + +## Examples + +### Example 1: Remove an application policy + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + PolicyId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Remove-EntraBetaApplicationPolicy @params +``` + +This command removes the specified application policy. + +## Parameters + +### -PolicyId + +Specifies the ID of the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The ID of the application for which you need to retrieve the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationPolicy](Add-EntraBetaApplicationPolicy.md) + +[Get-EntraBetaApplicationPolicy](Get-EntraBetaApplicationPolicy.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplication.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplication.md new file mode 100644 index 0000000000..4482541fd2 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplication.md @@ -0,0 +1,119 @@ +--- +title: Remove-EntraBetaApplicationProxyApplication +description: This article provides details on the Remove-EntraBetaApplicationProxyApplication command. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationProxyApplication + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationProxyApplication + +## Synopsis + +Deletes an Application Proxy application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationProxyApplication + -ApplicationId + [-RemoveADApplication ] + [] +``` + +## Description + +The `Remove-EntraBetaApplicationProxyApplication` cmdlet removes Application Proxy configurations from a specific application in Microsoft Entra ID, and can delete the application completely if specified. + +## Examples + +### Example 1: Remove a Proxy Application + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraBetaApplicationProxyApplication -ApplicationId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This example removes a Proxy Application. + +- `ApplicationId` parameter specifies the application ID. + +### Example 2: Remove a Proxy Application, and remove it from Microsoft Entra ID completely + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraBetaApplicationProxyApplication -ApplicationId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RemoveADApplication $true +``` + +This example removes a Proxy Application, and removes it from Microsoft Entra ID completely. + +- `ApplicationId` parameter specifies the application ID. +- `RemoveADApplication` parameter specifies the user confirmation to delete application completely. + +## Parameters + +### -ApplicationId + +The unique application ID of the application. +This ApplicationId can be found using the `Get-EntraBetaApplication` command. +You can also find this ApplicationId in the Microsoft by navigating to Microsoft Entra ID > App registrations > All applications. Select your application. This will takes you to the application's overview page. Use the ObjectId on that page. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RemoveADApplication + +This RemoveADApplication parameter allows you to delete application completely. +When this RemoveADApplication is false (default), Application Proxy properties are removed from the application, but the application still exists. +If this RemoveADApplication is true, the application is removed from Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyApplication](New-EntraBetaApplicationProxyApplication.md) + +[Set-EntraBetaApplicationProxyApplication](Set-EntraBetaApplicationProxyApplication.md) + +[Get-EntraBetaApplicationProxyApplication](Get-EntraBetaApplicationProxyApplication.md) + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md new file mode 100644 index 0000000000..d460c77e02 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md @@ -0,0 +1,89 @@ +--- +title: Remove-EntraBetaApplicationProxyApplicationConnectorGroup +description: This article provides details on the Remove-EntraBetaApplicationProxyApplicationConnectorGroup command. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationProxyApplicationConnectorGroup + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationProxyApplicationConnectorGroup + +## Synopsis + +The `Remove-EntraBetaApplicationProxyApplicationConnectorGroupcmdlet` sets the connector group assigned for the specified application to 'Default' and removes the current assignment. + +## Syntax + +```powershell +Remove-EntraBetaApplicationProxyApplicationConnectorGroup + -OnPremisesPublishingProfileId + [] +``` + +## Description + +If your application is already in the 'Default' group, you see an error because the application can't be removed from the 'Default' group unless it's being added to another group. +The application must be configured for Application Proxy in Microsoft Entra ID. + +## Examples + +### Example 1: Remove the Connector Group associated with an application, setting the group to 'Default' + +```POWERSHELL +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraBetaApplicationProxyApplicationConnectorGroup -OnPremisesPublishingProfileId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This example removes the Connector Group associated with an application, setting the group to 'Default.' + +- `OnPremisesPublishingProfileId` parameter specifies the application ID. + +## Parameters + +### -OnPremisesPublishingProfileId + +The unique application ID of the application. +The application ID can be found using the `Get-EntraBetaApplication` command. +You can also find objectId in the Microsoft Entra Admin Center by navigating to Microsoft Entra ID > App registrations > All applications. Select your application. From the application overview page, copy the ObjectId. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationProxyApplicationConnectorGroup](Set-EntraBetaApplicationProxyApplicationConnectorGroup.md) + +[Get-EntraBetaApplicationProxyApplicationConnectorGroup](Get-EntraBetaApplicationProxyApplicationConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.md new file mode 100644 index 0000000000..2cf6ebace5 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationProxyConnectorGroup.md @@ -0,0 +1,90 @@ +--- +title: Remove-EntraBetaApplicationProxyConnectorGroup +description: This article provides details on the Remove-EntraBetaApplicationProxyConnectorGroup command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationProxyConnectorGroup + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationProxyConnectorGroup + +## Synopsis + +The `Remove-EntraBetaApplicationProxyConnectorGroup` cmdlet deletes an Application Proxy Connector group. + +## Syntax + +```powershell +Remove-EntraBetaApplicationProxyConnectorGroup + -Id + [] +``` + +## Description + +The `Remove-EntraBetaApplicationProxyConnectorGroup` cmdlet deletes an Application Proxy Connector Group. +It can only be used on an empty connector group, with no connectors assigned. + +## Examples + +### Example 1: Remove a specific Connector Group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraBetaApplicationProxyConnectorGroup -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This example removes a specific Connector Group. + +- `Id` parameter specifies the connector group ID. + +## Parameters + +### -Id + +The ID of the Connector group to delete. +You can find this value by running the `Get-EntraBetaApplicationProxyConnectorGroup` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyConnectorGroup](New-EntraBetaApplicationProxyConnectorGroup.md) + +[Set-EntraBetaApplicationProxyConnectorGroup](Set-EntraBetaApplicationProxyConnectorGroup.md) + +[Get-EntraBetaApplicationProxyConnectorGroup](Get-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..faf439c4fb --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaApplicationVerifiedPublisher.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraBetaApplicationVerifiedPublisher +description: This article provides details on the Remove-EntraBetaApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationVerifiedPublisher + +## Synopsis + +Removes the verified publisher from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationVerifiedPublisher + -AppObjectId + [] +``` + +## Description + +Removes the verified publisher from an application. + +## Examples + +### Example 1: Remove the verified publisher from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk Application'" +Remove-EntraBetaApplicationVerifiedPublisher -AppObjectId $application.Id +``` + +This command demonstrates how to remove the verified publisher from an application. + +- `-AppObjectId` parameter specifies the unique identifier of an application. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaApplicationVerifiedPublisher](Set-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaDeletedApplication.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaDeletedApplication.md new file mode 100644 index 0000000000..073213e7cf --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaDeletedApplication.md @@ -0,0 +1,101 @@ +--- +title: Remove-EntraBetaDeletedApplication +description: This article provides details on the Remove-EntraBetaDeletedApplication command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDeletedApplication + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeletedApplication + +## Synopsis + +Permanently delete a recently deleted application object from deleted items. + +## Syntax + +```powershell +Remove-EntraBetaDeletedApplication + [-ObjectId] + [] +``` + +## Description + +Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. + +## Examples + +### Example 1: Remove deleted application object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraBetaDeletedApplication -ObjectId $deletedApplication.Id +``` + +This command removes recently deleted application. You can use the command `Get-EntraBetaDeletedApplication` to get deleted application Id. + +- `-ObjectId` parameter specifies the Id of a deleted application. + +### Example 2: Remove deleted application using pipelining + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Get-EntraBetaDeletedApplication -Filter "DisplayName eq 'My PowerShell Application'" | Remove-EntraBetaDeletedApplication +``` + +This command removes recently deleted application using pipelining. + +## Parameters + +### -ObjectId + +The unique identifier of deleted application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Restore-EntraBetaDeletedApplication](Restore-EntraBetaDeletedApplication.md) + +[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.md new file mode 100644 index 0000000000..cff817efb6 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.md @@ -0,0 +1,108 @@ +--- +title: Remove-EntraBetaPasswordSingleSignOnCredential +description: This article provides details on the Remove-EntraBetaPasswordSingleSignOnCredential command. + +ms.topic: reference +ms.date: 07/09/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaPasswordSingleSignOnCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaPasswordSingleSignOnCredential + +## Synopsis + +Removes the password Single-Sign-On (SSO) credentials. + +## Syntax + +```powershell +Remove-EntraBetaPasswordSingleSignOnCredential + -ObjectId + -PasswordSSOObjectId + [] +``` + +## Description + +This cmdlet enables users to remove their Password Single-Sign-On credentials for an application that they're part of. Specify `ObjectId` and `PasswordSSOCredential` parameters to remove specific SSO credentials. +Admin could remove the group credentials as well. + +## Examples + +### Example 1: Remove password single-sign-on credentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All', 'Directory.ReadWrite.All' +$servicePrincipal = Get-EntraBetaservicePrincipal -SearchString '' +$params = @{ + ObjectId = $servicePrincipal.Id + PasswordSSOCredential = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Remove-EntraBetaPasswordSingleSignOnCredential @params +``` + +This example removes the password SSO credentials for the given ObjectId and PasswordSSOObjectId. + +- `-PasswordSSOObjectId` parameter specifies the User or Group ID. +- `-ObjectId` parameter specifies the object ID of a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the object specific Microsoft Entra ID object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordSSOObjectId + +User or group ID. + +```yaml +Type: System.PasswordSSOObjectId +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPasswordSingleSignOnCredential](New-EntraBetaPasswordSingleSignOnCredential.md) + +[Set-EntraBetaPasswordSingleSignOnCredential](Set-EntraBetaPasswordSingleSignOnCredential.md) + +[Get-EntraBetaPasswordSingleSignOnCredential](Get-EntraBetaPasswordSingleSignOnCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..f09f167ea1 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipal.md @@ -0,0 +1,85 @@ +--- +title: Remove-EntraBetaServicePrincipal +description: This article provides details on the Remove-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipal + +## Synopsis + +Removes a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipal + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" | Remove-EntraBetaServicePrincipal +``` + +This example demonstrates how to remove a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..b20d67b812 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,119 @@ +--- +title: Remove-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the Remove-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Removes a service principal application role assignment. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalAppRoleAssignment + -ServicePrincipalId + -AppRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. + +App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Removes a service principal application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$group = Get-EntraBetaGroup -Filter "displayName eq 'Contoso marketing'" +$assignment = Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PrincipalId -eq $group.Id} +Remove-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -AppRoleAssignmentId $assignment.Id +``` + +This example demonstrates how to remove a service principal application role assignment for a group in Microsoft Entra ID. + +- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. +- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of the application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Remove-EntraBetaServiceAppRoleAssignment` is an alias for `Remove-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) + +[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..9144d29076 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraBetaServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Remove-EntraBetaServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Remove delegated permission classification. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. + +## Examples + +### Example 1: Remove a delegated permission classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$permissionClassification = Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PermissionName -eq 'Sites.Read.All'} +Remove-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id +``` + +This command deletes the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object Id. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) + +[Get-EntraBetaServicePrincipalDelegatedPermissionClassification](Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..422257be5b --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaServicePrincipalOwner +description: This article provides details on the Remove-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalOwner + +## Synopsis + +Removes an owner from a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalOwner + -OwnerId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes an owner from a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$ownership = Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +$owner = $ownership | Where-Object {$_.userPrincipalName -eq 'SawyerM@Contoso.com' } +Remove-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -OwnerId $owner.Id +``` + +This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-OwnerId` parameter specifies the service principal owner Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..5808e6bbfd --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Remove-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the Remove-EntraBetaServicePrincipalPasswordCredential command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Removes a password credential from a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a password credential from a service principal in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$key = Get-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id +$key = $key | Where-Object {$_.DisplayName -eq 'My Password friendly name'} +Remove-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.KeyId +``` + +This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ObjectId of a specified Service Principal Password Credential. +- `-KeyId` parameter specifies the unique identifier of a Password Credential. + +## Parameters + +### -KeyId + +Specifies the unique identifier of password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) + +[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-beta/Applications/Restore-EntraBetaDeletedApplication.md b/module/docs/entra-powershell-beta/Applications/Restore-EntraBetaDeletedApplication.md new file mode 100644 index 0000000000..8ce74f4b30 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Restore-EntraBetaDeletedApplication.md @@ -0,0 +1,119 @@ +--- +title: Restore-EntraBetaDeletedApplication +description: This article provides details on the Restore-EntraBetaDeletedApplication Command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Restore-EntraBetaDeletedApplication + +schema: 2.0.0 +--- + +# Restore-EntraBetaDeletedApplication + +## Synopsis + +Restores a previously deleted application. + +## Syntax + +```powershell +Restore-EntraBetaDeletedApplication + -ObjectId + [-IdentifierUris ] + [] +``` + +## Description + +This cmdlet restores a previously deleted application. + +Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Hybrid Identity Administrator + +## Examples + +### Example 1: Restores a previously deleted application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' +Restore-EntraBetaDeletedApplication -ObjectId $deletedApplication.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraBetaDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraBetaDeletedApplication` cmdlet. + +- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. + +## Parameters + +### -IdentifierUris + +The IdentifierUris of the application that is to be restored. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The ObjectId of the deleted application that is to be restored. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraBetaDeletedApplication](Remove-EntraBetaDeletedApplication.md) + +[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md b/module/docs/entra-powershell-beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md new file mode 100644 index 0000000000..3048ef355c --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md @@ -0,0 +1,104 @@ +--- +title: Select-EntraBetaGroupIdsServicePrincipalIsMemberOf +description: This article provides details on the Select-EntraBetaGroupIdsServicePrincipalIsMemberOf command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + +## Synopsis + +Selects the groups in which a service principal is a member. + +## Syntax + +```powershell +Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraBetaGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$group.GroupIds = (Get-EntraBetaGroup -Top 10).Id +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +Select-EntraBetaGroupIdsServicePrincipalIsMemberOf -ObjectId $servicePrincipal.Id -GroupIdsForMembershipCheck $group +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command gets the group membership of a group for a specified service principal. Use the command `Get-EntraBetaGroup` to get group Id and `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ObjectId` parameter specifies the service principal Id. +- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplication.md new file mode 100644 index 0000000000..aac219bb1d --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplication.md @@ -0,0 +1,548 @@ +--- +title: Set-EntraBetaApplication +description: This article provides details on the Set-EntraBetaApplication command. + + +ms.topic: reference +ms.date: 06/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplication + +schema: 2.0.0 +--- + +# Set-EntraBetaApplication + +## Synopsis + +Updates the properties of an application object. + +## Syntax + +```powershell +Set-EntraBetaApplication + -ApplicationId + [-Api ] + [-OptionalClaims ] + [-DisplayName ] + [-PreAuthorizedApplications ] + [-Web ] + [-IsFallbackPublicClient ] + [-RequiredResourceAccess ] + [-PublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-OrgRestrictions ] + [-KeyCredentials ] + [-TokenEncryptionKeyId ] + [-IdentifierUris ] + [-ParentalControlSettings ] + [-GroupMembershipClaims ] + [-AddIns ] + [-Tags ] + [-AppRoles ] + [-PasswordCredentials ] + [-SignInAudience ] + [-InformationalUrl ] + [] +``` + +## Description + +Updates the properties of an application object. + +## Examples + +### Example 1: Update an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$params = @{ + ApplicationId = $application.Id + DisplayName = 'Contoso Entra PowerShell App Production' + IdentifierUris = 'https://contoso.com' + GroupMembershipClaims = 'SecurityGroup' + IsDeviceOnlyAuthSupported = $False + Tags = 'mytag' +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 2: Update an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraBetaApplication -ApplicationId $application.Id -IdentifierUris 'https://mynewapp.contoso.com' +``` + +This command updates an application in Microsoft Entra ID. + +### Example 3: Update an application using GroupMembershipClaims parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraBetaApplication -ApplicationId $application.Id -GroupMembershipClaims 'SecurityGroup' +``` + +This command updates an application in Microsoft Entra ID. + +### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraBetaApplication -ApplicationId $application.Id -IsDeviceOnlyAuthSupported $False +``` + +This command updates an application in Microsoft Entra ID. + +### Example 5: Update an application using Tags parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraBetaApplication -ApplicationId $application.Id -Tags 'mytag' +``` + +This command updates an application in Microsoft Entra ID. + +## Parameters + +### -AddIns + +Defines custom behavior that a consuming service can use to call an app in specific contexts. +For example, applications that can render file streams might set the addIns property for its "FileHandler" functionality. + +This lets services like Office 365 call the application in the context of a document the user is working on. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. + +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +Specifies identifier Uniform Resource Identifiers (URIs). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is `false` that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgRestrictions + +Reserved for future use. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreAuthorizedApplications + +Lists applications and requested permissions for implicit consent. +Requires an admin to have provided consent to the application. + +preAuthorizedApplications don't require the user to consent to the requested permissions. +Permissions listed in preAuthorizedApplications don't require user consent. + +However, any additional requested permissions not listed in preAuthorizedApplications require user consent. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System.Nullable`1[System.Boolean] + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[New-EntraBetaApplication](New-EntraBetaApplication.md) + +[Remove-EntraBetaApplication](Remove-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationLogo.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationLogo.md new file mode 100644 index 0000000000..b7b23ff2a8 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationLogo.md @@ -0,0 +1,122 @@ +--- +title: Set-EntraBetaApplicationLogo +description: This article provides details on the Set-EntraBetaApplicationLogo command. + +ms.topic: reference +ms.date: 06/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationLogo + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationLogo + +## Synopsis + +Sets the logo for an Application + +## Syntax + +### File (Default) + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + -FilePath + [] +``` + +### Stream + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + [] +``` + +### ByteArray + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + [] +``` + +## Description + +The `Set-EntraBetaApplicationLogo` cmdlet is used to set the logo for an application. + +## Examples + +### Example 1: Sets the application logo for the application specified by the ApplicationId parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraBetaApplicationLogo -ApplicationId $application.Id -FilePath 'D:\applogo.jpg' +``` + +This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. + +## Parameters + +### -FilePath + +The file path of the file that is to be uploaded as the application logo. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the Application for which the logo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +File uploads must be smaller than 500KB. + +## Related Links + +[Get-EntraBetaApplicationLogo](Get-EntraBetaApplicationLogo.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplication.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplication.md new file mode 100644 index 0000000000..9aba2e5856 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplication.md @@ -0,0 +1,387 @@ +--- +title: Set-EntraBetaApplicationProxyApplication +description: This article provides details on the Set-EntraBetaApplicationProxyApplication command. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationProxyApplication + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationProxyApplication + +## Synopsis + +The `Set-EntraBetaApplicationProxyApplication` allows you to modify and set configurations for an application in Microsoft Entra ID configured to use ApplicationProxy. + +## Syntax + +```powershell +Set-EntraBetaApplicationProxyApplication + -ApplicationId + [-ExternalUrl ] + [-InternalUrl ] + [-ExternalAuthenticationType ] + [-IsTranslateHostHeaderEnabled ] + [-IsHttpOnlyCookieEnabled ] + [-IsSecureCookieEnabled ] + [-IsPersistentCookieEnabled ] + [-IsTranslateLinksInBodyEnabled ] + [-ApplicationServerTimeout ] + [-ConnectorGroupId ] + [] +``` + +## Description + +The `Set-EntraBetaApplicationProxyApplication` allows you to modify and set other settings for an application in Microsoft Entra ID configured to use ApplicationProxy. Specify `ApplicationId` parameter to update application configured for application proxy. + +## Examples + +### Example 1: Update ExternalUrl, InternalUrl, ExternalAuthenticationType, and IsTranslateHostHeaderEnabled parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + ApplicationId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' + ExternalAuthenticationType = 'AadPreAuthentication' + IsTranslateHostHeaderEnabled = $false +} +Set-EntraBetaApplicationProxyApplication @params +``` + +```Output +ObjectId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +externalAuthenticationType : aadPreAuthentication +applicationServerTimeout : Long +externalUrl : https://testp-m365x99297270.msappproxy.net/ +internalUrl : https://testp.com/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example update `ExternalUrl`, `InternalUrl`, `ExternalAuthenticationType`, and `IsTranslateHostHeaderEnabled` parameter. + +- `-ApplicationId` parameter specifies the application ID. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. +- `-ExternalAuthenticationType` parameter specifies the external authentication type. +- `-IsTranslateHostHeaderEnabled` parameter specifies the translates urls in headers. + +### Example 2: Update IsHttpOnlyCookieEnabled, IsSecureCookieEnabled, and IsPersistentCookieEnabled parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + ApplicationId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' + ExternalAuthenticationType = 'AadPreAuthentication' + IsTranslateHostHeaderEnabled = $false + IsHttpOnlyCookieEnabled = $false + IsSecureCookieEnabled = $false + IsPersistentCookieEnabled = $false +} +Set-EntraBetaApplicationProxyApplication @params +``` + +```Output +ObjectId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +externalAuthenticationType : aadPreAuthentication +applicationServerTimeout : Long +externalUrl : https://testp-contoso.msappproxy.net/ +internalUrl : https://testp.com/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example update `IsHttpOnlyCookieEnabled`, `IsSecureCookieEnabled`, and `IsPersistentCookieEnabled` parameter. + +- `-ApplicationId` parameter specifies the application ID. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. +- `-ExternalAuthenticationType` parameter specifies the external authentication type. +- `-IsHttpOnlyCookieEnabled` parameter specifies the application proxy to include the HTTPOnly flag in HTTP response headers. +- `-IsSecureCookieEnabled` parameter specifies the application proxy to include the Secure flag in HTTP response headers. +- `-IsTranslateHostHeaderEnabled` parameter specifies the translates urls in headers. +- `-IsPersistentCookieEnabled` parameter specifies application proxy to set its access cookies to not expire when the web browser is closed. + +### Example 3: Update IsTranslateLinksInBodyEnabled, ApplicationServerTimeout, and ConnectorGroupId parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + ApplicationId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + ExternalUrl = 'https://finance-awcycles.msappproxy.net/' + InternalUrl = 'http://finance/' + ExternalAuthenticationType = 'AadPreAuthentication' + IsTranslateHostHeaderEnabled = $false + ApplicationServerTimeout = Long + ConnectorGroupId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Set-EntraBetaApplicationProxyApplication @params +``` + +```Output +ObjectId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +externalAuthenticationType : aadPreAuthentication +applicationServerTimeout : Long +externalUrl : https://testp-contoso.msappproxy.net/ +internalUrl : https://testp.com/ +isTranslateHostHeaderEnabled : False +isTranslateLinksInBodyEnabled : False +isOnPremPublishingEnabled : True +verifiedCustomDomainCertificatesMetadata : +verifiedCustomDomainKeyCredential : +verifiedCustomDomainPasswordCredential : +singleSignOnSettings : @{singleSignOnMode=none; kerberosSignOnSettings=} +isHttpOnlyCookieEnabled : False +isSecureCookieEnabled : False +isPersistentCookieEnabled : False +``` + +This example update `IsTranslateLinksInBodyEnabled`, `ApplicationServerTimeout`, and `ConnectorGroupId` parameter. + +- `-ApplicationId` parameter specifies the application ID. +- `-ExternalUrl` parameter specifies the URL that use to access the application from outside user private network. +- `-InternalUrl` parameter specifies the URL that use to access the application from inside user private network. +- `-ConnectorGroupId` parameter specifies the Connector group ID that assigned to this application. +- `-ApplicationServerTimeout` parameter specifies the application server timeout to set. +- `-ExternalAuthenticationType` parameter specifies the external authentication type. +- `-IsTranslateHostHeaderEnabled` parameter specifies the translates urls in headers. + +## Parameters + +### -ApplicationId + +Specifies a unique application ID of an application in Microsoft Entra ID. +This objectid can be found using the `Get-EntraBetaApplication` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExternalUrl + +The address your users go to in order to access the app from outside your network. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -InternalUrl + +The URL that you use to access the application from inside your private network. +You can provide a specific path on the backend server to publish, while the rest of the server is unpublished. +In this way, you can publish different sites on the same server as different apps, and give each one its own name and access rules. +If you publish a path, make sure that it includes all the necessary images, scripts, and style sheets for your application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExternalAuthenticationType + +How Application Proxy verifies users before giving them access to your application. +AadPreAuth: Application Proxy redirects users to sign in with Microsoft Entra ID, which authenticates their permissions for the directory and application. +We recommend keeping this option as the default, so that you can take advantage of Microsoft Entra ID security features like conditional access and multifactor authentication. +Pass through: Users don't have to authenticate against Microsoft Entra ID to access the application. +You can still set up authentication requirements on the backend. + +```yaml +Type: ExternalAuthenticationTypeEnum +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsTranslateHostHeaderEnabled + +If set to true, translates urls in headers. +Keep this value true unless your application required the original host header in the authentication request. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsTranslateLinksInBodyEnabled + +If set to true, translates urls in body. +Keep this value as No unless you have to hardcoded HTML links to other on-premises applications, and don't use custom domains. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationServerTimeout + +Specifies the backend server timeout type. +Set this value to Long only if your application is slow to authenticate and connect. + +```yaml +Type: ApplicationServerTimeoutEnum +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConnectorGroupId + +Provide the ID of the Connector group you would like assigned to this application. +You can find this value by using the `Get-EntraBetaApplicationProxyConnectorGroup` command. +Connectors process the remote access to your application, and connector groups help you organize connectors and apps by region, network, or purpose. +If you don't have any connector groups created yet, your app is assigned to Default. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsHttpOnlyCookieEnabled + +Allows application proxy to include the HTTPOnly flag in HTTP response headers. This flag provides extra security benefits, for example, it prevents client-side scripting (CSS) from copying or modifying the cookies. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsPersistentCookieEnabled + +Allows application proxy to set its access cookies to not expire when the web browser is closed. The persistence lasts until the access token expires, or until the user manually deletes the persistent cookies. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsSecureCookieEnabled + +Allows application proxy to include the Secure flag in HTTP response headers. Secure Cookies enhances security by transmitting cookies over a "TLS" secured channel such as HTTPS. TLS prevents cookie transmission in clear text. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyApplication](New-EntraBetaApplicationProxyApplication.md) + +[Get-EntraBetaApplicationProxyApplication](Get-EntraBetaApplicationProxyApplication.md) + +[Remove-EntraBetaApplicationProxyApplication](Remove-EntraBetaApplicationProxyApplication.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md new file mode 100644 index 0000000000..e73cda1102 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md @@ -0,0 +1,112 @@ +--- +title: Set-EntraBetaApplicationProxyApplicationConnectorGroup +description: This article provides details on the Set-EntraBetaApplicationProxyApplicationConnectorGroup command. + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationProxyApplicationConnectorGroup + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationProxyApplicationConnectorGroup + +## Synopsis + +The `Set-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet assigns the given connector group to a specified application. + +## Syntax + +```powershell +Set-EntraBetaApplicationProxyApplicationConnectorGroup + -OnPremisesPublishingProfileId + -ConnectorGroupId + [] +``` + +## Description + +The `Set-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet sets the connector group assigned for the specified application. Specify `OnPremisesPublishingProfileId` and `ConnectorGroupId` parameter to assign the given connector group to a specified application. + +The application must be configured for Application Proxy in Microsoft Entra ID. + +## Examples + +### Example 1: Set a new Connector Group for a specific application + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + OnPremisesPublishingProfileId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + ConnectorGroupId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Set-EntraBetaApplicationProxyApplicationConnectorGroup @params +``` + +This example set a new Connector Group for a specific application. + +- `OnPremisesPublishingProfileId` parameter specifies the application ID. +- `ConnectorGroupId` parameter specifies the connector group ID that assign to the application. + +## Parameters + +### -ConnectorGroupId + +The ID of the Connector group that should be assigned to the application. +Use the `Get-EntraBetaApplicationProxyConnectorGroup` command to find the Connector Group ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OnPremisesPublishingProfileId + +The unique application ID for the application the Connector group assigns to. +The application ID can be found using the `Get-EntraBetaApplication` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaApplicationProxyApplicationConnectorGroup](Get-EntraBetaApplicationProxyApplicationConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyApplicationConnectorGroup](Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md new file mode 100644 index 0000000000..1351e53c87 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md @@ -0,0 +1,168 @@ +--- +title: Set-EntraBetaApplicationProxyApplicationSingleSignOn +description: This article provides details on the Set-EntraBetaApplicationProxyApplicationSingleSignOn command. + + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationProxyApplicationSingleSignOn + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationProxyApplicationSingleSignOn + +## Synopsis + +The `Set-EntraBetaApplicationProxyApplicationSingleSignOn` cmdlet allows you to set and modify single sign-on (SSO) settings for an application configured for Application Proxy in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraBetaApplicationProxyApplicationSingleSignOn + -ObjectId + -SingleSignOnMode + [-KerberosInternalApplicationServicePrincipalName ] + [-KerberosDelegatedLoginIdentity ] + [] +``` + +## Description + +The `Set-EntraBetaApplicationProxyApplicationSingleSignOn` cmdlet allows you to set and modify single sign-on (SSO) settings for an application configured for Application Proxy in Microsoft Entra ID. +This is limited to setting No SSO, Kerberos Constrained Delegation (for applications using Integrated Windows Authentication), and Header-based SSO. + +## Examples + +### Example 1: Assign an application to use Kerberos Constrained Delegation, and specify required parameters + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + ObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + SingleSignOnMode = 'OnPremisesKerberos' + KerberosInternalApplicationServicePrincipalName = 'https/www.adventure-works.com' + KerberosDelegatedLoginIdentity = 'OnPremisesUserPrincipalName' +} +Set-EntraBetaApplicationProxyApplicationSingleSignOn @params +``` + +This example assigns an application to use Kerberos Constrained Delegation, and specify required parameters. + +- `-ObjectId` parameter specifies the application ID. +- `-SingleSignOnMode` parameter specifies the type of SSO. +- `-KerberosInternalApplicationServicePrincipalName` parameter specifies the internal application ServicePrincipalName of the application server. +- `-KerberosDelegatedLoginIdentity` parameter specifies the Connector group ID that assigned to this application. + +### Example 2: Remove SSO from an application + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + ObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + SingleSignOnMode = 'None' +} +Set-EntraBetaApplicationProxyApplicationSingleSignOn @params +``` + +This example demonstrates how to remove SSO from an application. + +- `-ObjectId` parameter specifies the application ID. +- `-SingleSignOnMode` parameter specifies the type of SSO. + +## Parameters + +### -KerberosDelegatedLoginIdentity + +The identity that the Connector can use on behalf of your users to authenticate. + +```yaml +Type: KerberosSignOnMappingAttributeTypeEnum +Parameter Sets: (All) +Aliases: +Accepted values: UserPrincipalName, OnPremisesUserPrincipalName, UserPrincipalUsername, OnPremisesUserPrincipalUsername, OnPremisesSAMAccountName + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KerberosInternalApplicationServicePrincipalName + +The internal application SPN of the application server. +This ServicePrincipalName (SPN) needs to be in the list of services to which the Connector can present delegated credentials. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +The unique application ID of the application that needs different SSO settings. +ObjectId can be found using the `Get-EntraBetaApplication` command. +You can also find this in the Microsoft Portal by navigating to Microsoft Entra ID, Enterprise Applications, All Applications, Select your application, go to the properties tab, and use the ObjectId on that page. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SingleSignOnMode + +Choose the type of SSO you would like the application to use. +Only three SSO settings are supported in PowerShell, for more options, please use the Microsoft Portal. + +```yaml +Type: SingleSignOnModeEnum +Parameter Sets: (All) +Aliases: +Accepted values: None, OnPremisesKerberos, HeaderBased + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[Microsoft.Open.MSGraph.Model.OnPremisesPublishingSingleSignOnObject+SingleSignOnModeEnum, Microsoft.Open.MS.GraphV10.Client, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null\]\] System.Nullable\`1\[\[Microsoft.Open.MSGraph.Model.OnPremisesPublishingKerberosSignOnSettingsObject+KerberosSignOnMappingAttributeTypeEnum, Microsoft.Open.MS.GraphV10.Client, Version=2.0.0.0, Culture=neutral, PublicKeyToken=null\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnector.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnector.md new file mode 100644 index 0000000000..2b35cd5eb1 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnector.md @@ -0,0 +1,105 @@ +--- +title: Set-EntraBetaApplicationProxyConnector +description: This article provides details on the Set-EntraBetaApplicationProxyConnector command. + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationProxyConnector + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationProxyConnector + +## Synopsis + +The `Set-EntraBetaApplicationProxyConnector` cmdlet allows reassignment of the connector to another connector group. + +## Syntax + +```powershell +Set-EntraBetaApplicationProxyConnector + -OnPremisesPublishingProfileId + -ConnectorGroupId + [] +``` + +## Description + +The `Set-EntraBetaApplicationProxyConnector` cmdlet allows reassignment of the connector to another connector group. + +## Examples + +### Example 1: Move a Connector to a different Connector Group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + OnPremisesPublishingProfileId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + ConnectorGroupId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Set-EntraBetaApplicationProxyConnector @params +``` + +This example demonstrates how to move a Connector to a different Connector Group. + +- `-OnPremisesPublishingProfileId` parameter specifies the connector ID. +- `-ConnectorGroupId` parameter specifies the application proxy connector group ID. + +## Parameters + +### -OnPremisesPublishingProfileId + +The ID of the Connector being moved. +Use the `Get-EntraBetaApplicationProxyConnectorGroup` command to find the Connector Group ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConnectorGroupId + +The unique identifer of the target application proxy connector group in Microsoft Entra ID. +Find this value using the `Get-EntraBetaApplicationProxyConnectorGroup` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationProxyConnectorGroup](Get-EntraBetaApplicationProxyConnectorGroup.md) +[Get-EntraBetaApplicationProxyConnector](Get-EntraBetaApplicationProxyConnector.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.md new file mode 100644 index 0000000000..ef514add1b --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationProxyConnectorGroup.md @@ -0,0 +1,103 @@ +--- +title: Set-EntraBetaApplicationProxyConnectorGroup +description: This article provides details on the Set-EntraBetaApplicationProxyConnectorGroup command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationProxyConnectorGroup + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationProxyConnectorGroup + +## Synopsis + +The `Set-EntraBetaApplicationProxyConnectorGroup` cmdlet allows you to change the name of a given Application Proxy connector group. + +## Syntax + +```powershell +Set-EntraBetaApplicationProxyConnectorGroup + -Id + -Name + [] +``` + +## Description + +The `Set-EntraBetaApplicationProxyConnectorGroup` cmdlet allows you to change the name of a given Application Proxy connector group. Specify `Id` and `Name` parameters to updates an connector group. + +## Examples + +### Example 1: Rename a Connector Group to "Offsite Application Servers" + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Set-EntraBetaApplicationProxyConnectorGroup -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Name 'Offsite Application Servers' +``` + +This example rename a Connector Group to "Offsite Application Servers" + +- `Id` parameter specifies the connector group ID. +- `Name` parameter specifies the name for connector group. + +## Parameters + +### -Id + +The unique identifier of the Connector group that should be renamed. +You can find the ID using the `Get-EntraBetaApplicationProxyConnectorGroup` command. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Name + +The new name for the Connector group. + +```yaml +Type: System.Name +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyConnectorGroup](New-EntraBetaApplicationProxyConnectorGroup.md) + +[Get-EntraBetaApplicationProxyConnectorGroup](Get-EntraBetaApplicationProxyConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyConnectorGroup](Remove-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..cbf5dd4bb4 --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaApplicationVerifiedPublisher.md @@ -0,0 +1,106 @@ +--- +title: Set-EntraBetaApplicationVerifiedPublisher +description: This article provides details on the Set-EntraBetaApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationVerifiedPublisher + +## Synopsis + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Syntax + +```powershell +Set-EntraBetaApplicationVerifiedPublisher + -SetVerifiedPublisherRequest + -AppObjectId + [] +``` + +## Description + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Examples + +### Example 1: Set the verified publisher of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$mpnId = '0433167' +$req = @{verifiedPublisherId = $mpnId} +Set-EntraBetaApplicationVerifiedPublisher -AppObjectId $application.Id -SetVerifiedPublisherRequest $req +``` + +This command sets the verified publisher of an application. + +The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. + +- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. +- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SetVerifiedPublisherRequest + +A request body object containing the verifiedPublisherId property it's the MPNID value. + +```yaml +Type: SetVerifiedPublisherRequest +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationVerifiedPublisher](Remove-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.md new file mode 100644 index 0000000000..ef2b533e0b --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.md @@ -0,0 +1,113 @@ +--- +title: Set-EntraBetaPasswordSingleSignOnCredential +description: This article provides details on the Set-EntraBetaPasswordSingleSignOnCredential command. + +ms.topic: reference +ms.date: 07/09/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPasswordSingleSignOnCredential + +schema: 2.0.0 +--- + +# Set-EntraBetaPasswordSingleSignOnCredential + +## Synopsis + +Sets the password Single-Sign-On (SSO) credentials. + +## Syntax + +```powershell +Set-EntraBetaPasswordSingleSignOnCredential + -ObjectId + -PasswordSSOCredential + [] +``` + +## Description + +This cmdlet enables users to set their Password Single-Sign-On credentials for an application that they're part of. Specify `ObjectId` and `PasswordSSOCredential` parameters to updates SSO credentials. +Admin could set the group credentials as well. + +## Examples + +### Example 1: Set password single-sign-on credentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$servicePrincipal = Get-EntraBetaservicePrincipal -SearchString '' +$credentials = New-Object -TypeName Microsoft.Open.MSGraph.Model.PasswordSSOCredentials +$credentials.Id = '' +$creds1 = [Microsoft.Open.MSGraph.Model.PasswordSSOCredential]@{FieldId="param_emailOrUserName"; Value="foobar@ms.com"; Type="text"} +$creds2 = [Microsoft.Open.MSGraph.Model.PasswordSSOCredential]@{FieldId="param_password"; Value="my-secret"; Type="password"} +$credentials.Credentials = @($creds1, $creds2) +$params = @{ + ObjectId = $servicePrincipal.Id + PasswordSSOCredential = $credentials +} +Set-EntraBetaPasswordSingleSignOnCredential @params +``` + +This example demonstrates how to set the password SSO credentials for the given ObjectId and PasswordSSOObjectId. + +- `-PasswordSSOObjectId` parameter specifies the User or Group ID. +- `-ObjectId` parameter specifies the object ID of a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the object specific Microsoft Entra ID object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordSSOCredential + +User or group ID. + +```yaml +Type: System.PasswordSSOCredentials +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPasswordSingleSignOnCredential](New-EntraBetaPasswordSingleSignOnCredential.md) + +[Get-EntraBetaPasswordSingleSignOnCredential](Get-EntraBetaPasswordSingleSignOnCredential.md) + +[Remove-EntraBetaPasswordSingleSignOnCredential](Remove-EntraBetaPasswordSingleSignOnCredential.md) diff --git a/module/docs/entra-powershell-beta/Applications/Set-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..0d269ca14c --- /dev/null +++ b/module/docs/entra-powershell-beta/Applications/Set-EntraBetaServicePrincipal.md @@ -0,0 +1,415 @@ +--- +title: Set-EntraBetaServicePrincipal +description: This article provides details on the Set-EntraBetaServicePrincipal command. + +ms.topic: reference +ms.date: 06/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Set-EntraBetaServicePrincipal + +## Synopsis + +Updates a service principal. + +## Syntax + +```powershell +Set-EntraBetaServicePrincipal + -ServicePrincipalId + [-KeyCredentials ] + [-Homepage ] + [-AppId ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-PreferredSingleSignOnMode ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +The `Set-EntraBetaServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Disable the account of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AccountEnabled $false +``` + +This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AccountEnabled` parameter specifies indicates whether the account is enabled. + +### Example 2: Update Homepage of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$homePage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -Homepage $homePage +``` + +This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AppId` parameter specifies the application ID. +- `-Homepage` parameter specifies the home page or landing page of the application. + +### Example 3: Update AlternativeNames and DisplayName of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AlternativeNames 'Helpdesk Application Global' -DisplayName 'NewName' +``` + +This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 4: Update LogoutUrl and ReplyUrls of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$logoutUrl = 'https://securescore.office.com/SignOut' +$replyUrls = 'https://admin.contoso.com' +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -LogoutUrl $logoutUrl -ReplyUrls $replyUrls +``` + +This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-LogoutUrl` parameter specifies the sign out URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -ServicePrincipalType 'Application' -AppRoleAssignmentRequired $True +``` + +This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-ServicePrincipalType` parameter specifies the service principal type. +- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. + +### Example 6: Update KeyCredentials of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 10 -Day 10 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') +$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId -KeyCredentials $creds +``` + +This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. + +Use the `New-EntraBetaServicePrincipalPasswordCredential` and `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. + +### Example 7: Update PreferredSingleSignOnMode of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -PreferredSingleSignOnMode 'saml' +``` + +This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +Specifies the application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Specifies the home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the sign out URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Species the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredSingleSignOnMode + +Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies service principal names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The service principal type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Specifies an array of tags. + +If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Authentication/Connect-Entra.md b/module/docs/entra-powershell-beta/Authentication/Connect-Entra.md new file mode 100644 index 0000000000..6788e6b53d --- /dev/null +++ b/module/docs/entra-powershell-beta/Authentication/Connect-Entra.md @@ -0,0 +1,583 @@ +--- +title: Connect-Entra +description: This article provides details on the Connect-Entra Command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi254 +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Authentication-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Connect-Entra + +schema: 2.0.0 +--- + +# Connect-Entra + +## Synopsis + +Connect to Microsoft Entra ID with an authenticated account. + +## Syntax + +### UserParameterSet (Default) + +```powershell +Connect-Entra + [[-Scopes] ] + [[-ClientId] ] + [-TenantId ] + [-ContextScope ] + [-Environment ] + [-UseDeviceCode] + [-ClientTimeout ] + [-NoWelcome] + [] +``` + +### AppCertificateParameterSet + +```powershell +Connect-Entra + [-ClientId] + [[-CertificateSubjectName] ] + [[-CertificateThumbprint] ] + [-Certificate ] + [-TenantId ] + [-ContextScope ] + [-Environment ] + [-ClientTimeout ] + [-NoWelcome] + [] +``` + +### IdentityParameterSet + +```powershell +Connect-Entra + [[-ClientId] ] + [-ContextScope ] + [-Environment ] + [-ClientTimeout ] + [-Identity] + [-NoWelcome] + [] +``` + +### AppSecretCredentialParameterSet + +```powershell +Connect-Entra + [-ClientSecretCredential ] + [-TenantId ] + [-ContextScope ] + [-Environment ] + [-ClientTimeout ] + [-NoWelcome] + [] +``` + +### AccessTokenParameterSet + +```powershell +Connect-Entra + [-AccessToken] + [-Environment ] + [-ClientTimeout ] + [-NoWelcome] + [] +``` + +### EnvironmentVariableParameterSet + +```powershell +Connect-Entra + [-ContextScope ] + [-Environment ] + [-ClientTimeout ] + [-EnvironmentVariable] + [-NoWelcome] + [] +``` + +## Description + +The `Connect-Entra` cmdlet connects to Microsoft Entra ID with an authenticated account. + +Several authentication scenarios are supported based on your use case, such as delegated (interactive) and app-only (non-interactive). + +`Connect-Entra` is an alias for `Connect-MgGraph`. + +## Examples + +### Example 1: Delegated access: Connect a PowerShell session to a tenant + +```powershell +Connect-Entra +``` + +This example shows how to connect your current PowerShell session to a Microsoft Entra ID tenant using credentials. + +### Example 2: Delegated access: Connect a PowerShell session to a tenant with required scopes + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Group.ReadWrite.All' +``` + +```Output +Welcome to Microsoft Graph! + +``` + +This example shows how to authenticate to Microsoft Entra ID with scopes. + +### Example 3: Delegated access: Using an access token + +```powershell +$secureString = ConvertTo-SecureString -String $AccessToken -AsPlainText -Force +Connect-Entra -AccessToken $secureString +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example shows how to interactively authenticate to Microsoft Entra ID using an access token. + +For more information on how to get or create access token, see [Request an access token](https://learn.microsoft.com/graph/auth-v2-user#3-request-an-access-token). + +### Example 4: Delegated access: Using device code flow + +```powershell +Connect-Entra -UseDeviceCode +``` + +```Output +To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code A1B2CDEFGH to authenticate. +``` + +This example shows how to interactively authenticate to Microsoft Entra ID using device code flow. + +For more information, see [Device Code flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-device-code). + +### Example 5: App-only access: Using client credential with a Certificate thumbprint + +```powershell +$connectParams = @{ + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + ApplicationId = '00001111-aaaa-2222-bbbb-3333cccc4444' + CertificateThumbprint = 'AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00' +} + +Connect-Entra @connectParams +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example shows how to authenticate using an ApplicationId and CertificateThumbprint. + +For more information on how to get or create CertificateThumbprint, see [Authenticate with app-only access](https://learn.microsoft.com/powershell/entra-powershell/app-only-access-auth). + +### Example 6: App-only access: Using client credential with a certificate name + +```powershell +$params = @{ + ClientId = '00001111-aaaa-2222-bbbb-3333cccc4444' + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + CertificateName = 'YOUR_CERT_SUBJECT' +} + +Connect-Entra @params +``` + +```powershell + $Cert = Get-ChildItem Cert:\LocalMachine\My\$CertThumbprint + Connect-Entra -ClientId '' -TenantId '' -Certificate $Cert +``` + +You can find the certificate subject by running the above command. + +### Example 7: App-only access: Using client credential with a certificate + +```powershell +$Cert = Get-ChildItem Cert:\LocalMachine\My\$CertThumbprint +$params = @{ + ClientId = '00001111-aaaa-2222-bbbb-3333cccc4444' + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + Certificate = $Cert +} + +Connect-Entra @params +``` + +### Example 8: App-only access: Using client secret credentials + +```powershell +$ClientSecretCredential = Get-Credential -Credential '00001111-aaaa-2222-bbbb-3333cccc4444' +# Enter client_secret in the password prompt. +Connect-Entra -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' -ClientSecretCredential $ClientSecretCredential +``` + +This authentication method is ideal for background interactions. + +For more information on how to get credential, see [Get-Credential](https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential) command. + +### Example 9: App-only access: Using managed identity: System-assigned managed identity + +```powershell +Connect-Entra -Identity +``` + +Uses an automatically managed identity on a service instance. The identity is tied to the lifecycle of a service instance. + +### Example 10: App-only access: Using managed identity: User-assigned managed identity + +```powershell +Connect-Entra -Identity -ClientId 'User_Assigned_Managed_identity_Client_Id' +``` + +Uses a user created managed identity as a standalone Azure resource. + +### Example 11: Connecting to an environment as a different identity + +```powershell +Connect-Entra -ContextScope 'Process' +``` + +```Output +Welcome to Microsoft Graph! +``` + +To connect as a different identity other than CurrentUser, specify the ContextScope parameter with the value Process. + +For more information on how to get the current context, see [Get-EntraContext](https://learn.microsoft.com/powershell/module/Microsoft.Entra/get-entracontext) command. + +### Example 12: Connecting to an environment or cloud + +```powershell +Get-EntraEnvironment +``` + +```Output +Name AzureADEndpoint GraphEndpoint Type +---- --------------- ------------- ---- +China https://login.chinacloudapi.cn https://microsoftgraph.chinacloudapi.cn Built-in +Global https://login.microsoftonline.com https://graph.microsoft.com Built-in +USGov https://login.microsoftonline.us https://graph.microsoft.us Built-in +USGovDoD https://login.microsoftonline.us https://dod-graph.microsoft.us Built-in +``` + +```powershell +Connect-Entra -Environment 'Global' +``` + +When you use Connect-Entra, you can choose to target other environments. By default, Connect-Entra targets the global public cloud. + +### Example 13: Sets the HTTP client timeout in seconds + +```powershell + Connect-Entra -ClientTimeout 60 +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example Sets the HTTP client timeout in seconds. + +### Example 14: Hides the welcome message + +```powershell +Connect-Entra -NoWelcome +``` + +This example hides the welcome message. + +### Example 15: Allows for authentication using environment variables + +```powershell +Connect-Entra -EnvironmentVariable +``` + +This example allows for authentication using environment variables. + +## Parameters + +### -CertificateThumbprint + +Specifies the certificate thumbprint of a digital public key X.509 certificate of a user account that has permission to perform this action. + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientId + +Specifies the application ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: UserParameterSet, IdentityParameterSet +Aliases: AppId, ApplicationId + +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: AppId, ApplicationId + +Required: True +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the ID of a tenant. + +If you don't specify this parameter, the account is authenticated with the home tenant. + +You must specify the TenantId parameter to authenticate as a service principal or when using Microsoft account. + +```yaml +Type: System.String +Parameter Sets: UserParameterSet, AppCertificateParameterSet, AppSecretCredentialParameterSet +Aliases: Audience, Tenant + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AccessToken + +Specifies a bearer token for Microsoft Entra service. Access tokens do time out and you have to handle their refresh. + +```yaml +Type: SecureString +Parameter Sets: AccessTokenParameterSet +Aliases: +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientTimeout + +Sets the HTTP client timeout in seconds. + +```yaml +Type: System.Double +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContextScope + +Determines the scope of authentication context. This ContextScope accepts `Process` for the current process, or `CurrentUser` for all sessions started by user. + +```yaml +Type: ContextScope +Accepted values: Process, CurrentUser +Parameter Sets: UserParameterSet, AppCertificateParameterSet, IdentityParameterSet, AppSecretCredentialParameterSet, EnvironmentVariableParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Environment + +The name of the national cloud environment to connect to. By default global cloud is used. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: EnvironmentName, NationalCloud +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -NoWelcome + +Hides the welcome message. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Scopes + +An array of delegated permissions to consent to. + +```yaml +Type: System.String[] +Parameter Sets: UserParameterSet +Aliases: +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UseDeviceCode + +Use device code authentication instead of a browser control. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: UserParameterSet +Aliases: UseDeviceAuthentication, DeviceCode, DeviceAuth, Device +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Certificate + +An X.509 certificate supplied during invocation. + +```yaml +Type: X509Certificate2 +Parameter Sets: AppCertificateParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CertificateSubjectName + +The subject distinguished name of a certificate. The certificate is retrieved from the current user's certificate store. + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: CertificateSubject, CertificateName +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecretCredential + +The PSCredential object provides the application ID and client secret for service principal credentials. For more information about the PSCredential object, type Get-Help Get-Credential. + +```yaml +Type: PSCredential +Parameter Sets: AppSecretCredentialParameterSet +Aliases: SecretCredential, Credential +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EnvironmentVariable + +Allows for authentication using environment variables configured on the host machine. See + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: EnvironmentVariableParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Identity + +Sign-in using a managed identity + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: IdentityParameterSet +Aliases: ManagedIdentity, ManagedServiceIdentity, MSI +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProgressAction + +The ProgressAction parameter takes one of the ActionPreference enumeration values: SilentlyContinue, Stop, Continue, Inquire, Ignore, Suspend, or Break. + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Disconnect-Entra](Disconnect-Entra.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-beta/Authentication/Disconnect-Entra.md b/module/docs/entra-powershell-beta/Authentication/Disconnect-Entra.md new file mode 100644 index 0000000000..8bc8be543f --- /dev/null +++ b/module/docs/entra-powershell-beta/Authentication/Disconnect-Entra.md @@ -0,0 +1,78 @@ +--- +title: Disconnect-Entra +description: This article provides details on the Disconnect-Entra Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Authentication-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Disconnect-Entra + +schema: 2.0.0 +--- + +# Disconnect-Entra + +## Synopsis + +Disconnects the current session from a Microsoft Entra ID tenant. + +## Syntax + +```powershell +Disconnect-Entra + [] +``` + +## Description + +The Disconnect-Entra cmdlet disconnects the current session from a Microsoft Entra ID tenant. + +## Examples + +### Example 1: Disconnect your session from a tenant + +```powershell + Disconnect-Entra +``` + +```output +ClientId : 00001111-aaaa-2222-bbbb-3333cccc4444 +TenantId : bbbbcccc-1111-dddd-2222-eeee3333ffff +Scopes : {Agreement.ReadWrite.All, CustomSecAttributeDefinition.ReadWrite.All, TeamMember.Read.All...} +AuthType : AppOnly +TokenCredentialType : ClientCertificate +CertificateThumbprint : AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00 +CertificateSubjectName : +Account : +AppName : MG_graph_auth +ContextScope : Process +Certificate : +PSHostVersion : 5.1.22621.2506 +ManagedIdentityId : +ClientSecret : +Environment : Global +``` + +This command disconnects your session from a tenant. + +## Parameters + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Connect-Entra](Connect-Entra.md) diff --git a/module/docs/entra-powershell-beta/Authentication/Get-EntraContext.md b/module/docs/entra-powershell-beta/Authentication/Get-EntraContext.md new file mode 100644 index 0000000000..01f047964f --- /dev/null +++ b/module/docs/entra-powershell-beta/Authentication/Get-EntraContext.md @@ -0,0 +1,130 @@ +--- +title: Get-EntraContext +description: This article provides details on the Get-EntraContext command. + + +ms.topic: reference +ms.date: 07/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutung +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Authentication-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraContext + +schema: 2.0.0 +--- + +# Get-EntraContext + +## Synopsis + +Retrieve information about your current session. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraContext + [-ProgressAction ] + [] +``` + +## Description + +`Get-EntraContext` is used to retrieve the details about your current session, which include: + +- ClientID +- TenantID +- Certificate Thumbprint +- Scopes consented to +- AuthType: Delegated or app-only +- AuthProviderType +- CertificateName +- Account +- AppName +- ContextScope +- Certificate +- PSHostVersion +- ClientTimeOut. + +`Get-EntraCurrentSessionInfo` is an alias for `Get-EntraContext`. + +## Examples + +### Example 1: Get the current session + +```powershell +Get-EntraContext +``` + +```Output +ClientId : 11112222-bbbb-3333-cccc-4444dddd5555 +TenantId : aaaabbbb-0000-cccc-1111-dddd2222eeee +CertificateThumbprint : +Scopes : {User.ReadWrite.All,...} +AuthType : Delegated +AuthProviderType : InteractiveAuthenticationProvider +CertificateName : +Account : SawyerM@Contoso.com +AppName : Microsoft Graph PowerShell +ContextScope : CurrentUser +Certificate : +PSHostVersion : 5.1.17763.1 +ClientTimeout : 00:05:00 +``` + +This example demonstrates how to retrieve the details of the current session. + +### Example 2: Get the current session scopes + +```powershell +Get-EntraContext | Select -ExpandProperty Scopes +``` + +```Output +AppRoleAssignment.ReadWrite.All +Directory.AccessAsUser.All +EntitlementManagement.ReadWrite.All +Group.ReadWrite.All +openid +Organization.Read.All +profile +RoleManagement.ReadWrite.Directory +User.Read +User.ReadWrite.All +``` + +Retrieves all scopes. + +## Parameters + +### -ProgressAction + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +Please note that `Get-EntraCurrentSessionInfo` is now an alias for `Get-EntraContext` and can be used interchangeably. + +## Related Links diff --git a/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.md b/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.md new file mode 100644 index 0000000000..df2a364b95 --- /dev/null +++ b/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaSignedInUserAllRefreshToken.md @@ -0,0 +1,72 @@ +--- +title: Revoke-EntraBetaSignedInUserAllRefreshToken +description: This article provides details on the Revoke-EntraBetaSignedInUserAllRefreshToken command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Authentication-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Revoke-EntraBetaSignedInUserAllRefreshToken +schema: 2.0.0 +--- + +# Revoke-EntraBetaSignedInUserAllRefreshToken + +## Synopsis + +Invalidates the refresh tokens issued to applications for the current user. + +## Syntax + +```powershell +Revoke-EntraBetaSignedInUserAllRefreshToken + [] +``` + +## Description + +The `Revoke-EntraBetaSignedInUserAllRefreshToken` cmdlet invalidates all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser), by resetting the signInSessionsValidFromDateTime user property to the current date-time. + +Typically, this operation is performed (by the user or an administrator) if the user has a lost or stolen device. This operation prevents access to the organization's data through applications on the device by requiring the user to sign in again to all applications that they have previously consented to, independent of device. + +Note: If the application attempts to redeem a delegated access token for this user by using an invalidated refresh token, the application will get an error. If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint, which will force the user to sign in. + +After running this command, there might be a small delay of a few minutes before tokens are revoked. + +## Examples + +### Example 1: Revoke refresh tokens for the current user + +```powershell +Connect-Entra -Scopes 'User.RevokeSessions.All' +Revoke-EntraBetaSignedInUserAllRefreshToken +``` + +```Output +Value +----- +True +``` + +This command revokes the tokens for the current user. + +## Parameters + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Revoke-EntraBetaUserAllRefreshToken](Revoke-EntraBetaUserAllRefreshToken.md) diff --git a/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.md b/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.md new file mode 100644 index 0000000000..43b0363968 --- /dev/null +++ b/module/docs/entra-powershell-beta/Authentication/Revoke-EntraBetaUserAllRefreshToken.md @@ -0,0 +1,90 @@ +--- +title: Revoke-EntraBetaUserAllRefreshToken +description: This article provides details on the Revoke-EntraBetaUserAllRefreshToken command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Authentication-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Revoke-EntraBetaUserAllRefreshToken +schema: 2.0.0 +--- + +# Revoke-EntraBetaUserAllRefreshToken + +## Synopsis + +Invalidates the refresh tokens issued to applications for a user. + +## Syntax + +```powershell +Revoke-EntraBetaUserAllRefreshToken + -UserId + [] +``` + +## Description + +The `Revoke-EntraBetaUserAllRefreshToken` cmdlet invalidates the refresh tokens issued to applications for a user. + +The cmdlet also invalidates tokens issued to session cookies in a browser for the user. + +The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time. + +The user or an administrator usually performs this operation if the user's device is lost or stolen. It blocks access to the organization's data by requiring the user to sign in again to all previously authorized applications, regardless of the device + +## Examples + +### Example 1: Revoke refresh tokens for a user + +```powershell +Connect-Entra -Scopes 'User.RevokeSessions.All' +Revoke-EntraBetaUserAllRefreshToken -UserId 'SawyerM@contoso.com' +``` + +```Output +Value +----- +True +``` + +This example demonstrates how to revoke the tokens for the specified user. + +- `-UserId` parameter specifies the unique identifier of a user. + +## Parameters + +### -UserId + +Specifies the unique ID of a user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Revoke-EntraBetaSignedInUserAllRefreshToken](Revoke-EntraBetaSignedInUserAllRefreshToken.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..764cc2bd62 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,107 @@ +--- +title: Add-EntraBetaAdministrativeUnitMember +description: This article provides details on the Add-EntraBetaAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 08/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Add-EntraBetaAdministrativeUnitMember + +## Synopsis + +Adds an administrative unit member. + +## Syntax + +```powershell +Add-EntraBetaAdministrativeUnitMember + -RefObjectId + -AdministrativeUnitId + [] +``` + +## Description + +The `Add-EntraBetaAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. + +Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. + +To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -RefObjectId $user.Id +``` + +This example demonstrates adding an administrative unit member. Use `Get-EntraBetaAdministrativeUnit` to find the administrative unit ID and `Get-EntraBetaUser` to find the user ID. + +- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of a Microsoft Entra ID administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the unique ID of the specific Microsoft Entra ID object that is assigned as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) +[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..f4caa83366 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,138 @@ +--- +title: Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue command. + +ms.topic: reference +ms.date: 07/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +schema: 2.0.0 +--- + +# Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Adds a predefined value for a custom security attribute definition. + +## Syntax + +```powershell +Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + -IsActive + -CustomSecurityAttributeDefinitionId + -Id + [] +``` + +## Description + +The `Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue` adds a predefined value for a Microsoft Entra ID custom security attribute definition. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a predefined value for a Microsoft Entra ID custom security attribute definition + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinitionId = (Get-EntraBetaCustomSecurityAttributeDefinition -Id '').Id +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinitionId + Id = 'Alpine' + IsActive = $true +} +Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output +Id IsActive +-- -------- +Alpine True +``` + +This example adds a predefined value to a custom security attribute definition. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use the command `Get-EntraBetaCustomSecurityAttributeDefinition` to get the ID. +- `-Id` parameter specifies the identifier for the predefined value. +- `-IsActive` parameter specifies the predefined value is active or deactivated. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier for a custom security attribute definition in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for the predefined value, which can be up to 64 characters long and include Unicode characters. Spaces are allowed, but some special characters aren't. This identifier is case sensitive, can't be changed later, and is required. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsActive + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any another supported directory objects. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValues` is an alias for `Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue`. + +## Related Links + +[Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) + +[Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.md new file mode 100644 index 0000000000..56a7236cf9 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.md @@ -0,0 +1,108 @@ +--- +title: Add-EntraBetaDeviceRegisteredOwner +description: This article provides details on the Add-EntraBetaDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaDeviceRegisteredOwner + +## Synopsis + +Adds a registered owner for a device. + +## Syntax + +```powershell +Add-EntraBetaDeviceRegisteredOwner + -DeviceId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaDeviceRegisteredOwner` cmdlet adds a registered owner for a Microsoft Entra ID device. + +## Examples + +### Example 1: Add a user as a registered owner + +```powershell +Connect-Entra -Scopes 'Device.ReadWrite.All' +$User = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$Device = Get-EntraBetaDevice -SearchString '' +$params = @{ + DeviceId = $Device.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraBetaDeviceRegisteredOwner @params +``` + +This example shows how to add a registered owner to a device. + +`-DeviceId` parameter specifies the unique identifier (Object ID) of the device to which you want to add a registered owner. The $Device.ObjectId variable should contain the Object ID of the device. You can use the command `Get-EntraBetaDevice` to get device Id. + +`-RefObjectId` parameter specifies the unique identifier (Object ID) of the user who will be added as a registered owner of the device. The $User.ObjectId variable should contain the Object ID of the user. You can use the command `Get-EntraBetaUser` to get user Id. + +## Parameters + +### -DeviceId + +Specifies the ID of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to add. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDeviceRegisteredOwner](Get-EntraBetaDeviceRegisteredOwner.md) + +[Remove-EntraBetaDeviceRegisteredOwner](Remove-EntraBetaDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.md new file mode 100644 index 0000000000..a640c8f901 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.md @@ -0,0 +1,108 @@ +--- +title: Add-EntraBetaDeviceRegisteredUser +description: This article provides details on the Add-EntraBetaDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Add-EntraBetaDeviceRegisteredUser + +## Synopsis + +Adds a registered user for a device. + +## Syntax + +```powershell +Add-EntraBetaDeviceRegisteredUser + -DeviceId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaDeviceRegisteredUser` cmdlet adds a registered user for a Microsoft Entra ID device. + +## Examples + +### Example 1: Add a user as a registered user + +```powershell +Connect-Entra -Scopes 'Device.ReadWrite.All' +$User = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$Device = Get-EntraBetaDevice -SearchString '' +$params = @{ + DeviceId = $Device.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraBetaDeviceRegisteredUser @params +``` + +This example shows how to add a registered user to a device. + +- `-DeviceId` parameter specifies the unique identifier (Object ID) of the device to which you want to add a registered user. The $Device.ObjectId variable should contain the Object ID of the device. You can use the command `Get-EntraBetaDevice` to get device Id. + +- `-RefObjectId` parameter specifies the unique identifier (Object ID) of the user who will be added as a registered user of the device. The $User.ObjectId variable should contain the Object ID of the user. You can use the command `Get-EntraBetaUser` to get user Id. + +## Parameters + +### -DeviceId + +Specifies the ID of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDeviceRegisteredUser](Get-EntraBetaDeviceRegisteredUser.md) + +[Remove-EntraBetaDeviceRegisteredUser](Remove-EntraBetaDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.md new file mode 100644 index 0000000000..29618ad42a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaDirectoryRoleMember.md @@ -0,0 +1,104 @@ +--- +title: Add-EntraBetaDirectoryRoleMember +description: This article provides details on the Add-EntraBetaDirectoryRoleMember command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaDirectoryRoleMember + +schema: 2.0.0 +--- + +# Add-EntraBetaDirectoryRoleMember + +## Synopsis + +Adds a member to a directory role. + +## Syntax + +```powershell +Add-EntraBetaDirectoryRoleMember + -DirectoryRoleId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaDirectoryRoleMember` cmdlet adds a member to a Microsoft Entra ID role. + +## Examples + +### Example 1: Add a member to a Microsoft Entra ID role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$params = @{ + DirectoryRoleId = '019ea7a2-1613-47c9-81cb-20ba35b1ae48' + RefObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Add-EntraBetaDirectoryRoleMember @params +``` + +This example adds a member to a directory role. + +- `DirectoryRoleId` parameter specifies the ID of the directory role to which the member will be added. Use the `Get-EntraBetaDirectoryRole` command to retrieve the details of the directory role. +- `RefObjectId` parameter specifies the ID of Microsoft Entra ID object to assign as owner/manager/member. + +## Parameters + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDirectoryRoleMember](Get-EntraBetaDirectoryRoleMember.md) + +[Remove-EntraBetaDirectoryRoleMember](Remove-EntraBetaDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..425afb69db --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.md @@ -0,0 +1,132 @@ +--- +title: Add-EntraBetaScopedRoleMembership +description: This article provides details on the Add-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Add-EntraBetaScopedRoleMembership + +## Synopsis + +Assign a Microsoft Entra role with an administrative unit scope. + +## Syntax + +```powershell +Add-EntraBetaScopedRoleMembership + -AdministrativeUnitId + [-RoleMemberInfo ] + [-RoleObjectId ] + [] +``` + +## Description + +The `Add-EntraBetaScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. + +For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add a scoped role membership to an administrative unit + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo +$roleMember.Id = $user.Id +Add-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -RoleObjectId $role.Id -RoleMemberInfo $roleMember +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The example shows how to add a user to the specified role within the specified administrative unit. + +- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. +- `-RoleObjectId` Parameter specifies the ID of a directory role. +- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RoleMemberInfo + +Specifies a RoleMemberInfo object. + +```yaml +Type: System.RoleMemberInfo +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleObjectId + +Specifies DirectoryRole ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) + +[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Confirm-EntraBetaDomain.md b/module/docs/entra-powershell-beta/DirectoryManagement/Confirm-EntraBetaDomain.md new file mode 100644 index 0000000000..54830754c3 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Confirm-EntraBetaDomain.md @@ -0,0 +1,109 @@ +--- +title: Confirm-EntraBetaDomain +description: This article provides details on the Confirm-EntraBetaDomain command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Confirm-EntraBetaDomain + +schema: 2.0.0 +--- + +# Confirm-EntraBetaDomain + +## Synopsis + +Validate the ownership of a domain. + +## Syntax + +```powershell +Confirm-EntraBetaDomain + -DomainName + -ForceTakeover + [] +``` + +## Description + +The `Confirm-EntraBetaDomain` cmdlet validates the ownership of an Microsoft Entra ID domain. + +The work or school account needs to belong to at least the **Domain Name Administrator** Microsoft Entra role. + +## Examples + +### Example 1: Confirm the domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Confirm-EntraBetaDomain -DomainName Contoso.com +``` + +- `DomainName` Specifies the fully qualified domain name to retrieve. + +This example verifies a domain and updates its status to `verified`. + +### Example 2: External admin takeover of a domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Confirm-EntraBetaDomain -DomainName Contoso.com -ForceTakeover $True +``` + +This example illustrates how to confirm a domain when an external administrator needs to assume control of an unmanaged domain. + +- `DomainName` specifies the fully qualified domain name to retrieve. +- `ForceTakeover` specifies whether to forcibly take control of an unmanaged domain associated with a tenant. + +## Parameters + +### -DomainName + +Specifies the name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ForceTakeover + +Used for external admin takeover of an unmanaged domain. The default value for this parameter is `false`. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.md b/module/docs/entra-powershell-beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.md new file mode 100644 index 0000000000..d94161118b --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Enable-EntraBetaDirectoryRole.md @@ -0,0 +1,94 @@ +--- +title: Enable-EntraBetaDirectoryRole +description: This article provides details on the Enable-EntraBetaDirectoryRole command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Enable-EntraBetaDirectoryRole + +schema: 2.0.0 +--- + +# Enable-EntraBetaDirectoryRole + +## Synopsis + +Activates an existing directory role in Microsoft Entra ID. + +## Syntax + +```powershell +Enable-EntraBetaDirectoryRole + [-RoleTemplateId ] + [] +``` + +## Description + +The `Enable-EntraBetaDirectoryRole` cmdlet activates an existing directory role in Microsoft Entra ID. + +The Company Administrators and the default user directory roles (User, Guest User, and Restricted Guest User) are activated by default. To access and assign members to other directory roles, you must first activate them using their corresponding directory role template ID. + +## Examples + +### Example 1: Enable a directory role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$InviterRole = Get-EntraBetaDirectoryRoleTemplate | Where-Object {$_.DisplayName -eq 'Guest Inviter'} +Enable-EntraBetaDirectoryRole -RoleTemplateId $InviterRole.ObjectId +``` + +```Output +DeletedDateTime Id Description DisplayName RoleTemplateId +--------------- -- ----------- ----------- -------------- + b5baa59b-86ab-4053-ac3a-0396116d1924 Guest Inviter has access to invite guest users. Guest Inviter 92ed04bf-c94a-4b82-9729-b799a7a4c178 +``` + +The example shows how to enable the directory role. + +You can use `Get-EntraBetaDirectoryRoleTemplate` to fetch a specific directory role to activate. + +- `RoleTemplateId` parameter specifies the ID of the role template to enable. + +## Parameters + +### -RoleTemplateId + +The ID of the Role template to enable. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDirectoryRole](Get-EntraBetaDirectoryRole.md) + +[Get-EntraBetaDirectoryRoleTemplate](Get-EntraBetaDirectoryRoleTemplate.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAccountSku.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAccountSku.md new file mode 100644 index 0000000000..809fa7f6d2 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAccountSku.md @@ -0,0 +1,117 @@ +--- +title: Get-EntraBetaAccountSku +description: This article provides details on the Get-EntraBetaAccountSku command. + + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAccountSku + +schema: 2.0.0 +--- + +# Get-EntraBetaAccountSku + +## Synopsis + +Retrieves all the SKUs for a company. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaAccountSku + [] +``` + +### GetById + +```powershell +Get-EntraBetaAccountSku + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaAccountSku` retrieves the list of commercial subscriptions acquired by an organization. + +For a list of license names in the Microsoft Entra or Microsoft 365 admin centers and their corresponding Microsoft Graph `skuId` and `skuPartNumber` properties, refer to the [mapping information](https://learn.microsoft.com/entra/identity/users/licensing-service-plan-reference). + +## Examples + +### Example 1: Gets a list of SKUs + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaAccountSku +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +eeeeeeee-4444-5555-6666-ffffffffffff aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSPRE… +ffffffff-5555-6666-7777-aaaaaaaaaaaa aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTERP… +dddddddd-3333-4444-5555-eeeeeeeeeeee aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERP… +``` + +This command returns a list of SKUs. + +### Example 2: Gets a list of SKUs by TenantId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaAccountSku -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +eeeeeeee-4444-5555-6666-ffffffffffff aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSPRE… +ffffffff-5555-6666-7777-aaaaaaaaaaaa aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTERP… +dddddddd-3333-4444-5555-eeeeeeeeeeee aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERP… +``` + +This command returns a list of SKUs for a specified tenant. + +- `-TenantId` parameter specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this isn't provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..abdb63334d --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.md @@ -0,0 +1,243 @@ +--- +title: Get-EntraBetaAdministrativeUnit +description: This article provides details on the Get-EntraBetaAdministrativeUnit command. + + +ms.topic: reference +ms.date: 07/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# Get-EntraBetaAdministrativeUnit + +## Synopsis + +Gets an administrative unit. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaAdministrativeUnit + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaAdministrativeUnit + -AdministrativeUnitId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAdministrativeUnit` cmdlet gets a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameter to get a specific administrative unit. + +## Examples + +### Example 1: Get all administrative units + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraBetaAdministrativeUnit +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName + bbbbbbbb-1111-2222-3333-cccccccccccc test111 test111 + cccccccc-2222-3333-4444-dddddddddddd TestAU + dddddddd-3333-4444-5555-eeeeeeeeeeee test_130624_09 + eeeeeeee-4444-5555-6666-ffffffffffff test111 test111 + ffffffff-5555-6666-7777-aaaaaaaaaaaa test66 + aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb test111 test111 True +``` + +This command gets all the administrative units. + +### Example 2: Get all administrative units using '-All' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraBetaAdministrativeUnit -All +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName + bbbbbbbb-1111-2222-3333-cccccccccccc test111 test111 + cccccccc-2222-3333-4444-dddddddddddd TestAU + dddddddd-3333-4444-5555-eeeeeeeeeeee test_130624_09 + eeeeeeee-4444-5555-6666-ffffffffffff test111 test111 + ffffffff-5555-6666-7777-aaaaaaaaaaaa test66 + aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb test111 test111 True +``` + +This command gets all the administrative units. + +### Example 3: Get a specific administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraBetaAdministrativeUnit -AdministrativeUnitId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName +``` + +This example returns the details of the specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 4: Get administrative units filter by display name + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Updated DisplayName'" +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName +``` + +This example list of administrative units containing display name with the specified name. + +### Example 5: Get top one administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraBetaAdministrativeUnit -Top 1 +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName +``` + +This example returns the specified top administrative units. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter filters which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) + +[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) + +[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..f82377f781 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraBetaAdministrativeUnitMember +description: This article provides details on the Get-EntraBetaAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Get-EntraBetaAdministrativeUnitMember + +## Synopsis + +Gets a member of an administrative unit. + +## Syntax + +```powershell +Get-EntraBetaAdministrativeUnitMember + -AdministrativeUnitId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. + +In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Directory Readers: Read basic properties on administrative units +- Global Reader: Read all properties of administrative units, including members +- Privileged Role Administrator: Create and manage administrative units (including members) + +## Examples + +### Example 1: Get an administrative unit member by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 2: Get all administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of all administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 3: Get top three administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example returns top three administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) + +[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) + +[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAttributeSet.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAttributeSet.md new file mode 100644 index 0000000000..0b91371df8 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaAttributeSet.md @@ -0,0 +1,145 @@ +--- +title: Get-EntraBetaAttributeSet +description: This article provides details on the Get-EntraBetaAttributeSet command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAttributeSet + +schema: 2.0.0 +--- + +# Get-EntraBetaAttributeSet + +## Synopsis + +Gets a list of attribute sets. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaAttributeSet + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaAttributeSet + -AttributeSetId + [] +``` + +## Description + +The `Get-EntraABetaAttributeSet` cmdlet gets a list of Microsoft Entra ID attribute sets. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with the necessary permissions. The supported roles for this operation are: + +- Attribute Assignment Reader +- Attribute Definition Reader +- Attribute Assignment Administrator +- Attribute Definition Administrator + +By default, other administrator roles cannot read, define, or assign custom security attributes. + +## Examples + +### Example 1: Get an all attribute sets + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraBetaAttributeSet +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Engineering Attributes for cloud engineering team 25 +Contoso Attributes for Contoso 25 +``` + +This example returns all attribute sets. + +### Example 2: Get an attribute sets + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraBetaAttributeSet -AttributeSetId 'Testing' +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Testing Attributes for engineering team 10 +``` + +This example demonstrates how to retrieve an attribute set by Id. + +- `-AttributeSetId` parameter specifies the unique identifier for the attribute set within a tenant. + +## Parameters + +### -AttributeSetId + +Unique identifier for the attribute set within a tenant. + +This identifier can be up to 32 characters long and may include Unicode characters. It cannot contain spaces or special characters, and it cannot be changed later. The identifier is case insensitive. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaAttributeSet](New-EntraBetaAttributeSet.md) + +[Set-EntraBetaAttributeSet](Set-EntraBetaAttributeSet.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContact.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContact.md new file mode 100644 index 0000000000..6989f58fd7 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContact.md @@ -0,0 +1,235 @@ +--- +title: Get-EntraBetaContact +description: This article provides details on the Get-EntraBetaContact command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaContact + +schema: 2.0.0 +--- + +# Get-EntraBetaContact + +## Synopsis + +Gets a contact from Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaContact + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaContact + -OrgContactId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContact` cmdlet gets a contact from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all contact objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraBetaContact +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves all contact objects in the directory. + +### Example 2: Retrieve specific contact object in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraBetaContact -OrgContactId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +``` + +This example retrieves specified contact in the directory. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 3: Retrieve all contacts objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraBetaContact -All +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves all the contacts in the directory. + +### Example 4: Retrieve top two contacts objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraBetaContact -Top 2 +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +``` + +This example retrieves top two contacts in the directory. + +### Example 5: Retrieve all contacts objects in the directory filter by DisplayName + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraBetaContact -Filter "DisplayName eq 'Contoso Contact'" +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves contacts having the specified display name. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaContact](Remove-EntraBetaContact.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactDirectReport.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactDirectReport.md new file mode 100644 index 0000000000..2023374400 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactDirectReport.md @@ -0,0 +1,157 @@ +--- +title: Get-EntraBetaContactDirectReport +description: This article provides details on the Get-EntraBetaContactDirectReport command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaContactDirectReport + +schema: 2.0.0 +--- + +# Get-EntraBetaContactDirectReport + +## Synopsis + +Get the direct reports for a contact. + +## Syntax + +```powershell +Get-EntraBetaContactDirectReport + -OrgContactId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContactDirectReport` cmdlet gets the direct reports for a contact. + +## Examples + +### Example 1: Get the direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraBetaContactDirectReport -OrgContactId $Contact.ObjectId +``` + +This example shows how to retrieve direct reports for an organizational contact. +You can use the command `Get-EntraBetaContact` to get organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 2: Get all direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraBetaContactDirectReport -OrgContactId $Contact.ObjectId -All +``` + +This example shows how to retrieve all direct reports for an organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 3: Get top two direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraBetaContactDirectReport -OrgContactId $Contact.ObjectId -Top 2 +``` + +This example shows how to retrieve top two direct reports for an organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaContact](Get-EntraBetaContact.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactManager.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactManager.md new file mode 100644 index 0000000000..784338d912 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactManager.md @@ -0,0 +1,97 @@ +--- +title: Get-EntraBetaContactManager +description: This article provides details on the Get-EntraBetaContactManager command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaContactManager + +schema: 2.0.0 +--- + +# Get-EntraBetaContactManager + +## Synopsis + +Gets the manager of a contact. + +## Syntax + +```powershell +Get-EntraBetaContactManager + -OrgContactId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContactManager` cmdlet gets the manager of a contact in Microsoft Entra ID. + +## Examples + +### Example 1: Get the manager of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraBetaContactManager -OrgContactId $Contact.ObjectId +``` + +The example demonstrates how to retrieve the manager of a contact. You can use the command `Get-EntraBetaContact` to get organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +## Parameters + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaContact](Get-EntraBetaContact.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactMembership.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactMembership.md new file mode 100644 index 0000000000..ee342a8d74 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContactMembership.md @@ -0,0 +1,175 @@ +--- +title: Get-EntraBetaContactMembership +description: This article provides details on the Get-EntraBetaContactMembership command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaContactMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaContactMembership + +## Synopsis + +Get a contact membership. + +## Syntax + +```powershell +Get-EntraBetaContactMembership + -OrgContactId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContactMembership` cmdlet gets a contact membership in Microsoft Entra ID. + +This command is useful to administrators who need to understand which groups, roles, or administrative units a particular contact belongs to. This can be important for troubleshooting access issues, auditing memberships, and ensuring that contact memberships are correctly configured. + +## Examples + +### Example 1: Get the memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntrabetaContactMembership -OrgContactId $Contact.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This command gets all the memberships for specified contact. + +### Example 2: Get all memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntraBetaContactMembership -OrgContactId $Contact.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This command gets all the memberships for specified contact. + +### Example 3: Get top two memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntraBetaContactMembership -OrgContactId $Contact.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +``` + +This command gets top two memberships for specified contact. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaContact](Get-EntraBetaContact.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContract.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContract.md new file mode 100644 index 0000000000..a4f53b708f --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaContract.md @@ -0,0 +1,193 @@ +--- +title: Get-EntraBetaContract +description: This article provides details on the Get-EntraBetaContract command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaContract + +schema: 2.0.0 +--- + +# Get-EntraBetaContract + +## Synopsis + +Gets a contract. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaContract + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaContract + -ContractId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContract` cmdlet gets a contract information associated to a partner tenant. + +In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user + +## Examples + +### Example 1: Get all contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaContract +``` + +This command gets all contracts in the Microsoft Entra ID. + +### Example 2: Get top two contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaContract -Top 2 +``` + +This command gets top two contracts in the Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ContractId + +Specifies the ID of a contract. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +The contract object contains the following attributes: + +`contractType` - type of the contract. + +Possible values are: + +**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. +**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +`customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. + +`deletionTimestamp` - this property isn't valid for contracts and always returns null. + +`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. + +`objectType` - a string that identifies the object type. The value is always `Contract`. + +`ContractId` - the unique identifier for the partnership. + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..9081e7e049 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.md @@ -0,0 +1,142 @@ +--- +title: Get-EntraBetaCustomSecurityAttributeDefinition +description: This article provides details on the Get-EntraBetaCustomSecurityAttributeDefinition command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinition + +schema: 2.0.0 +--- + +# Get-EntraBetaCustomSecurityAttributeDefinition + +## Synopsis + +Gets a list of custom security attribute definitions. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaCustomSecurityAttributeDefinition + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaCustomSecurityAttributeDefinition + -Id + [-Property ] + [] +``` + +## Description + +Gets a list of Microsoft Entra ID custom security attribute definitions. Specify `Id` parameter to get a list of custom security attribute definitions. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following privileged roles are supported for this operation: + +- Attribute Assignment Reader +- Attribute Definition Reader +- Attribute Assignment Administrator +- Attribute Definition Administrator + +## Examples + +### Example 1: Get a list of all custom security attribute definitions + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All, CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraBetaCustomSecurityAttributeDefinition +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Engineering_newvalue Engineering New Eng Value True True NewValue Available String False +Engineering_ProjectDate Engineering Target completion date False True ProjectDate Available String False +``` + +This example returns all custom security attribute definitions. + +### Example 2: Get a specific custom security attribute definition + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All, CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraBetaCustomSecurityAttributeDefinition -Id 'Engineering_ProjectDate' +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Engineering_ProjectDate Engineering Target completion date False True ProjectDate Available String False +``` + + This example returns a specific custom security attribute definition. + +- `Id` parameter specifies the custom security attribute definition object ID. + +## Parameters + +### -Id + +The unique identifier of a Microsoft Entra ID custom security attribute definition object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaCustomSecurityAttributeDefinition](New-EntraBetaCustomSecurityAttributeDefinition.md) + +[Set-EntraBetaCustomSecurityAttributeDefinition](Set-EntraBetaCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..393f4ba043 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,205 @@ +--- +title: Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue command. + +ms.topic: reference +ms.date: 07/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +schema: 2.0.0 +--- + +# Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Gets the predefined value for a custom security attribute definition. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + -Id + [-Property ] + [] +``` + +## Description + +Gets the predefined value for a Microsoft Entra ID custom security attribute definition. Specify `CustomSecurityAttributeDefinitionId` parameter to retrieve the predefined value custom security attribute definition. + +The signed-in user must be assigned one of the following directory roles: + +- Attribute Definition Reader +- Attribute Definition Administrator + +## Examples + +### Example 1: Get all predefined values + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraBetaCustomSecurityAttributeDefinition -Id '' +Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId $CustomSecurityAttributeDefinition.Id +``` + +```Output +Id IsActive +-- -------- +Apline True +``` + +This example retrieves an all predefined values. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. + +### Example 2: Get predefined value with ID parameter + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraBetaCustomSecurityAttributeDefinition -Id '' +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinition.Id + Id = 'Alpine' +} +Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output +Id IsActive +-- -------- +Apline True +``` + +This example retrieves a specific predefined value. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. +- `-Id` parameter specifies the ID of Microsoft Entra ID Object. + +### Example 3: Get predefined value with Filter parameter + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraBetaCustomSecurityAttributeDefinition -Id '' +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinition.Id + Filter = "Id eq 'Apline'" +} +Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output +Id IsActive +-- -------- +Apline True +``` + +This example retrieves a predefined value containing Id with the specified value. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier of customSecurityAttributeDefinition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Filter items by property values. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for the predefined value, which can be up to 64 characters long and include Unicode characters. Spaces are allowed, but some special characters are not. This identifier is case sensitive, cannot be changed later, and is required. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) + +[Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.md new file mode 100644 index 0000000000..09a4f00c7d --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeletedDirectoryObject.md @@ -0,0 +1,125 @@ +--- +title: Get-EntraBetaDeletedDirectoryObject +description: This article provides details on the Get-EntraBetaDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Get-EntraBetaDeletedDirectoryObject + +## Synopsis + +Retrieves a soft deleted directory object from the directory. + +## Syntax + +```powershell +Get-EntraBetaDeletedDirectoryObject + -DirectoryObjectId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDeletedDirectoryObject` cmdlet retrieves a soft deleted directory object from the directory. + +Note that soft delete for groups is currently only implemented for Unified Groups (also known as +Office 365 Groups). + +## Examples + +### Example 1: Retrieve a deleted directory object + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All', 'Application.Read.All','Group.Read.All','User.Read.All' +Get-EntraBetaDeletedDirectoryObject -DirectoryObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 06-08-2024 04:23:34 +``` + +This example shows how to retrieve the deleted directory object from the directory. + +- `-DirectoryObjectId` parameter specifies the Id of the directory object to retrieve. + +### Example 2: Retrieve a deleted directory object with more details. + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All', 'Application.Read.All','Group.Read.All','User.Read.All' +Get-EntraBetaDeletedDirectoryObject -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' | Format-Table -Property Id, displayName, '@odata.type' -AutoSize +``` + +```Output +Id displayName @odata.type +-- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Entra PowerShell App #microsoft.graph.application +``` + +This example shows how to retrieve the deleted directory object details from the directory. + +- `-Id` parameter specifies the Id of the directory object to retrieve. + +## Parameters + +### -DirectoryObjectId + +The Id of the directory object to retrieve. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDevice.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDevice.md new file mode 100644 index 0000000000..12c9bb4de2 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDevice.md @@ -0,0 +1,278 @@ +--- +title: Get-EntraBetaDevice +description: This article provides details on the Get-EntraBetaDevice command. + + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDevice + +schema: 2.0.0 +--- + +# Get-EntraBetaDevice + +## Synopsis + +Gets a device from Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDevice + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraBetaDevice + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDevice + -DeviceId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDevice` cmdlet gets a device from Microsoft Entra ID. Specify the `DeviceId` parameter to get a specific device. + +## Examples + +### Example 1: Get a device by ID + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice -DeviceId 'bbbbbbbb-1111-1111-1111-cccccccccccc' +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + bbbbbbbb-1111-1111-1111-cccccccccccc True dddddddd-9999-0000-1111-eeeeeeeeeeee MetaData +``` + +This example shows how to retrieve a device using its ID. + +### Example 2: Get all devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + aaaaaaaa-1111-1111-1111-bbbbbbbbbbbb True aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb MetaData + bbbbbbbb-1111-1111-1111-cccccccccccc True aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb MetaData +``` + +This example demonstrates how to retrieve all devices from Microsoft Entra ID. + +### Example 3: Get top two devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice -Top 2 +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + aaaaaaaa-1111-1111-1111-bbbbbbbbbbbb True aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb MetaData + bbbbbbbb-1111-1111-1111-cccccccccccc True aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb MetaData +``` + +This example demonstrates how to retrieve top two devices from Microsoft Entra ID. + +### Example 4: Get a device by display name + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice -Filter "DisplayName eq 'Woodgrove Desktop'" +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + bbbbbbbb-1111-1111-1111-cccccccccccc True dddddddd-9999-0000-1111-eeeeeeeeeeee MetaData +``` + +This example demonstrates how to retrieve device using the display name. + +### Example 5: Get a device using display name + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice -Filter "startsWith(DisplayName,'Woodgrove')" +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + bbbbbbbb-1111-1111-1111-cccccccccccc True dddddddd-9999-0000-1111-eeeeeeeeeeee MetaData +``` + +This example demonstrates how to retrieve all the devices whose display name starts with the word `Woodgrove`. + +### Example 6: Search among retrieved devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDevice -SearchString 'DESKTOP' +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetada + ta +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- ------------ + bbbbbbbb-1111-1111-1111-cccccccccccc True dddddddd-9999-0000-1111-eeeeeeeeeeee MetaData +``` + +This example shows how to retrieve devices containing the word 'DESKTOP.' + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies the OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaDevice](New-EntraBetaDevice.md) + +[Remove-EntraBetaDevice](Remove-EntraBetaDevice.md) + +[Set-EntraBetaDevice](Set-EntraBetaDevice.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.md new file mode 100644 index 0000000000..6a6b122dbe --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.md @@ -0,0 +1,196 @@ +--- +title: Get-EntraBetaDeviceRegisteredOwner +description: This article provides details on the Get-EntraBetaDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaDeviceRegisteredOwner + +## Synopsis + +Gets the registered owner of a device. + +## Syntax + +```powershell +Get-EntraBetaDeviceRegisteredOwner + -DeviceId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDeviceRegisteredOwner` cmdlet gets the registered owner of a device in Microsoft Entra ID. Specify `DeviceId` parameter gets the registered owner of a device. + +## Examples + +### Example 1: Retrieve the registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +$DevId = (Get-EntraDevice -Top 1).ObjectId +Get-EntraBetaDeviceRegisteredOwner -DeviceId $DevId +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Maria Sullivan maria@contoso.com Member +``` + +This example shows how to find the registered owner of a device.. + +- `-DeviceId` parameter specifies the device's ID + +### Example 2: Retrieve the registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDeviceRegisteredOwner -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Maria Sullivan maria@contoso.com Member +cccccccc-2222-3333-4444-dddddddddddd Parker McLean parker@contoso.com Member +``` + +This command gets the registered owner of a device. + +- `-DeviceId` parameter specifies the device's ID + +### Example 3: Retrieve all the registered owners of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDeviceRegisteredOwner -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc -All +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Maria Sullivan maria@contoso.com Member +cccccccc-2222-3333-4444-dddddddddddd Parker McLean parker@contoso.com Member +``` + +This command retrieves all the registered owners of a device. + +- `-DeviceId` parameter specifies the device's ID. + +### Example 4: Retrieve top one registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDeviceRegisteredOwner -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc -Top 1 +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Maria Sullivan maria@contoso.com Member +``` + +This command retrieves all the registered owners of a device. + +- `-DeviceId` parameter specifies the device's ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDeviceRegisteredOwner](Add-EntraBetaDeviceRegisteredOwner.md) + +[Get-EntraBetaDevice](Get-EntraBetaDevice.md) + +[Remove-EntraBetaDeviceRegisteredOwner](Remove-EntraBetaDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.md new file mode 100644 index 0000000000..5f6b103744 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.md @@ -0,0 +1,180 @@ +--- +title: Get-EntraBetaDeviceRegisteredUser +description: This article provides details on the Get-EntraBetaDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Get-EntraBetaDeviceRegisteredUser + +## Synopsis + +Retrieve a list of users that are registered users of the device. + +## Syntax + +```powershell +Get-EntraBetaDeviceRegisteredUser + -DeviceId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDeviceRegisteredUser` cmdlet gets a registered user for a Microsoft Entra ID device. Specify `DeviceId` parameter to get a registered user for a Microsoft Entra ID device. + +## Examples + +### Example 1: Retrieve the registered user of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +$DevId = (Get-EntraDevice -Top 1).ObjectId +Get-EntraBetaDeviceRegisteredUser -DeviceId $DevId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +``` + +This example demonstrates how to retrieve registered user for a specific Microsoft Entra ID device. + +### Example 2: Get all registered users of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDeviceRegisteredUser -DeviceId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +``` + +This example demonstrates how to retrieve all registered users for a specified device. + +- `-DeviceId` parameter specifies an object ID of a device, which you want to retrieve. + +### Example 3: Get top two registered users of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraBetaDeviceRegisteredUser -DeviceId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to retrieve top two registered users for the specified device. + +- `-DeviceId` parameter specifies an object ID of a device, which you want to retrieve. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies an object ID of a device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDeviceRegisteredUser](Add-EntraBetaDeviceRegisteredUser.md) + +[Remove-EntraBetaDeviceRegisteredUser](Remove-EntraBetaDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.md new file mode 100644 index 0000000000..53aa48d970 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.md @@ -0,0 +1,107 @@ +--- +title: Get-EntraBetaDirSyncConfiguration +description: This article provides details on the Get-EntraBetaDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirSyncConfiguration + +schema: 2.0.0 +--- + +# Get-EntraBetaDirSyncConfiguration + +## Synopsis + +Gets the directory synchronization settings. + +## Syntax + +```powershell +Get-EntraBetaDirSyncConfiguration + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaDirSyncConfiguration` cmdlet gets the directory synchronization settings. See [configuration settings](https://learn.microsoft.com/graph/api/resources/onpremisesaccidentaldeletionprevention#properties) details. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Get directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraBetaDirSyncConfiguration +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings. + +### Example 2: Get directory synchronization settings by TenantId + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$tenant = Get-EntraBetaTenantDetail +Get-EntraBetaDirSyncConfiguration -TenantId $tenant.Id +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings by TenantId. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System. Nullable`1[[System. Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaDirSyncConfiguration](Set-EntraBetaDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncFeature.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncFeature.md new file mode 100644 index 0000000000..9d1ac38e67 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirSyncFeature.md @@ -0,0 +1,153 @@ +--- +title: Get-EntraBetaDirSyncFeature +description: This article provides details on the Get-EntraBetaDirSyncFeature command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirSyncFeature + +schema: 2.0.0 +--- + +# Get-EntraBetaDirSyncFeature + +## Synopsis + +Checks the status of directory synchronization features for a tenant. + +## Syntax + +```powershell +Get-EntraBetaDirSyncFeature + [-TenantId ] + [-Feature ] + [] +``` + +## Description + +The `Get-EntraBetaDirSyncFeature` cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +Some of the features that can be used with this cmdlet include: + +- **DeviceWriteback** +- **DirectoryExtensions** +- **DuplicateProxyAddressResiliency** +- **DuplicateUPNResiliency** +- **EnableSoftMatchOnUpn** +- **PasswordSync** +- **SynchronizeUpnForManagedUsers** +- **UnifiedGroupWriteback** +- **UserWriteback** + +To view all supported features, see the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). + +## Examples + +### Example 1: Return a list of all directory synchronization features + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraBetaDirSyncFeature +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False BlockCloudObjectTakeoverThroughHardMatch + False BlockSoftMatch + False BypassDirSyncOverrides + False CloudPasswordPolicyForPasswordSyncedUsers + False ConcurrentCredentialUpdate + True ConcurrentOrgIdProvisioning + False DeviceWriteback + False DirectoryExtensions + False FopeConflictResolution + False GroupWriteBack + False PasswordSync + False PasswordWriteback + True QuarantineUponProxyAddressesConflict + True QuarantineUponUpnConflict + True SoftMatchOnUpn + True SynchronizeUpnForManagedUsers + False UnifiedGroupWriteback + False UserForcePasswordChangeOnLogon + False UserWriteback +``` + +This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). + +### Example 2: Return the PasswordSync feature status + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraBetaDirSyncFeature -Feature 'PasswordSync' +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False PasswordSync +``` + +This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. + +- `-Feature` specifies the directory synchronization feature to check the status of. + +## Parameters + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Feature + +The directory sync feature to check. See the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaDirSyncFeature](Set-EntraBetaDirSyncFeature.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md new file mode 100644 index 0000000000..1a5e8761a7 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md @@ -0,0 +1,104 @@ +--- +title: Get-EntraBetaDirectoryObjectOnPremisesProvisioningError +description: This article provides details on the Get-EntraBetaDirectoryObjectOnPremisesProvisioningError command. + + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryObjectOnPremisesProvisioningError + +## Synopsis + +Returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +## Syntax + +```powershell +Get-EntraBetaDirectoryObjectOnPremisesProvisioningError + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryObjectOnPremisesProvisioningError` returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +## Examples + +### Example 1: Return whether Microsoft Entra ID has objects with DirSync provisioning error + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Directory.Read.All', 'Group.Read.All', 'Contacts.Read' + +Get-EntraBetaDirectoryObjectOnPremisesProvisioningError +``` + +```Output +False +``` + +This command returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +### Example 2: Return whether Microsoft Entra ID has objects with DirSync provisioning error + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Directory.Read.All', 'Group.Read.All', 'Contacts.Read' + +Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -TenantId '0000aaaa-11bb-cccc-dd22-eeeeee333333' +``` + +```Output +False +``` + +This command returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. + +If this isn't provided then the value defaults to the tenant of the current user. + +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRole.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRole.md new file mode 100644 index 0000000000..6e95024b2a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRole.md @@ -0,0 +1,182 @@ +--- +title: Get-EntraBetaDirectoryRole +description: This article provides details on the Get-EntraBetaDirectoryRole command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryRole + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryRole + +## Synopsis + +Gets a directory role. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDirectoryRole + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDirectoryRole + -DirectoryRoleId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryRole` cmdlet gets a directory role from Microsoft Entra ID. Specify `DirectoryRoleId` parameter to get a directory role. + +## Examples + +### Example 1: Get a directory role by ID + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRole -DirectoryRoleId '56644e28-bf8b-4dad-8595-24448ffa3cb8' +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 56644e28-bf8b-4dad-8595-24448ffa3cb8 Perform all migration functionality to migrate content to Microsoft 365 usin... +``` + +This command gets the specified directory role. + +- `-DirectoryRoleId` parameter specifies the ID of a directory role in Microsoft Entra ID. + +### Example 2: Get all directory roles + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRole +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Perform all migration functionality to migrate content to Microsoft 365 usin... + aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb Can manage all aspects of users and groups, including resetting passwords fo... + bbbbbbbb-7777-8888-9999-cccccccccccc Can read basic directory information. Commonly used to grant directory read ... + cccccccc-8888-9999-0000-dddddddddddd Can read and write basic directory information. For granting access to appli... +``` + +This command gets all the directory roles. + +### Example 3: Get a directory role filter by ObjectId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRole -Filter "ObjectId eq '56644e28-bf8b-4dad-8595-24448ffa3cb8'" +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 56644e28-bf8b-4dad-8595-24448ffa3cb8 Perform all migration functionality to migrate content to Microsoft 365 usin... +``` + +This command gets the directory role by ObjectId. + +- `-ObjectId` parameter specifies the ID of a directory role in Microsoft Entra ID. + +### Example 4: Get a directory role filter by displayName + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRole -Filter "displayName eq 'Helpdesk Administrator'" +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 56644e28-bf8b-4dad-8595-24448ffa3cb8 Perform all migration functionality to migrate content to Microsoft 365 usin... +``` + +This command gets the directory role by display name. + +## Parameters + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Enable-EntraBetaDirectoryRole](Enable-EntraBetaDirectoryRole.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.md new file mode 100644 index 0000000000..8edcde3df0 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleMember.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaDirectoryRoleMember +description: This article provides details on the Get-EntraBetaDirectoryRoleMember command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryRoleMember + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryRoleMember + +## Synopsis + +Gets members of a directory role. + +## Syntax + +```powershell +Get-EntraBetaDirectoryRoleMember + -DirectoryRoleId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryRoleMember` cmdlet retrieves the members of a directory role in Microsoft Entra ID. To obtain the members of a specific directory role, specify the `DirectoryRoleId`. Use the `Get-EntraBetaDirectoryRole` cmdlet to get the `DirectoryRoleId` value. + +## Examples + +### Example 1: Get members by role ID + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRoleMember -DirectoryRoleId '1708c380-4b8a-4977-a46e-6031676f6b41' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This example retrieves the members of the specified role. + +- `-DirectoryRoleId` parameter specifies directory role ID. + +## Parameters + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDirectoryRoleMember](Add-EntraBetaDirectoryRoleMember.md) + +[Remove-EntraBetaDirectoryRoleMember](Remove-EntraBetaDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.md new file mode 100644 index 0000000000..29b9fb8d0b --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectoryRoleTemplate.md @@ -0,0 +1,101 @@ +--- +title: Get-EntraBetaDirectoryRoleTemplate +description: This article provides details on the Get-EntraBetaDirectoryRoleTemplate command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryRoleTemplate + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryRoleTemplate + +## Synopsis + +Gets directory role templates. + +## Syntax + +```powershell +Get-EntraBetaDirectoryRoleTemplate + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryRoleTemplate` cmdlet gets directory role templates in Microsoft Entra ID. + +## Examples + +### Example 1: Get role templates + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRoleTemplate +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 62e90394-69f5-4237-9190-012177145e10 Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities. + 10dae51f-b6af-4016-8d66-8c2a99b929b3 Default role for guest users. Can read a limited set of directory information. + 2af84b1e-32c8-42b7-82bc-daa82404023b Default role for guest users with restricted access. Can read a limited set of directory information. + 95e79109-95c0-4d8e-aee3-d01accf2d47b Can invite guest users independent of the 'members can invite guests' setting. + fe930be7-5e62-47db-91af-98c3a49a38b1 Can manage all aspects of users and groups, including resetting passwords for limited admins. +``` + +This example retrieves the role templates in Microsoft Entra ID. + +### Example 2: Get a specific role template + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraBetaDirectoryRoleTemplate | Where-Object {$_.DisplayName -eq 'Helpdesk Administrator'} +``` + +```Output +DeletedDateTime Id Description DisplayName +--------------- -- ----------- ----------- + 729827e3-9c14-49f7-bb1b-9608f156bbb8 Can reset passwords for non-administrators and Helpdesk Administrators. Helpdesk Administrator +``` + +This example retrieves a Helpdesk role template. + +## Parameters + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySetting.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySetting.md new file mode 100644 index 0000000000..eaadf1330a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySetting.md @@ -0,0 +1,193 @@ +--- +title: Get-EntraBetaDirectorySetting +description: This article provides details on the Get-EntraBetaDirectorySetting command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectorySetting + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectorySetting + +## Synopsis + +Gets a directory setting. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDirectorySetting + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDirectorySetting + -Id + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectorySetting` cmdlet gets a directory setting from Microsoft Entra ID. Specify `Id` parameter to get a directory setting. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](https://learn.microsoft.com/entra/identity/role-based-access-control/permissions-reference) or a custom role with a supported role permission. The following least privileged roles are supported: + +- Microsoft Entra Joined Device Local Administrator (Read basic properties on setting templates and settings) +- Directory Readers (Read basic properties on setting templates and settings) +- Global Reader (Read basic properties on setting templates and settings) +- Groups Administrator (Manage all group settings) +- Directory Writers (Manage all group settings) +- Authentication Policy Administrator (Update Password Rule Settings) +- User Administrator (Read basic properties on setting templates and settings) + +## Examples + +### Example 1: Get a directory setting + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All, Group.Read.All, Group.ReadWrite.All' +Get-EntraBetaDirectorySetting -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Application 00001111-aaaa-2222-bbbb-3333cccc4444 +``` + +This example gets a directory setting. + +- `-Id` parameter specifies the ID of a directory. + +### Example 2: Get all directory setting + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All, Group.Read.All, Group.ReadWrite.All' +Get-EntraBetaDirectorySetting -All +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Application 00001111-aaaa-2222-bbbb-3333cccc4444 +bbbbbbbb-1111-2222-3333-cccccccccccc Password Rule Settings 11112222-bbbb-3333-cccc-4444dddd5555 +``` + +This example gets all directory setting. + +### Example 3: Get top n directory setting + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All, Group.Read.All, Group.ReadWrite.All' +Get-EntraBetaDirectorySetting -Top 2 +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Application 00001111-aaaa-2222-bbbb-3333cccc4444 +bbbbbbbb-1111-2222-3333-cccccccccccc Password Rule Settings 11112222-bbbb-3333-cccc-4444dddd5555 +``` + +This example gets top two directory setting. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a directory in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaDirectorySetting](New-EntraBetaDirectorySetting.md) + +[Remove-EntraBetaDirectorySetting](Remove-EntraBetaDirectorySetting.md) + +[Set-EntraBetaDirectorySetting](Set-EntraBetaDirectorySetting.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.md new file mode 100644 index 0000000000..9360a06b79 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.md @@ -0,0 +1,127 @@ +--- +title: Get-EntraBetaDirectorySettingTemplate +description: This article provides details on the Get-EntraBetaDirectorySettingTemplate command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectorySettingTemplate + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectorySettingTemplate + +## Synopsis + +Gets a directory setting template. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDirectorySettingTemplate + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDirectorySettingTemplate + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectorySettingTemplate` cmdlet gets a directory setting template from A Microsoft Entra ID. Specify `Id` parameter to get a directory setting template. + +## Examples + +### Example 1: Get an all directory setting template + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaDirectorySettingTemplate +``` + +```Output +Id DisplayName Description +-- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest Settings for a specific Unified Group +bbbbbbbb-1111-2222-3333-cccccccccccc Application ... +cccccccc-2222-3333-4444-dddddddddddd Password Rule Settings ... +``` + +This example gets an all directory setting template. + +### Example 2: Get a directory setting template + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaDirectorySettingTemplate -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id DisplayName Description +-- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest Settings for a specific Unified Group +``` + +This example gets a directory setting template. + +- `-Id` parameter specifies the ID of the settings template. + +## Parameters + +### -Id + +The ID of the settings template you want to retrieve. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomain.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomain.md new file mode 100644 index 0000000000..a27f930673 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomain.md @@ -0,0 +1,147 @@ +--- +title: Get-EntraBetaDomain +description: This article provides details on the Get-EntraBetaDomain command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDomain + +schema: 2.0.0 +--- + +# Get-EntraBetaDomain + +## Synopsis + +Gets a domain. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDomain + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDomain + -Name + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDomain` cmdlet gets a domain in Microsoft Entra ID. + +The work or school account must be assigned to at least one of the following Microsoft Entra roles: + +- User Administrator +- Helpdesk Administrator +- Service Support Administrator +- Directory Readers +- AdHoc License Administrator +- Application Administrator +- Security Reader +- Security Administrator +- Privileged Role Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Get a list of Domains that are created + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomain +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +test33.com Managed True False False False False 15 +test44.com Managed True False False False False 17 +``` + +This command retrieves a list of domains. + +### Example 2: Get a specific Domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomain -Name TEST22.com +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +``` + +This command retrieves a domain with the specified name. + +## Parameters + +### -Name + +Specifies the name of a domain. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraBetaDomain](Confirm-EntraBetaDomain.md) + +[New-EntraBetaDomain](New-EntraBetaDomain.md) + +[Remove-EntraBetaDomain](Remove-EntraBetaDomain.md) + +[Set-EntraBetaDomain](Set-EntraBetaDomain.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.md new file mode 100644 index 0000000000..0a4baec28c --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.md @@ -0,0 +1,131 @@ +--- +title: Get-EntraBetaDomainFederationSettings +description: This article provides details on the Get-EntraBetaDomainFederationSettings command. + + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDomainFederationSettings + +schema: 2.0.0 +--- + +# Get-EntraBetaDomainFederationSettings + +## Synopsis + +Retrieves settings for a federated domain. + +## Syntax + +```powershell +Get-EntraBetaDomainFederationSettings + -DomainName + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaDomainFederationSettings` cmdlet gets key settings from Microsoft Entra ID. + +Use the `Get-EntraBetaFederationProperty` cmdlet to get settings for both Microsoft Entra ID and the Entra ID Federation Services server. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Global Reader +- Security Reader +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Get federation settings for specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomainFederationSettings -DomainName 'contoso.com' +``` + +This command gets federation settings for specified domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. + +## Parameters + +### -DomainName + +The fully qualified domain name to retrieve. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this isn't provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DomainFederationSettings + +### This cmdlet returns the following settings + +### ActiveLogOnUri + +### FederationBrandName + +### IssuerUri + +### LogOffUri + +### MetadataExchangeUri + +### NextSigningCertificate + +### PassiveLogOnUri + +### SigningCertificate + +## Notes + +## Related Links + +[Set-EntraBetaDomainFederationSettings](Set-EntraBetaDomainFederationSettings.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainNameReference.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainNameReference.md new file mode 100644 index 0000000000..6c51c60e07 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainNameReference.md @@ -0,0 +1,112 @@ +--- +title: Get-EntraBetaDomainNameReference +description: This article provides details on the Get-EntraBetaDomainNameReference command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDomainNameReference + +schema: 2.0.0 +--- + +# Get-EntraBetaDomainNameReference + +## Synopsis + +Retrieves the objects that are referenced by a given domain name. + +## Syntax + +```powershell +Get-EntraBetaDomainNameReference + -Name + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDomainNameReference` cmdlet retrieves the objects that are referenced with a given domain name. Specify `Name` parameter retrieve the objects. + +The work or school account needs to belong to at least the Domain Name Administrator or Global Reader Microsoft Entra role. + +## Examples + +### Example 1: Retrieve the domain name reference objects for a domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomainNameReference -Name contoso.com +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +hhhhhhhh-5555-6666-7777-iiiiiiiiiiii +``` + +This example shows how to retrieve the domain name reference objects for a domain that is specified through the -Name parameter. + +- `-Name` parameter specifies the name of the domain name for which the referenced objects are retrieved. + +## Parameters + +### -Name + +The name of the domain name for which the referenced objects are retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.md new file mode 100644 index 0000000000..1b72f6d221 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainServiceConfigurationRecord.md @@ -0,0 +1,113 @@ +--- +title: Get-EntraBetaDomainServiceConfigurationRecord +description: This article provides details on the Get-EntraBetaDomainServiceConfigurationRecord command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDomainServiceConfigurationRecord + +schema: 2.0.0 +--- + +# Get-EntraBetaDomainServiceConfigurationRecord + +## Synopsis + +Gets the domain's service configuration records from the `serviceConfigurationRecords` navigation property. + +## Syntax + +```powershell +Get-EntraBetaDomainServiceConfigurationRecord + -Name + [-Property ] + [] +``` + +## Description + +Gets the domain's service configuration records from the `serviceConfigurationRecords` navigation property. + +After you have successfully verified the ownership of a domain and you have indicated what services you plan to use with the domain, you can request Microsoft Entra ID to return you a set of DNS records which you need to add to the zone file of the domain so that the services can work properly with your domain. + +## Examples + +### Example 1: Retrieve domain service configuration records by Name + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomainServiceConfigurationRecord -Name 'test.mail.contoso.com' +``` + +```Output +Id IsOptional Label RecordType SupportedService Ttl +-- ---------- ----- ---------- ---------------- --- +aaaa0000-bb11-2222-33cc-444444dddddd False test.mail.contoso.com Mx Email 3600 +bbbb1111-cc22-3333-44dd-555555eeeeee False test.mail.contoso.com Txt Email 3600 +cccc2222-dd33-4444-55ee-666666ffffff False autodiscover.test.mail.contoso.com CName Email 3600 +dddd3333-ee44-5555-66ff-777777aaaaaa False msoid.test.mail.contoso.com CName OrgIdAuthentication 3600 +eeee4444-ff55-6666-77aa-888888bbbbbb False enterpriseregistration.test.mail.contoso.com CName Intune 3600 +ffff5555-aa66-7777-88bb-999999cccccc False enterpriseenrollment.test.mail.contoso.com CName Intune 3600 +``` + +This example shows how to retrieve the Domain service configuration records for a domain with the given name. + +- `-Name` parameter specifies domain name for which the domain service configuration records are to be retrieved. + +## Parameters + +### -Name + +The name of the domain for which the domain service configuration records are to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.md new file mode 100644 index 0000000000..69bc0a68af --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaDomainVerificationDnsRecord.md @@ -0,0 +1,113 @@ +--- +title: Get-EntraBetaDomainVerificationDnsRecord +description: This article provides details on the Get-EntraBetaDomainVerificationDnsRecord command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDomainVerificationDnsRecord + +schema: 2.0.0 +--- + +# Get-EntraBetaDomainVerificationDnsRecord + +## Synopsis + +Retrieve the domain verification DNS record for a domain. + +## Syntax + +```powershell +Get-EntraBetaDomainVerificationDnsRecord + -Name + [-Property ] + [] +``` + +## Description + +Gets the domain's verification records from the `verificationDnsRecords` navigation property. + +You can't use the domain with your Microsoft Entra ID tenant until you have successfully verified that you own the domain. + +To verify the ownership of the domain, you need to first retrieve a set of domain verification records that you need to add to the zone file of the domain. This can be done through the domain registrar or DNS server configuration. + +Root domains require verification. For example, contoso.com requires verification. If a root domain is verified, subdomains of the root domain are automatically verified. For example, subdomain.contoso.com is automatically be verified if contoso.com has been verified. + +The work or school account needs to belong to at least the Domain Name Administrator or Global Reader Microsoft Entra role. + +## Examples + +### Example 1: Retrieve the domain verification DNS record + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaDomainVerificationDnsRecord -Name mail.contoso.com +``` + +```Output +Id IsOptional Label RecordType SupportedService Ttl +-- ---------- ----- ---------- ---------------- ---- +aaaabbbb-0000-cccc-1111-dddd2222eeee False contoso.com Txt Email 3600 +aaaabbbb-1111-cccc-1111-dddd2222eeee False contoso.com Mx Email 3600 +``` + +This example shows how to retrieve the Domain verification DNS records for a domain with the given name. + +## Parameters + +### -Name + +The domain name for which the domain verification Domain Name System (DNS) records are to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaFederationProperty.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaFederationProperty.md new file mode 100644 index 0000000000..40be5e2400 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaFederationProperty.md @@ -0,0 +1,90 @@ +--- +title: Get-EntraBetaFederationProperty +description: This article provides details on the Get-EntraBetaFederationProperty command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaFederationProperty + +schema: 2.0.0 +--- + +# Get-EntraBetaFederationProperty + +## Synopsis + +Displays the properties of the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +## Syntax + +```powershell +Get-EntraBetaFederationProperty + -DomainName + [] +``` + +## Description + +The `Get-EntraBetaFederationProperty` cmdlet gets key settings from both the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +You can use this information to troubleshoot authentication problems caused by mismatched settings between the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Global Reader +- Security Reader +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Display properties for specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaFederationProperty -DomainName 'contoso.com' +``` + +This command displays properties for specified domain. + +- `-DomainName` Specifies the domain name. + +## Parameters + +### -DomainName + +The domain name for which the properties from both the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online are displayed. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPartnerInformation.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPartnerInformation.md new file mode 100644 index 0000000000..f201080f8d --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPartnerInformation.md @@ -0,0 +1,135 @@ +--- +title: Get-EntraBetaPartnerInformation +description: This article provides details on the Get-EntraBetaPartnerInformation command. + +ms.topic: reference +ms.date: 09/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPartnerInformation + +schema: 2.0.0 +--- + +# Get-EntraBetaPartnerInformation + +## Synopsis + +Retrieves company-level information for partners. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPartnerInformation + [] +``` + +### GetById + +```powershell +Get-EntraBetaPartnerInformation + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaPartnerInformation` cmdlet is used to retrieve partner-specific information. +This cmdlet should only be used for partner tenants. + +## Examples + +### Example 1: Retrieve partner information + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaPartnerInformation +``` + +```Output +PartnerCompanyName : Contoso +companyType : +PartnerSupportTelephones : {12123, +1911} +PartnerSupportEmails : {} +PartnerHelpUrl : http://www.help.contoso.com +PartnerCommerceUrl : +ObjectID : bbbbbbbb-1111-2222-3333-cccccccccccc +PartnerSupportUrl : +``` + +This command retrieves partner-specific information. + +### Example 2: Retrieve partner information with specific TenantId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +$tenantId = (Get-EntraContext).TenantId +Get-EntraBetaPartnerInformation -TenantId $tenantId +``` + +```Output +PartnerCompanyName : Contoso +companyType : +PartnerSupportTelephones : {12123, +1911} +PartnerSupportEmails : {} +PartnerHelpUrl : http://www.help.contoso.com +PartnerCommerceUrl : +ObjectID : bbbbbbbb-1111-2222-3333-cccccccccccc +PartnerSupportUrl : +``` + +This command retrieves partner-specific information. + +`-TenantId` Parameter specifies unique ID of the tenant to perform the operation on. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this is not provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Company level information outputs + +- CompanyType: The type of this company (can be partner or regular tenant) +- DapEnabled: Flag to determine if the partner has delegated admin privileges +- PartnerCompanyName: The name of the company +- PartnerSupportTelephones: Support Telephone numbers for the partner +- PartnerSupportEmails: Support E-Mail address for the partner +- PartnerCommerceUrl: URL for the partner's commerce web site +- PartnerSupportUrl: URL for the Partner's support website +- PartnerHelpUrl: URL for the partner's help web site + +## Notes + +## Related Links + +[Set-EntraBetaPartnerInformation](Set-EntraBetaPartnerInformation.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.md new file mode 100644 index 0000000000..a0b4d2646c --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaPasswordPolicy.md @@ -0,0 +1,101 @@ +--- +title: Get-EntraBetaPasswordPolicy +description: This article provides details on the Get-EntraBetaPasswordPolicy command. + + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPasswordPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaPasswordPolicy + +## Synopsis + +Retrieves the current password policy for the tenant or the specified domain. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPasswordPolicy + [] +``` + +### GetById + +```powershell +Get-EntraBetaPasswordPolicy + -DomainName + [] +``` + +## Description + +The `Get-EntraBetaPasswordPolicy` cmdlet can be used to retrieve the values associated with the Password Expiry +window or Password Expiry Notification window for a tenant or specified domain. + +When a domain name is specified, it must be a verified domain for the company. + +The work or school account needs to belong to one of the following Microsoft Entra roles: + +- Domain Name Administrator + +## Examples + +### Example 1: Get password policy for a specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraBetaPasswordPolicy -DomainName 'contoso.com' +``` + +```Output +NotificationDays ValidityPeriod +---------------- -------------- + 90 180 +``` + +Returns the password policy for the specified domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. + +## Parameters + +### -DomainName + +The fully qualified name of the domain to be retrieved. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..68693bd41a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.md @@ -0,0 +1,145 @@ +--- +title: Get-EntraBetaScopedRoleMembership +description: This article provides details on the Get-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaScopedRoleMembership + +## Synopsis + +List Microsoft Entra role assignments with administrative unit scope. + +## Syntax + +```powershell +Get-EntraBetaScopedRoleMembership + -AdministrativeUnitId + [-ScopedRoleMembershipId ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `AdministrativeUnitId` parameter to retrieve a specific scoped role membership. + +## Examples + +### Example 1: Get Scoped Role Administrator + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMembership = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} +Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example gets scoped role administrator. You cane use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. + +### Example 2: List scoped administrators for administrative unit by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example list scoped administrators with AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of a scoped role membership. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) + +[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaSubscribedSku.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaSubscribedSku.md new file mode 100644 index 0000000000..c4d5f5642d --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaSubscribedSku.md @@ -0,0 +1,229 @@ +--- +title: Get-EntraBetaSubscribedSku +description: This article provides details on the Get-EntraBetaSubscribedSku command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaSubscribedSku + +schema: 2.0.0 +--- + +# Get-EntraBetaSubscribedSku + +## Synopsis + +Gets subscribed SKUs to Microsoft services. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaSubscribedSku + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaSubscribedSku + -SubscribedSkuId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaSubscribedSku` cmdlet gets subscribed SKUs to Microsoft services. + +## Examples + +### Example 1: Get subscribed SKUs + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaSubscribedSku +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +aaaa0000-bb11-2222-33cc-444444dddddd 0000aaaa-11bb-cccc-dd22-eeeeee333333 M365x99297270 User Enabled 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSP... +bbbb1111-cc22-3333-44dd-555555eeeeee 1111bbbb-22cc-dddd-ee33-ffffff444444 M365x99297270 User Enabled 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTE... +cccc2222-dd33-4444-55ee-666666ffffff 2222cccc-33dd-eeee-ff44-aaaaaa555555 M365x99297270 User Enabled 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTE... +``` + +This example demonstrates how to retrieve subscribed SKUs to Microsoft services. + +### Example 2: Get subscribed SKUs by SubscribedSkuId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaSubscribedSku -SubscribedSkuId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +aaaa0000-bb11-2222-33cc-444444dddddd 0000aaaa-11bb-cccc-dd22-eeeeee333333 M365x99297270 User Enabled 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSP... +``` + +This example demonstrates how to retrieve specified subscribed SKUs to Microsoft services. + +- `-SubscribedSkuId` parameter specifies the ID of the SKU (Stock Keeping Unit). + +### Example 3: Get available license plans + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Organization.Read.All' +Get-EntraBetaSubscribedSku | Select-Object -Property Sku*, ConsumedUnits -ExpandProperty PrepaidUnits +``` + +```Output +Enabled : 5 +LockedOut : 0 +Suspended : 0 +Warning : 0 +AdditionalProperties : +SkuId : efccb6f7-5641-4e0e-bd10-b4976e1bf68e +SkuPartNumber : EMS +ConsumedUnits : 3 +``` + +This example demonstrates how to retrieve available license plans. + +### Example 4: Retrieve all users assigned a specific license + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +$sku = Get-EntraBetaSubscribedSku | Where-Object { $_.SkuPartNumber -eq 'DEVELOPERPACK_E5' } +$skuId = $sku.SkuId +$usersWithDeveloperPackE5 = Get-EntraBetaUser -All | Where-Object { + $_.AssignedLicenses -and ($_.AssignedLicenses.SkuId -contains $skuId) +} +$usersWithDeveloperPackE5 | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled, UserType | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AccountEnabled UserType +-- ----------- ----------------- -------------- -------- +cccccccc-2222-3333-4444-dddddddddddd Angel Brown AngelB@contoso.com True Member +dddddddd-3333-4444-5555-eeeeeeeeeeee Avery Smith AveryS@contoso.com True Member +eeeeeeee-4444-5555-6666-ffffffffffff Sawyer Miller SawyerM@contoso.com True Member +``` + +This example demonstrates how to retrieve all users assigned a specific license. + +### Example 5: Get a list of users, their assigned licenses, and licensing source + +```powershell +Connect-Entra -Scopes 'Organization.Read.All','User.Read.All','Group.Read.All' + +# Get all users with specified properties +$Users = Get-EntraBetaUser -All -Property AssignedLicenses, LicenseAssignmentStates, DisplayName, UserPrincipalName, ObjectId + +$SelectedUsers = $Users | Select-Object ObjectId, UserPrincipalName, DisplayName, AssignedLicenses -ExpandProperty LicenseAssignmentStates + +# Group Name lookup +$GroupDisplayNames = @{} + +# Sku Part Number lookup +$SkuPartNumbers = @{} + +# Populate the hashtable with group display names and SKU part numbers +foreach ($User in $SelectedUsers) { + $AssignedByGroup = $User.AssignedByGroup + $SkuId = $User.SkuId + + try { + # Check if the group display name is already in the hashtable + if (-not $GroupDisplayNames.ContainsKey($AssignedByGroup)) { + $Group = Get-EntraBetaGroup -GroupId $AssignedByGroup + $GroupDisplayNames[$AssignedByGroup] = $Group.DisplayName + } + + $User | Add-Member -NotePropertyName 'GroupDisplayName' -NotePropertyValue $GroupDisplayNames[$AssignedByGroup] + } catch { + $User | Add-Member -NotePropertyName 'GroupDisplayName' -NotePropertyValue 'N/A (Direct Assignment)' + } + + try { + # Check if the SKU part number is already in the hashtable + if (-not $SkuPartNumbers.ContainsKey($SkuId)) { + $Sku = Get-EntraBetaSubscribedSku | Where-Object { $_.SkuId -eq $SkuId } | Select-Object -ExpandProperty SkuPartNumber + $SkuPartNumbers[$SkuId] = $Sku + } + + $User | Add-Member -NotePropertyName 'SkuPartNumber' -NotePropertyValue $SkuPartNumbers[$SkuId] + } catch { + $User | Add-Member -NotePropertyName 'SkuPartNumber' -NotePropertyValue 'N/A' + } +} + +$SelectedUsers | Format-Table UserPrincipalName, DisplayName, AssignedByGroup, GroupDisplayName, SkuId, SkuPartNumber, State, Error -AutoSize +``` + +```Output +userPrincipalName displayName assignedByGroup GroupDisplayName skuId SkuPartNumber state error +----------------- ----------- --------------- ---------------- ----- ------------- ----- ----- +averyh@contoso.com Avery Howard cccccccc-2222-3333-4444-dddddddddddd Contoso Team abcdefgh-1111-2222-bbbb-cccc33333333 ENTERPRISEPACK Active None +devont@contoso.com Devon Torres ffffffff-5555-6666-7777-aaaaaaaaaaaa Retail abcdefgh-1111-2222-bbbb-cccc33333333 ENTERPRISEPACK Active None +``` + +This example shows a list of users, their licenses, and the source of the license such as directly assigned or group assigned. + +## Parameters + +### -SubscribedSkuId + +The object ID of the SKU (Stock Keeping Unit). + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaTenantDetail.md b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaTenantDetail.md new file mode 100644 index 0000000000..3d005a9e53 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Get-EntraBetaTenantDetail.md @@ -0,0 +1,169 @@ +--- +title: Get-EntraBetaTenantDetail +description: This article provides details on the Get-EntraBetaTenantDetail command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaTenantDetail + +schema: 2.0.0 +--- + +# Get-EntraBetaTenantDetail + +## Synopsis + +Gets the details of a tenant. + +## Syntax + +```powershell +Get-EntraBetaTenantDetail + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaTenantDetail` cmdlet gets the details of a tenant in Microsoft Entra ID. + +In delegated scenarios involving work or school accounts, the signed-in user must be assigned either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation: + +- Application Administrator +- Authentication Administrator +- Cloud Application Administrator +- Directory Readers +- Directory Reviewer +- Global Reader +- Helpdesk Administrator +- Security Administrator +- Security Operator +- Security Reader +- Service Support Administrator +- User Administrator +- Privileged Role Administrator + +## Examples + +### Example 1: Get all tenant details + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaTenantDetail -All +``` + +```Output +DisplayName Id CountryLetterCode VerifiedDomains +----------- -- ----------------- --------------- +Contoso aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NL {@{Capabilities=Email, OfficeCommunicationsOnline; IsDefault=False; IsInitial=True; Name=contoso.onmicrosoft.com; Type=Managed; Addition…}} +Contoso1 bbbbbbbb-1111-2222-3333-cccccccccccc NL {@{Capabilities=Email, OfficeCommunicationsOnline; IsDefault=False; IsInitial=True; Name=contoso.onmicrosoft.com; Type=Managed; Addition…}} +``` + +This example shows how to retrieve all tenant details. + +### Example 2: Get top one tenant details + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaTenantDetail -Top 1 +``` + +```Output +DisplayName Id CountryLetterCode VerifiedDomains +----------- -- ----------------- --------------- +Contoso aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NL {@{Capabilities=Email, OfficeCommunicationsOnline; IsDefault=False; IsInitial=True; Name=contoso.onmicrosoft.com; Type=Managed; Addition…}} +``` + +This example shows how to retrieve details of a top one tenant in Microsoft Entra ID. + +### Example 3: Get directory tenant size quota + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +(Get-EntraBetaTenantDetail).AdditionalProperties.directorySizeQuota +``` + +```Output +Key Value +--- ----- +used 339 +total 50000 +``` + +This example shows how to retrieve the directory tenant size quota. + +A directory quota represents the maximum number of objects allowed in a tenant, including user accounts, app registrations, and groups. Once this limit is reached, attempts to create new objects will result in an error. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaTenantDetail](Set-EntraBetaTenantDetail.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..9d7f314c56 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnit.md @@ -0,0 +1,163 @@ +--- +title: New-EntraBetaAdministrativeUnit +description: This article provides details on the New-EntraBetaAdministrativeUnit command. + + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# New-EntraBetaAdministrativeUnit + +## Synopsis + +Creates an administrative unit. + +## Syntax + +```powershell +New-EntraBetaAdministrativeUnit + -DisplayName + [-Description ] + [-IsMemberManagementRestricted ] + [] +``` + +## Description + +The `New-EntraBetaAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. + +## Examples + +### Example 1: Create an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraBetaAdministrativeUnit -DisplayName 'TestAU' +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb TestAU False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. + +### Example 2: Create an administrative unit using '-Description' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraBetaAdministrativeUnit -DisplayName 'Pacific Administrative Unit' -Description 'Administrative Unit for Pacific region' +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc New AdminiatrativeUnit test1 False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-Description` parameter specifies the description for the new administrative unit. + +### Example 3: Create an administrative unit using '-IsMemberManagementRestricted' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraBetaAdministrativeUnit -DisplayName 'NewUnit' -IsMemberManagementRestricted $True +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + cccccccc-2222-3333-4444-dddddddddddd NewUnit True +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +## Parameters + +### -Description + +Specifies a description for the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsMemberManagementRestricted + +Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. +If no value is specified, it defaults to false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) + +[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) + +[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..6a109663f7 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,368 @@ +--- +title: New-EntraBetaAdministrativeUnitMember +description: This article provides details on the New-EntraBetaAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# New-EntraBetaAdministrativeUnitMember + +## Synopsis + +Create a new object as a member of the administrative unit. +Currently only group objects are supported. + +## Syntax + +```powershell +New-EntraBetaAdministrativeUnitMember + -AdministrativeUnitId + [-GroupTypes ] + [-AssignedLabels ] + [-OdataType ] + [-Description ] + -SecurityEnabled + [-IsAssignableToRole ] + [-ProxyAddresses ] + -DisplayName + [-Visibility ] + -MailEnabled + -MailNickname + [-MembershipRule ] + [-MembershipRuleProcessingState ] + [] +``` + +## Description + +The `New-EntraBetaAdministrativeUnitMember` cmdlet creates a Microsoft Entra ID object as a member of an administrative unit. Specify `AdministrativeUnitId`, `DisplayName`, `MailNickname`, `SecurityEnabled` and `MailEnabled` parameters for create a new administrative unit member. + +Currently only Microsoft Entra ID groups are supported to create administrative unit members. + +For information about creating dynamic groups, see Using attributes to create advanced rules (). + +## Examples + +### Example 1: Create a dynamic group in an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$params = @{ + AdministrativeUnitId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + OdataType = 'Microsoft.Graph.Group' + DisplayName = 'NewAUMember' + Description = 'createdUnitMember' + MailEnabled = $True + MailNickname = 'new' + SecurityEnabled = $False + GroupTypes = @('Unified', 'DynamicMembership') + MembershipRule = "(user.department -contains 'Marketing')" + MembershipRuleProcessingState = 'On' + IsAssignableToRole = $false + Visibility = 'Public' + ProxyAddresses = @('SMTP:Ahiresh@M365x99297270.onmicrosoft.com') +} +New-EntraBetaAdministrativeUnitMember @params +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-2222-2222-3333-cccccccccccc +``` + +This command creates a new dynamic group in an administrative unit with the following rule: + +\`user.department -contains "Marketing"\` + +The double quotation marks are replaced with single quotation marks. + +The processing state is On. +It means that all users in the directory that qualify the rule are added as members to the group. +Any users that don't qualify are removed from the group. + +## Parameters + +### -AdministrativeUnitId + +Specifies the AdministrativeUnitId of a Microsoft Entra ID administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OdataType + +Specifies the odata type of the object to create in the administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailEnabled + +Specifies whether this group is mail enabled. + +Currently, you can't create mail enabled groups in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. +If MailEnabled is $False, you must still specify a mail nickname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Specifies whether the group is security enabled. +For security groups, this value must be $True. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a dynamic group. +To create a dynamic group, specify a value of DynamicMembership. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRule + +Specifies the membership rule for a dynamic group. + +For more information about the rules that you can use for dynamic groups, see Using attributes to create advanced rules (https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRuleProcessingState + +Specifies the rule processing state. +The acceptable values for this parameter are: + +* "On". Process the group rule. +* "Paused". Stop processing the group rule. + +Changing the value of the processing state doesn't change the members list of the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +This parameter determines the visibility of the group's content and members list. +This parameter can take one of the following values: + +* "Public" - Anyone can view the contents of the group +* "Private" - Only members can view the content of the group +* "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value will be "Public". + +Notes: + +* This parameter is only valid for groups that have the groupType set to "Unified". +* If a group has this attribute set to "HiddenMembership", it can't be changed later. +* Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owner(s) can add new members to the group and requests to join the group need approval of the owner(s). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AssignedLabels + +This parameter allows the assignment of sensitivity labels to groups. For more information on how sensitivity labels can be assigned to groups, refer to [Assign sensitivity labels](https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership) + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AssignedLabel] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +Flag indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProxyAddresses + +Sets the proxyAddresses attribute. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) + +[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) + +[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAttributeSet.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAttributeSet.md new file mode 100644 index 0000000000..a1f0ed88ed --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaAttributeSet.md @@ -0,0 +1,136 @@ +--- +title: New-EntraBetaAttributeSet +description: This article provides details on the New-EntraBetaAttributeSet command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaAttributeSet + +schema: 2.0.0 +--- + +# New-EntraBetaAttributeSet + +## Synopsis + +Adds a new attribute set. + +## Syntax + +```powershell +New-EntraBetaAttributeSet + [-Description ] + [-MaxAttributesPerSet ] + [-AttributeSetId ] + [] +``` + +## Description + +Adds a new Microsoft Entra ID attribute set object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a single attribute set + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'Testing' + Description = 'Attributes for engineering team' + MaxAttributesPerSet = 10 +} + +New-EntraBetaAttributeSet @params +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Testing Attributes for engineering team 10 +``` + +This example demonstrates hoe to add a single attribute set. + +- `-AttributeSetId` parameter specifies the name of the attribute set. +- `-Description` parameter specifies the description for the attribute set. +- `-MaxAttributesPerSet` parameter specifies the maximum number of custom security attributes. + +## Parameters + +### -Description + +Description of the attribute set, up to 128 characters long, including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AttributeSetId + +Name of the attribute set. Unique identifier for the attribute set within a tenant, up to 32 Unicode characters. It can't contain spaces or special characters, is case sensitive, and can't be changed later. Required. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MaxAttributesPerSet + +Maximum number of custom security attributes that can be defined in this attribute set. The default value is null. If not specified, the administrator can add up to 500 active attributes per tenant. This setting can be changed later. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaAttributeSet](Set-EntraBetaAttributeSet.md) + +[Get-EntraBetaAttributeSet](Get-EntraBetaAttributeSet.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..857b87d737 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.md @@ -0,0 +1,233 @@ +--- +title: New-EntraBetaCustomSecurityAttributeDefinition +description: This article provides details on the New-EntraBetaCustomSecurityAttributeDefinition command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaCustomSecurityAttributeDefinition + +schema: 2.0.0 +--- + +# New-EntraBetaCustomSecurityAttributeDefinition + +## Synopsis + +Create a new customSecurityAttributeDefinition object. + +## Syntax + +```powershell +New-EntraBetaCustomSecurityAttributeDefinition + -IsSearchable + -IsCollection + -AttributeSet + -Type + -Name + -Status + -UsePreDefinedValuesOnly + [-Description ] + [] +``` + +## Description + +The `New-EntraBetaCustomSecurityAttributeDefinition` cmdlet creates a new customSecurityAttributeDefinition object. Specify `IsSearchable`, `IsCollection`, `AttributeSet`, `Type`, `Name`, `Status` and `UsePreDefinedValuesOnly` parameters for create a new custom security attribute definition. + +You can define up to 500 active objects in a tenant. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a custom security attribute + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All', 'CustomSecAttributeDefinition.ReadWrite.All' +$AttributeSet = Get-EntraBetaAttributeSet -Id '' +$params = @{ + Name = 'ProjectTest' + Description = 'Target completion' + Type = 'String' + Status = 'Available' + AttributeSet = $AttributeSet.Id + IsCollection = $False + IsSearchable = $True + UsePreDefinedValuesOnly = $True +} +New-EntraBetaCustomSecurityAttributeDefinition @params +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Test_ProjectTest Test Target completion False True ProjectTest Available String False +``` + +This example demonstrates how to add a custom security attribute. + +- `-Name` parameter specifies the name of the custom security attribute. +- `-Description` parameter specifies the description of the custom security attribute. +- `-Type` parameter specifies the data type for the custom security attribute values. +- `-Status` parameter specifies the custom security attribute is active or deactivated. +- `-AttributeSet` parameter specifies the name of attribute set. +- `-IsCollection` parameter specifies the allows multiple values can be assigned to the custom security attribute. +- `-IsSearchable` parameter specifies the custom security attribute values are indexed for searching on objects. +- `-UsePreDefinedValuesOnly` parameter specifies the only predefined values can be assigned to the custom security attribute. + +## Parameters + +### -AttributeSet + +Name of the attribute set. Case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Description of the custom security attribute, up to 128 characters long and including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCollection + +Indicates whether multiple values can be assigned to the custom security attribute. Can't be changed later. If type is set to Boolean, isCollection can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsSearchable + +Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute values. Can't be changed later. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and include Unicode characters. Can't contain spaces or special characters. Can't be changed later. Case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Status + +Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Can't be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsePreDefinedValuesOnly + +Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but can't be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaCustomSecurityAttributeDefinition](Set-EntraBetaCustomSecurityAttributeDefinition.md) + +[Get-EntraBetaCustomSecurityAttributeDefinition](Get-EntraBetaCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDevice.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDevice.md new file mode 100644 index 0000000000..1da6543dcb --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDevice.md @@ -0,0 +1,339 @@ +--- +title: New-EntraBetaDevice +description: This article provides details on the New-EntraBetaDevice command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaDevice + +schema: 2.0.0 +--- + +# New-EntraBetaDevice + +## Synopsis + +Creates a device. + +## Syntax + +```powershell +New-EntraBetaDevice + -DisplayName + -DeviceOSType + -AccountEnabled + -DeviceId + -DeviceOSVersion + -AlternativeSecurityIds + [-DevicePhysicalIds ] + [-DeviceTrustType ] + [-DeviceMetadata ] + [-ApproximateLastLogonTimeStamp ] + [-IsManaged ] + [-DeviceObjectVersion ] + [-IsCompliant ] + [-ProfileType ] + [-SystemLabels ] + [] +``` + +## Description + +The `New-EntraBetaDevice` cmdlet creates a device in Microsoft Entra ID. + +The calling user must be in one of the following Microsoft Entra roles: Intune Administrator or Windows 365 Administrator. + +## Examples + +### Example 1: Create a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' + +$params = @{ + AccountEnabled = $true + DisplayName = 'My new device' + AlternativeSecurityIds = $altsecid + DeviceId = $guid + DeviceOSType = 'OS/2' + DeviceOSVersion = '9.3' +} + +New-EntraBetaDevice @params +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb dddddddd-3333-4444-5555-eeeeeeeeeeee My new device +``` + +This command creates a new device. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeSecurityIds + +Specifies alternative security IDs. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApproximateLastLogonTimeStamp + +Specifies last sign-in date time. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceMetadata + +The metadata for this device + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectVersion + +Specifies the object version of the device. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSType + +Specifies the operating system type of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSVersion + +Specifies the operating system version of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DevicePhysicalIds + +Specifies the physical ID. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceTrustType + +The trust type for this device + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompliant + +True if the device complies with Mobile Device Management (MDM) policies; otherwise, false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsManaged + +True if the device is managed by a Mobile Device Management (MDM) app such as Intune; otherwise, false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProfileType + +Specifies profile type of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SystemLabels + +Specifies labels for the device. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDevice](Get-EntraBetaDevice.md) + +[Remove-EntraBetaDevice](Remove-EntraBetaDevice.md) + +[Set-EntraBetaDevice](Set-EntraBetaDevice.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDirectorySetting.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDirectorySetting.md new file mode 100644 index 0000000000..f3e49cf714 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDirectorySetting.md @@ -0,0 +1,96 @@ +--- +title: New-EntraBetaDirectorySetting +description: This article provides details on the New-EntraBetaDirectorySetting command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaDirectorySetting + +schema: 2.0.0 +--- + +# New-EntraBetaDirectorySetting + +## Synopsis + +Creates a directory settings object. + +## Syntax + +```powershell +New-EntraBetaDirectorySetting + -DirectorySetting + [] +``` + +## Description + +The `New-EntraBetaDirectorySetting` cmdlet creates a directory settings object in Microsoft Entra ID. + +## Examples + +### Example 1: Creates new settings object + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All', 'Group.Read.All' , 'Group.ReadWrite.All' +$TemplateId = (Get-EntraBetaDirectorySettingTemplate | where { $_.DisplayName -eq "Group.Unified" }).Id +$Template = Get-EntraBetaDirectorySettingTemplate | where -Property Id -Value $TemplateId -EQ +$Setting = $Template.CreateDirectorySetting() +$Setting["UsageGuidelinesUrl"] = "https://guideline.example.com" +$Setting["EnableMIPLabels"] = "True" +New-EntraBetaDirectorySetting -DirectorySetting $Setting +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00aa00aa-bb11-cc22-dd33-44ee44ee44ee +``` + +This example Creates new settings object in Microsoft Entra ID. + +- `-DirectorySetting` Parameter Create a new setting using templates from `DirectorySettingTemplates` + +## Parameters + +### -DirectorySetting + +Specifies directory settings. + +```yaml +Type: DirectorySetting +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDirectorySetting](Get-EntraBetaDirectorySetting.md) + +[Remove-EntraBetaDirectorySetting](Remove-EntraBetaDirectorySetting.md) + +[Set-EntraBetaDirectorySetting](Set-EntraBetaDirectorySetting.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDomain.md b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDomain.md new file mode 100644 index 0000000000..39afed2b20 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/New-EntraBetaDomain.md @@ -0,0 +1,159 @@ +--- +title: New-EntraBetaDomain +description: This article provides details on the New-EntraBetaDomain command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaDomain + +schema: 2.0.0 +--- + +# New-EntraBetaDomain + +## Synopsis + +Creates a domain. + +## Syntax + +```powershell +New-EntraBetaDomain + -Name + [-IsDefault ] + [-SupportedServices ] + [] +``` + +## Description + +The `New-EntraBetaDomain` cmdlet creates a domain in Microsoft Entra ID. + +The work or school account needs to belong to at least the Domain Name Administrator role. + +## Examples + +### Example 1: Create a new Domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraBetaDomain -Name test22.com +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +``` + +This example demonstrates how to create a new domain in Microsoft Entra ID. + +### Example 2: Create a new Domain with a list of domain capabilities + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraBetaDomain -Name test22.com -SupportedServices @('Email', 'OfficeCommunicationsOnline') +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +``` + +This example demonstrates how to create a new domain with the specified services in Microsoft Entra ID. + +### Example 3: Create a new Domain and make if the default new user creation + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraBetaDomain -Name test22.com -IsDefault $true +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +``` + +This example demonstrates how to create a new domain in Microsoft Entra ID and marks it as the default to be used for new user creation. + +## Parameters + +### -IsDefault + +Indicates whether or not this is the default domain that is used for user creation. + +There is only one default domain per company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The fully qualified name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SupportedServices + +The capabilities assigned to the domain. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraBetaDomain](Confirm-EntraBetaDomain.md) + +[Get-EntraBetaDomain](Get-EntraBetaDomain.md) + +[Remove-EntraBetaDomain](Remove-EntraBetaDomain.md) + +[Set-EntraBetaDomain](Set-EntraBetaDomain.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..022f000a26 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaAdministrativeUnit +description: This article provides details on the Remove-EntraBetaAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# Remove-EntraBetaAdministrativeUnit + +## Synopsis + +Removes an administrative unit. + +## Syntax + +```powershell +Remove-EntraBetaAdministrativeUnit + -AdministrativeUnitId + [] +``` + +## Description + +The `Remove-EntraBetaAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. + +To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id +``` + +This command removes the specified administrative unit from Microsoft Entra ID. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) + +[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..6cf361edc4 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaAdministrativeUnitMember +description: This article provides details on the Remove-EntraBetaAdministrativeUnitMember command. + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Remove-EntraBetaAdministrativeUnitMember + +## Synopsis + +Removes an administrative unit member. + +## Syntax + +```powershell +Remove-EntraBetaAdministrativeUnitMember + -AdministrativeUnitId + -MemberId + [] +``` + +## Description + +The `Remove-EntraBetaAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. + +To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$adminUnitMember = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id | Select-Object Id, DisplayName,'@odata.type' | Where-Object {$_.DisplayName -eq 'Saywer Miller'} +Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -MemberId $adminUnitMember.Id +``` + +This command removes a specified member (user or group) from a specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-MemberId` parameter specifies the ID of the administrative unit member. + +## Parameters + +### -MemberId + +Specifies the ID of the administrative unit member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) + +[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) + +[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaContact.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaContact.md new file mode 100644 index 0000000000..cdff52d0e9 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaContact.md @@ -0,0 +1,80 @@ +--- +title: Remove-EntraBetaContact +description: This article provides details on the Remove-EntraBetaContact command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaContact + +schema: 2.0.0 +--- + +# Remove-EntraBetaContact + +## Synopsis + +Removes a contact. + +## Syntax + +```powershell +Remove-EntraBetaContact + -OrgContactId + [] +``` + +## Description + +The `Remove-EntraBetaContact` removes a contact from Microsoft Entra ID. + +## Examples + +### Example 1: Remove a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Filter "DisplayName eq 'Contoso Contact'" +Remove-EntraBetaContact -OrgContactId $Contact.ObjectId +``` + +The example shows how to remove a contact. + +## Parameters + +### -OrgContactId + +Specifies the object ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaContact](Get-EntraBetaContact.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeletedDirectoryObject.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeletedDirectoryObject.md new file mode 100644 index 0000000000..a1a279e71d --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeletedDirectoryObject.md @@ -0,0 +1,96 @@ +--- +title: Remove-EntraBetaDeletedDirectoryObject +description: This article provides details on the Remove-EntraBetaDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Applications-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeletedDirectoryObject + +## Synopsis + +Permanently delete a previously deleted directory object. + +## Syntax + +```powershell +Remove-EntraBetaDeletedDirectoryObject + -Id + [] +``` + +## Description + +The `Remove-EntraBetaDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. + +When a directory object is permanently deleted, it can no longer be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. +- To permanently delete users: `User Administrator`. +- To permanently delete groups: `Groups Administrator`. + +## Examples + +### Example 1: Delete a previously deleted directory object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' +$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraBetaDeletedDirectoryObject -DirectoryObjectId $deletedApplication.Id +``` + +This example demonstrates how to permanently delete a previously deleted directory object by ID. + +- `-Id` parameter specifies the ID of the directory object that is permanently deleted. + +## Parameters + +### -Id + +The ID of the directory object that is permanently deleted. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaDeletedDirectoryObject](Get-EntraBetaDeletedDirectoryObject.md) + +[Restore-EntraBetaDeletedDirectoryObject](Restore-EntraBetaDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDevice.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDevice.md new file mode 100644 index 0000000000..66b5f60f8c --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDevice.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaDevice +description: This article provides details on the Remove-EntraBetaDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDevice + +schema: 2.0.0 +--- + +# Remove-EntraBetaDevice + +## Synopsis + +Deletes a device. + +## Syntax + +```powershell +Remove-EntraBetaDevice + -DeviceId + [] +``` + +## Description + +The `Remove-EntraBetaDevice` cmdlet removes a device from Microsoft Entra ID. + +The calling user must be in one of the following Microsoft Entra roles: Intune Administrator, Windows 365 Administrator, or Cloud Device Administrator. + +## Examples + +### Example 1: Remove a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +$Device = Get-EntraBetaDevice -Filter "DisplayName eq 'Woodgrove Desktop'" +Remove-EntraBetaDevice -DeviceId $Device.ObjectId +``` + +This command removes the specified device. + +## Parameters + +### -DeviceId + +Specifies the object ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDevice](Get-EntraBetaDevice.md) + +[New-EntraBetaDevice](New-EntraBetaDevice.md) + +[Set-EntraBetaDevice](Set-EntraBetaDevice.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.md new file mode 100644 index 0000000000..30bc42653c --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaDeviceRegisteredOwner +description: This article provides details on the Remove-EntraBetaDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeviceRegisteredOwner + +## Synopsis + +Removes the registered owner of a device. + +## Syntax + +```powershell +Remove-EntraBetaDeviceRegisteredOwner + -OwnerId + -DeviceId + [] +``` + +## Description + +The `Remove-EntraBetaDeviceRegisteredOwner` cmdlet removes the registered owner of a device in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$Device = Get-EntraBetaDevice -Top 1 +$Owner = Get-EntraBetaDeviceRegisteredOwner -ObjectId $Device.ObjectId +Remove-EntraBetaDeviceRegisteredOwner -DeviceId $Device.ObjectId -OwnerId $Owner.ObjectId +``` + +This examples shows how to remove the owner of a device. + +## Parameters + +### -DeviceId + +Specifies an object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies an owner ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDeviceRegisteredOwner](Add-EntraBetaDeviceRegisteredOwner.md) + +[Get-EntraBetaDevice](Get-EntraBetaDevice.md) + +[Get-EntraBetaDeviceRegisteredOwner](Get-EntraBetaDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.md new file mode 100644 index 0000000000..5611670a16 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.md @@ -0,0 +1,100 @@ +--- +title: Remove-EntraBetaDeviceRegisteredUser +description: This article provides details on the Remove-EntraBetaDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeviceRegisteredUser + +## Synopsis + +Removes a registered user from a device. + +## Syntax + +```powershell +Remove-EntraBetaDeviceRegisteredUser + -DeviceId + -UserId + [] +``` + +## Description + +The `Remove-EntraBetaDeviceRegisteredUser` cmdlet removes a registered user from a Microsoft Entra ID device. + +## Examples + +### Example 1: Remove a registered user from a device + +```Powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$Device = Get-EntraBetaDevice -Top 1 +$User = Get-EntraBetaDeviceRegisteredUser -DeviceId $Device.ObjectId +Remove-EntraBetaDeviceRegisteredUser -DeviceId $Device.ObjectId -UserId $User.ObjectId +``` + +This example shows how to remove the registered user from device. + +## Parameters + +### -DeviceId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDeviceRegisteredUser](Add-EntraBetaDeviceRegisteredUser.md) + +[Get-EntraBetaDeviceRegisteredUser](Get-EntraBetaDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.md new file mode 100644 index 0000000000..3062c802ee --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectoryRoleMember.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraBetaDirectoryRoleMember +description: This article provides details on the Remove-EntraBetaDirectoryRoleMember command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDirectoryRoleMember + +schema: 2.0.0 +--- + +# Remove-EntraBetaDirectoryRoleMember + +## Synopsis + +Removes a member of a directory role. + +## Syntax + +```powershell +Remove-EntraBetaDirectoryRoleMember + -DirectoryRoleId + -MemberId + [] +``` + +## Description + +The `Remove-EntraBetaDirectoryRoleMember` cmdlet removes a member from a directory role in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a member from a directory role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$params = @{ + DirectoryRoleId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + MemberId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Remove-EntraBetaDirectoryRoleMember @params +``` + +This example removes the specified member from the specified role. + +- `-DirectoryRoleId` parameter specifies the object ID of the directory role. +- `-MemberId` parameter specifies the object ID of the role member to removed. + +## Parameters + +### -MemberId + +Specifies the object ID of a role member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DirectoryRoleId + +Specifies the object ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaDirectoryRoleMember](Add-EntraBetaDirectoryRoleMember.md) + +[Get-EntraBetaDirectoryRoleMember](Get-EntraBetaDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.md new file mode 100644 index 0000000000..d8d645e803 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDirectorySetting.md @@ -0,0 +1,95 @@ +--- +title: Remove-EntraBetaDirectorySetting +description: This article provides details on the Remove-EntraBetaDirectorySetting command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDirectorySetting + +schema: 2.0.0 +--- + +# Remove-EntraBetaDirectorySetting + +## Synopsis + +Deletes a directory setting in Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraBetaDirectorySetting + -Id + [] +``` + +## Description + +The `Remove-EntraBetaDirectorySetting` cmdlet removes a directory setting from Microsoft Entra ID. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported: + +- Microsoft Entra Joined Device Local Administrator: Read basic properties on setting templates and settings. +- Directory Readers: Read basic properties on setting templates and settings. +- Global Reader: Read basic properties on setting templates and settings. +- Groups Administrator: Manage all group settings. +- Directory Writers: Manage all group settings. +- Authentication Policy Administrator: Update Password Rule Settings. +- User Administrator: Read basic properties on setting templates and settings. + +## Examples + +### Example 1: Removes a directory setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +Remove-EntraBetaDirectorySetting -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This command removes a directory setting from Microsoft Entra ID. + +- `-Id` Specifies the object ID of a settings object. + +## Parameters + +### -Id + +Specifies the object ID of a settings object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDirectorySetting](Get-EntraBetaDirectorySetting.md) + +[New-EntraBetaDirectorySetting](New-EntraBetaDirectorySetting.md) + +[Set-EntraBetaDirectorySetting](Set-EntraBetaDirectorySetting.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDomain.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDomain.md new file mode 100644 index 0000000000..7b3d6e4a5a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaDomain.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraBetaDomain +description: This article provides details on the Remove-EntraBetaDomain command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDomain + +schema: 2.0.0 +--- + +# Remove-EntraBetaDomain + +## Synopsis + +Removes a domain. + +## Syntax + +```powershell +Remove-EntraBetaDomain + -Name + [] +``` + +## Description + +The `Remove-EntraBetaDomain` cmdlet removes a domain from Microsoft Entra ID. + +Important: + +- Deleted domains are not recoverable. +- Attempts to delete will fail if there are any resources or objects still dependent on the domain. + +The work or school account needs to belong to at least the `Domain Name Administrator` Microsoft Entra role. + +## Examples + +### Example 1: Remove a domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Remove-EntraBetaDomain -Name Contoso.com +``` + +This command removes a domain from Microsoft Entra ID. + +## Parameters + +### -Name + +Specifies the name of the domain to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraBetaDomain](Confirm-EntraBetaDomain.md) + +[Get-EntraBetaDomain](Get-EntraBetaDomain.md) + +[New-EntraBetaDomain](New-EntraBetaDomain.md) + +[Set-EntraBetaDomain](Set-EntraBetaDomain.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..a4eca94113 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraBetaScopedRoleMembership +description: This article provides details on the Remove-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 07/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Remove-EntraBetaScopedRoleMembership + +## Synopsis + +Removes a scoped role membership. + +## Syntax + +```powershell +Remove-EntraBetaScopedRoleMembership + -AdministrativeUnitId + -ScopedRoleMembershipId + [] +``` + +## Description + +The `Remove-EntraBetaScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. + +## Examples + +### Example 1: Remove a scoped role membership + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMembership = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} +Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id +``` + +This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraBetaScopedRoleMembership` command. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of the scoped role membership to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) + +[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Restore-EntraBetaDeletedDirectoryObject.md b/module/docs/entra-powershell-beta/DirectoryManagement/Restore-EntraBetaDeletedDirectoryObject.md new file mode 100644 index 0000000000..7563d8c068 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Restore-EntraBetaDeletedDirectoryObject.md @@ -0,0 +1,155 @@ +--- +title: Restore-EntraBetaDeletedDirectoryObject +description: This article provides details on the Restore-EntraBetaDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Restore-EntraBetaDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Restore-EntraBetaDeletedDirectoryObject + +## Synopsis + +Restore a previously deleted object. + +## Syntax + +```powershell +Restore-EntraBetaDeletedDirectoryObject + -Id + [-AutoReconcileProxyConflict] + [] +``` + +## Description + +The `Restore-EntraBetaDeletedDirectoryObject` cmdlet is used to restore previously deleted objects, such as application, group, service principal, administrative unit, or user objects. + +When a group or application is deleted, it is initially soft deleted and can be recovered within the first 30 days. After 30 days, the deleted object is permanently deleted and cannot be recovered. + +**Notes:** + +- Only Unified Groups (also known as Office 365 Groups) can be restored; Security groups cannot be restored. +- Restoring an application does not automatically restore its associated service principal. You must explicitly use this cmdlet to restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles: + +- **To restore deleted applications or service principals:** Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. +- **To restore deleted users:** User Administrator. + - However, to restore users with privileged administrator roles: + - In delegated scenarios, the app must be assigned the `Directory.AccessAsUser.All` delegated permission, and the calling user must also be assigned a higher privileged administrator role. + - In app-only scenarios, in addition to being granted the `User.ReadWrite.All` application permission, the app must be assigned a higher privileged administrator role. +- **To restore deleted groups:** Groups Administrator. + - However, to restore role-assignable groups, the calling user must be assigned the Privileged Role Administrator role. + +## Examples + +### Example 1: Restore a deleted object with ID + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' #administrativeUnit resource +Connect-Entra -Scopes 'Application.ReadWrite.All' #application resource +Connect-Entra -Scopes 'Group.ReadWrite.All' #group resource +Connect-Entra -Scopes 'Application.ReadWrite.All' #servicePrincipal resource +Connect-Entra -Scopes 'User.ReadWrite.All' #user resource +Restore-EntraBetaDeletedDirectoryObject -Id 'dddddddd-3333-4444-5555-eeeeeeeeeeee' +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example shows how to restore a deleted object in Microsoft Entra ID. + +- `-Id` parameter specifies the Id of the directory object to restore. + +### Example 2: Restoring a Soft-Deleted User and Removing Conflicting Proxy Addresses + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +Restore-EntraBetaDeletedDirectoryObject -Id 'dddddddd-3333-4444-5555-eeeeeeeeeeee' -AutoReconcileProxyConflict +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example shows how to restore a deleted object in Microsoft Entra ID. + +- `-Id` parameter specifies the Id of the directory object to restore. +- `-AutoReconcileProxyConflict` parameter removes any conflicting proxy addresses while restoring a soft-deleted user whose one or more proxy addresses are currently used for an active user. + +## Parameters + +### -Id + +The Id of the directory object to restore. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AutoReconcileProxyConflict + +Specifies whether Microsoft Entra ID should remove conflicting proxy addresses when restoring a soft-deleted user, if any of the user's proxy addresses are currently in use by an active user. This parameter applies only when restoring a soft-deleted user. The default value is `false`. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraBetaDeletedApplication](../Applications/Remove-EntraBetaDeletedApplication.md) + +[Restore-EntraBetaDeletedApplication](../Applications/Restore-EntraBetaDeletedApplication.md) + +[Remove-EntraBetaDeletedDirectoryObject](Remove-EntraBetaDeletedDirectoryObject.md) + +[Get-EntraBetaDeletedApplication](../Applications/Get-EntraBetaDeletedApplication.md) + +[Get-EntraBetaDeletedDirectoryObject](Get-EntraBetaDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..2ca9f9117a --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.md @@ -0,0 +1,154 @@ +--- +title: Set-EntraBetaAdministrativeUnit +description: This article provides details on the Set-EntraBetaAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# Set-EntraBetaAdministrativeUnit + +## Synopsis + +Updates an administrative unit. + +## Syntax + +```powershell +Set-EntraBetaAdministrativeUnit + -AdministrativeUnitId + [-IsMemberManagementRestricted ] + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +The `Set-EntraBetaAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. + +The Privileged Role Administrator is the least privileged role required for this operation. + +## Examples + +### Example 1: Update DisplayName and description + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +Set-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -DisplayName 'Pacific Admin Unit' -Description 'Pacific Admin Unit Description' +``` + +This Command update DisplayName of specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-DisplayName` parameter specifies the display name for the administrative unit. +- `-Description` parameter specifies the description for the administrative unit. + +### Example 2: Update IsMemberManagementRestricted + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Set-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -IsMemberManagementRestricted $True +``` + +This example shows how to update the `IsMemberManagementRestricted` setting for a specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +## Parameters + +### -Description + +Specifies a description. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsMemberManagementRestricted + +Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the Id of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) + +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) + +[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAttributeSet.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAttributeSet.md new file mode 100644 index 0000000000..8757aa44ee --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaAttributeSet.md @@ -0,0 +1,147 @@ +--- +title: Set-EntraBetaAttributeSet +description: This article provides details on the Set-EntraBetaAttributeSet command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaAttributeSet + +schema: 2.0.0 +--- + +# Set-EntraBetaAttributeSet + +## Synopsis + +Updates an existing attribute set. + +## Syntax + +```powershell +Set-EntraBetaAttributeSet + -AttributeSetId + [-Description ] + [-MaxAttributesPerSet ] + [] +``` + +## Description + +The `Set-EntraBetaAttributeSet` cmdlet updates a Microsoft Entra ID attribute set object specified by its ID. Specify `AttributeSetId` parameter to Update a Microsoft Entra ID attribute set object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. + +Note: Only the Attribute Definition Administrator role is supported for this operation. Ensure the signed-in user is assigned this role. + +You can only update the `description` and `maxAttributesPerSet` properties. + +## Examples + +### Example 1: Update an attribute set + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'Engineering' + Description = 'Attributes for engineering team' +} +Set-EntraBetaAttributeSet @params +``` + +This example update an attribute set. + +- `AttributeSetId` parameter specifies the name of the attribute set. You can `Get-EntraBetaAttributeSet` to get more details. +- `Description` parameter specifies the description for the attribute set. + +### Example 2: Update an attribute set using MaxAttributesPerSet + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'Engineering' + MaxAttributesPerSet = 10 +} +Set-EntraBetaAttributeSet @params +``` + +This example update an attribute set using MaxAttributesPerSet. + +- `-AttributeSetId` parameter specifies the name of the attribute set. You can `Get-EntraBetaAttributeSet` to get more details. +- `-MaxAttributesPerSet` parameter specifies the maximum number of custom security attributes. + +## Parameters + +### -Description + +Description of the attribute set, up to 128 characters long, including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AttributeSetId + +Name of the attribute set. Unique identifier for the attribute set within a tenant. This identifier can be up to 32 characters long and may include Unicode characters. It cannot contain spaces or special characters, and it cannot be changed later. The identifier is case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MaxAttributesPerSet + +Maximum number of custom security attributes that can be defined in this attribute set. The default value is null. If not specified, the administrator can add up to 500 active attributes per tenant. This setting can be changed later. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaAttributeSet](New-EntraBetaAttributeSet.md) + +[Get-EntraBetaAttributeSet](Get-EntraBetaAttributeSet.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..9def46ce3f --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.md @@ -0,0 +1,147 @@ +--- +title: Set-EntraBetaCustomSecurityAttributeDefinition +description: This article provides details on the Set-EntraBetaCustomSecurityAttributeDefinition command. + +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinition + +schema: 2.0.0 +--- + +# Set-EntraBetaCustomSecurityAttributeDefinition + +## Synopsis + +Update the properties of a customSecurityAttributeDefinition object. + +## Syntax + +```powershell +Set-EntraBetaCustomSecurityAttributeDefinition + -Id + [-Description ] + [-Status ] + [-UsePreDefinedValuesOnly ] + [] +``` + +## Description + +Update the properties of a customSecurityAttributeDefinition object. Specify `Id` parameter to update a custom security attribute definition. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Update a custom security attribute + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All', 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + Id = 'Test_ProjectTest' + Description = 'Target completion' + Status = 'Available' +} +Set-EntraBetaCustomSecurityAttributeDefinition @params +``` + +This example update a custom security attribute. + +- `-Id` parameter specifies the custom security attribute definition object ID. +- `-Description` parameter specifies the description of the custom security attribute. +- `-Status` parameter specifies the custom security attribute is active or deactivated. +- `-UsePreDefinedValuesOnly` parameter specifies the only predefined values can be assigned to the custom security attribute. + +## Parameters + +### -Description + +Description of the custom security attribute, up to 128 characters long and including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID custom security attribute definition object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Status + +Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsePreDefinedValuesOnly + +Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but can't be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaCustomSecurityAttributeDefinition](New-EntraBetaCustomSecurityAttributeDefinition.md) + +[Get-EntraBetaCustomSecurityAttributeDefinition](Get-EntraBetaCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..24990be95e --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,127 @@ +--- +title: Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue command. + +ms.topic: reference +ms.date: 07/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +schema: 2.0.0 +--- + +# Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Updates an existing custom security attribute definition predefined value. + +## Syntax + +```powershell +Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + -Id + [-IsActive ] + [] +``` + +## Description + +The `Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue` cmdlet update a Microsoft Entra ID custom security attribute definition predefined value object identified by ID. Specify `CustomSecurityAttributeDefinitionId` and `Id` parameter to update a Microsoft Entra ID custom security attribute definition predefined value. + +## Examples + +### Example 1: Update a custom security attribute definition predefined value + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + CustomSecurityAttributeDefinitionId = 'Engineering_Project' + Id = 'Alpine' + IsActive = $true +} +Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue @params +``` + +This example update a custom security attribute definition predefined value. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. +- `-Id` parameter specifies the ID of Microsoft Entra ID Object. +- `-IsActive` parameter specifies the predefined value is active or deactivated. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier of customSecurityAttributeDefinition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value cannot be assigned to any additional supported directory objects. This field is optional. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsActive + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any other supported directory objects. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) + +[Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue](Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDevice.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDevice.md new file mode 100644 index 0000000000..06ad01c104 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDevice.md @@ -0,0 +1,387 @@ +--- +title: Set-EntraBetaDevice +description: This article provides details on the Set-EntraBetaDevice command. + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDevice + +schema: 2.0.0 +--- + +# Set-EntraBetaDevice + +## Synopsis + +Updates a device. + +## Syntax + +```powershell +Set-EntraBetaDevice + -DeviceObjectId + [-DevicePhysicalIds ] + [-DeviceOSType ] + [-DeviceTrustType ] + [-DisplayName ] + [-DeviceMetadata ] + [-ApproximateLastLogonTimeStamp ] + [-AccountEnabled ] + [-IsManaged ] + [-DeviceId ] + [-DeviceObjectVersion ] + [-IsCompliant ] + [-DeviceOSVersion ] + [-AlternativeSecurityIds ] + [-ProfileType ] + [-SystemLabels ] + [] +``` + +## Description + +The `Set-EntraBetaDevice` cmdlet updates a device in Microsoft Entra ID. + +The calling user must have at least the Intune Administrator role in Microsoft Entra. A user with the Cloud Device Administrator role can only enable or disable devices, while a user with the Windows 365 Administrator role can only update basic device properties. + +## Examples + +### Example 1: Update a device display name + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraBetaDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DisplayName 'My OS/2 computer' +``` + +This example shows how to update a display name of a specified. + +### Example 2: Update a device alternative security ID + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +$NewId= New-Object Microsoft.Open.AzureAD.Model.AlternativeSecurityId +$NewId.Key =[System.Text.Encoding]::UTF8.GetBytes('test') +$NewId.type = 2 +Set-EntraBetaDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -AlternativeSecurityIds $NewId +``` + +This example shows how to update an alternative security ID of a specified device. + +### Example 3: Update a device account enabled + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraBetaDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -AccountEnabled $true +``` + +This example shows how to update an account enabled of a specified device. + +### Example 4: Update a device OS type + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraBetaDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DeviceOSType Windows +``` + +This example shows how to update an OS type of a specified device. + +### Example 5: Update a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' + +$params = @{ + DeviceObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DeviceMetadata = 'Testdevice' + DeviceObjectVersion = 4 + DevicePhysicalIds = '[GID]:g:1234567890123456' + IsCompliant = $false +} + +Set-EntraBetaDevice @params +``` + +This example shows how to update multiple properties of a specified device. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeSecurityIds + +Specifies alternative security IDs. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApproximateLastLogonTimeStamp + +The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null values) and $orderby. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the device ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceMetadata + +The device metadata for this device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectVersion + +Specifies the object version of the device. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSType + +Specifies the operating system. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSVersion + +Specifies the operating system version. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DevicePhysicalIds + +Specifies the physical ID. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceTrustType + +Specifies the device trust type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompliant + +Indicates whether the device is compliant. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsManaged + +Indicates whether the device is managed. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectId + +Specifies the object ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProfileType + +Specifies the profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SystemLabels + +Specifies list of labels applied to the device by the system. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDevice](Get-EntraBetaDevice.md) + +[New-EntraBetaDevice](New-EntraBetaDevice.md) + +[Remove-EntraBetaDevice](Remove-EntraBetaDevice.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.md new file mode 100644 index 0000000000..463282e467 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.md @@ -0,0 +1,154 @@ +--- +title: Set-EntraBetaDirSyncConfiguration +description: This article provides details on the Set-EntraBetaDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDirSyncConfiguration + +schema: 2.0.0 +--- + +# Set-EntraBetaDirSyncConfiguration + +## Synopsis + +Modifies the directory synchronization settings. + +## Syntax + +### SetAccidentalDeletionThreshold (Default) + +```powershell +Set-EntraBetaDirSyncConfiguration + -AccidentalDeletionThreshold + [-Force] + [] +``` + +### All + +```powershell +Set-EntraBetaDirSyncConfiguration + [-TenantId ] + [-Force] + [] +``` + +## Description + +The `Set-EntraBetaDirSyncConfiguration` cmdlet modifies the directory synchronization settings. + +## Examples + +### Example 1: Set directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold 600 -Force +``` + +This command sets directory synchronization settings. + +- `-AccidentalDeletionThreshold` Specifies the accidental deletion prevention configuration for a tenant. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Set directory synchronization settings for a Tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$tenantID = (Get-EntraContext).TenantId +$params = @{ + AccidentalDeletionThreshold = 600 + TenantId = $tenantID + Force = $true +} + +Set-EntraBetaDirSyncConfiguration @params +``` + +This command sets directory synchronization settings. + +- `-AccidentalDeletionThreshold` Specifies the accidental deletion prevention configuration for a tenant. +- `-Force` Forces the command to run without asking for user confirmation. +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -AccidentalDeletionThreshold + +Specifies the accidental deletion prevention configuration for a tenant. + +```yaml +Type: System.UInt32 +Parameter Sets: SetAccidentalDeletionThreshold +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: SetAccidentalDeletionThreshold +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.UInt32 + +### System.Guid + +## Outputs + +### System.Object + +## Notes + +- For additional details see [Update onPremisesDirectorySynchronization](https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-update). + +## Related Links + +[Get-EntraBetaDirSyncConfiguration](Get-EntraBetaDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.md new file mode 100644 index 0000000000..ac2f2d82d2 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.md @@ -0,0 +1,144 @@ +--- +title: Set-EntraBetaDirSyncEnabled +description: This article provides details on the Set-EntraBetaDirSyncEnabled command. + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDirSyncEnabled + +schema: 2.0.0 +--- + +# Set-EntraBetaDirSyncEnabled + +## Synopsis + +Turns directory synchronization on or off for a company. + +## Syntax + +```powershell +Set-EntraBetaDirSyncEnabled + -EnableDirSync + [-Force] + [-TenantId ] + [] +``` + +## Description + +The `Set-EntraBetaDirSyncEnabled` cmdlet turns directory synchronization on or off for a company. + +>[!IMPORTANT] +>It may take up to 72 hours to complete deactivation once you have disabled DirSync through this cmdlet. The time depends on the number of objects that are in your cloud service subscription account. **You cannot cancel the disable action**. It will need to complete before you can take any other action, including re-enabling of DirSync. If you choose to re-enable DirSync, a full synchronization of your synced objects will happen. This may take a considerable time depending on the number of objects in your Microsoft Entra ID. + +>[!NOTE] +>If you disable DirSync and you decide to re-enable it, and you have enabled the BlockCloudObjectTakeoverThroughHardMatch feature, OnPrem to cloud object takeover/update for all objects mastered in the Microsoft Entra ID will be blocked. If this is the case and you want to resume syncing Microsoft Entra ID mastered objects with Microsoft Entra ID, set **BlockCloudObjectTakeoverThroughHardMatch** feature to false. + +## Examples + +### Example 1: Turn on directory synchronization + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All' +$params = @{ + EnableDirsync = $True + Force = $True +} +Set-EntraBetaDirSyncEnabled @params +``` + +This example turns on directory synchronization for a company. + +- `-EnableDirsync` Specifies whether to turn on directory synchronization on for your company. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Turn off directory synchronization + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All' +$params = @{ + EnableDirsync = $False + TenantId = 'aaaaaaaa-1111-1111-1111-000000000000' + Force = $True + +} +Set-EntraBetaDirSyncEnabled @params +``` + +This example turns off directory synchronization for a company. + +- `-EnableDirsync` Specifies whether to turn on directory synchronization on for your company. +- `-Force` Forces the command to run without asking for user confirmation. +- `-TenantId` Specifies the unique ID of the tenant on which to perform the operation. + +## Parameters + +### -EnableDirsync + +Specifies whether to turn on directory synchronization on for your company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the unique ID of the tenant on which to perform the operation. +The default value is the tenant of the current user. +This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.md new file mode 100644 index 0000000000..8eb1cd1031 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirSyncFeature.md @@ -0,0 +1,190 @@ +--- +title: Set-EntraBetaDirSyncFeature +description: This article provides details on the Set-EntraBetaDirSyncFeature command. + + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDirSyncFeature + +schema: 2.0.0 +--- + +# Set-EntraBetaDirSyncFeature + +## Synopsis + +Used to set identity synchronization features for a tenant. + +## Syntax + +```powershell +Set-EntraBetaDirSyncFeature + -Feature + -Enabled + [-TenantId ] + [-Force] + [] +``` + +## Description + +The `Set-EntraBetaDirSyncFeature` cmdlet sets identity synchronization features for a tenant. + +You can use the following synchronization features with this cmdlet: + +- **EnableSoftMatchOnUpn**: Soft match is the process used to link an object being synced from on-premises for the first time with one that already exists in the cloud. When this feature is enabled, soft match is attempted using the standard logic, based on the primary SMTP address. If a match isn't found based on primary SMTP, then a match is attempted based on UserPrincipalName. Once this feature is enabled, it can't be disabled. +- **PasswordSync**: Used to indicate on-premise password synchronization. +- **SynchronizeUpnForManagedUsers**: Allows for the synchronization of UserPrincipalName updates from on-premises for managed (nonfederated) users that are assigned a license. These updates are blocked if this feature isn't enabled. Once this feature is enabled, it can't be disabled. +- **BlockSoftMatch**: When this feature is enabled, it blocks the soft match feature. Customers are encouraged to enable this feature and keep it enabled until soft matching is required again for their tenancy. This flag should be enabled again after any soft matching is completed and is no longer needed. +- **BlockCloudObjectTakeoverThroughHardMatch**: Used to block cloud object takeover via source anchor hard match. + +Enabling some of these features, such as EnableSoftMatchOnUpn and SynchronizationUpnForManagedUsers, is a permanent operation. +You can't disable these features once they're enabled. + +## Examples + +### Example 1: Enable a feature for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$params = @{ + Feature = 'BlockCloudObjectTakeoverThroughHardMatch' + Enable = $True + Force = $true +} +Set-EntraBetaDirSyncFeature @params +``` + +This command enables the SoftMatchOnUpn feature for the tenant. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Block Soft Matching for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$params = @{ + Feature = 'BlockSoftMatch' + Enable = $True +} + +Set-EntraBetaDirSyncFeature @params +``` + +This command enables the BlockSoftMatch feature for the tenant - effectively blocking the Soft Matching feature in the tenant. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. + +### Example 3: Block Cloud object takeover through Hard Matching for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$tenantID = (Get-EntraContext).TenantId +$params = @{ + Feature = 'BlockCloudObjectTakeoverThroughHardMatch' + Enable = $True + TenantId = $tenantID +} + +Set-EntraBetaDirSyncFeature @params +``` + +This command enables the BlockCloudObjectTakeoverThroughHardMatch feature for the tenant - effectively blocking the Hard Match object takeover. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -Feature + +The DirSync feature to turn on or off. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Enable + +Indicates whether the specified features are turned on for the company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: False +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For additional details see [Update onPremisesDirectorySynchronization](https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-update). +- For the feature list see the [onPremisesDirectorySynchronizationFeature resource type](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature). + +## Related Links + +[Get-EntraBetaDirSyncFeature](Get-EntraBetaDirSyncFeature.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirectorySetting.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirectorySetting.md new file mode 100644 index 0000000000..418c9451cf --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDirectorySetting.md @@ -0,0 +1,111 @@ +--- +title: Set-EntraBetaDirectorySetting +description: This article provides details on the Set-EntraBetaDirectorySetting command. + + +ms.topic: reference +ms.date: 08/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDirectorySetting + +schema: 2.0.0 +--- + +# Set-EntraBetaDirectorySetting + +## Synopsis + +Updates a directory setting in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraBetaDirectorySetting + -DirectorySetting + -Id + [] +``` + +## Description + +The `Set-EntraBetaDirectorySetting` cmdlet updates a directory setting in Microsoft Entra ID. + +## Examples + +### Example 1: updates a directory setting + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All', 'Policy.ReadWrite.Authorization' +$TemplateId = (Get-EntraBetaDirectorySettingTemplate | where { $_.DisplayName -eq 'Group.Unified' }).Id +$Template = Get-EntraBetaDirectorySettingTemplate | where -Property Id -Value $TemplateId -EQ +$Setting = $Template.CreateDirectorySetting() +$Setting["EnableMIPLabels"] = 'False' +$params = @{ + Id = 'aaaaaaaa-1111-1111-1111-000000000000' + DirectorySetting = $Setting +} +Set-EntraBetaDirectorySetting @params +``` + +This example updates directory settings object in Microsoft Entra ID. + +- `-DirectorySetting` Parameter updates the property of directory settings. +- `-Id` Parameter specifies the ID of a setting object + +## Parameters + +### -DirectorySetting + +Specifies the directory settings. + +```yaml +Type: DirectorySetting +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a settings object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDirectorySetting](Get-EntraBetaDirectorySetting.md) + +[New-EntraBetaDirectorySetting](New-EntraBetaDirectorySetting.md) + +[Remove-EntraBetaDirectorySetting](Remove-EntraBetaDirectorySetting.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomain.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomain.md new file mode 100644 index 0000000000..31cc84fbf6 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomain.md @@ -0,0 +1,135 @@ +--- +title: Set-EntraBetaDomain +description: This article provides details on the Set-EntraBetaDomain command. + + +ms.topic: reference +ms.date: 08/09/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDomain + +schema: 2.0.0 +--- + +# Set-EntraBetaDomain + +## Synopsis + +Updates a domain. + +## Syntax + +```powershell +Set-EntraBetaDomain + -Name + [-IsDefault ] + [-SupportedServices ] + [] +``` + +## Description + +The `Set-EntraBetaDomain` cmdlet updates a verified domain in Microsoft Entra ID. + +The work or school account needs to belong to at least one of the following Microsoft Entra roles: + +- Domain Name Administrator +- Security Administrator +- External Identity Provider Administrator + +## Examples + +### Example 1: Set the domain as the default domain for new user account creation + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Set-EntraBetaDomain -Name Contoso.com -IsDefault $true +``` + +This example demonstrates how to set default domain for new user account in Microsoft Entra ID. + +### Example 2: Set the list of domain capabilities + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Set-EntraBetaDomain -Name Contoso.com -SupportedServices @('Email', 'OfficeCommunicationsOnline') +``` + +This example demonstrates how to set domain capabilities for new user account in Microsoft Entra ID. + +## Parameters + +### -IsDefault + +Indicates whether or not this is the default domain that is used for user creation. +There's only one default domain per company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The fully qualified name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SupportedServices + +The capabilities assigned to the domain. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraBetaDomain](Confirm-EntraBetaDomain.md) + +[Get-EntraBetaDomain](Get-EntraBetaDomain.md) + +[New-EntraBetaDomain](New-EntraBetaDomain.md) + +[Remove-EntraBetaDomain](Remove-EntraBetaDomain.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.md new file mode 100644 index 0000000000..7fb89a6443 --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.md @@ -0,0 +1,315 @@ +--- +title: Set-EntraBetaDomainFederationSettings +description: This article provides details on the Set-EntraBetaDomainFederationSettings command. + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDomainFederationSettings + +schema: 2.0.0 +--- + +# Set-EntraBetaDomainFederationSettings + +## Synopsis + +Updates settings for a federated domain. + +## Syntax + +```powershell +Set-EntraBetaDomainFederationSettings + -DomainName + [-SigningCertificate ] + [-NextSigningCertificate ] + [-LogOffUri ] + [-PassiveLogOnUri ] + [-ActiveLogOnUri ] + [-IssuerUri ] + [-FederationBrandName ] + [-MetadataExchangeUri ] + [-PreferredAuthenticationProtocol ] + [-SigningCertificateUpdateStatus ] + [-PromptLoginBehavior ] + [] +``` + +## Description + +The `Set-EntraBetaDomainFederationSettings` cmdlet is used to update the settings of a single sign-on domain. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Set the PromptLoginBehavior + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' + +$params = @{ + DomainName = 'contoso.com' + PreferredAuthenticationProtocol = 'WsFed' + PromptLoginBehavior = 'TranslateToFreshPasswordAuth' # Or 'NativeSupport' or 'Disabled', depending on the requirement +} +Set-EntraBetaDomainFederationSettings @params +``` + +This command updates the `PromptLoginBehavior` to either `TranslateToFreshPasswordAuth`, `NativeSupport`, or `Disabled`. These possible values are described: + +- `TranslateToFreshPasswordAuth` - means the default Microsoft Entra ID behavior of translating `prompt=login` to `wauth=https://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password` and `wfresh=0`. +- `NativeSupport` - means that the `prompt=login` parameter is sent as is to ADFS. +- `Disabled` - means that only wfresh=0 is sent to ADFS + +Use the `Get-EntraBetaDomainFederationSettings -DomainName | Format-List *` to get the values for `PreferredAuthenticationProtocol` and `PromptLoginBehavior` for the federated domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. +- `-PreferredAuthenticationProtocol` parameter specifies the preferred authentication protocol. +- `-PromptLoginBehavior` parameter specifies the prompt sign-in behavior. + +### Example 2: Set the domain federation uri's + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' + +$params = @{ + DomainName = 'contoso.com' + LogOffUri = 'https://adfs1.entra.lab/adfs/' + PassiveLogOnUri = 'https://adfs1.entra.lab/adfs/' + ActiveLogOnUri = 'https://adfs1.entra.lab/adfs/services/trust/2005/' + IssuerUri = 'http://adfs1.entra.lab/adfs/services/' + MetadataExchangeUri = 'https://adfs1.entra.lab/adfs/services/trust/' +} +Set-EntraBetaDomainFederationSettings @params +``` + +This command updates the domain federation domain settings. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. +- `-LogOffUri` parameter specifies the URL clients are redirected to when they sign out of Microsoft Entra ID services. +- `-PassiveLogOnUri` parameter specifies URL that web-based clients will be directed to when signing in to Microsoft Entra ID services. +- `-ActiveLogOnUri` parameter specifies the end point used by active clients when authenticating with domains set up for single sign-on. +- `-IssuerUri` parameter specifies the unique identifier of the domain in the Microsoft Entra ID Identity platform derived from the federation server. +- `-MetadataExchangeUri` parameter specifies the metadata exchange end point used for authentication from client applications. + +## Parameters + +### -DomainName + +The fully qualified domain name (FQDN) to update. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -SigningCertificate + +The current certificate used to sign tokens passed to the Microsoft Entra ID Identity platform. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NextSigningCertificate + +The next token signing certificate that will be used to sign tokens when the primary signing certificate expires. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -LogOffUri + +The URL clients are redirected to when they sign out of Microsoft Entra ID services. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PassiveLogOnUri + +The URL that web-based clients will be directed to when signing in to Microsoft Entra ID services. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ActiveLogOnUri + +A URL that specifies the end point used by active clients when authenticating with domains set up for single sign-on (also known as identity federation) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 6 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IssuerUri + +The unique identifier of the domain in the Microsoft Entra ID Identity platform derived from the federation server. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 7 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FederationBrandName + +The name of the string value shown to users when signing in to Microsoft Entra ID. +We recommend that customers use something that is familiar to +users such as "Contoso Inc." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 8 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MetadataExchangeUri + +The URL that specifies the metadata exchange end point used for authentication from rich client applications such as Lync Online. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 9 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PreferredAuthenticationProtocol + +Specifies the preferred authentication protocol. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 10 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SigningCertificateUpdateStatus + +Specifies the update status of the signing certificate. + +```yaml +Type: System.Object +Parameter Sets: (All) +Aliases: + +Required: False +Position: 11 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PromptLoginBehavior + +Specifies the prompt login behavior. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 12 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaDomainFederationSettings](Get-EntraBetaDomainFederationSettings.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaPartnerInformation.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaPartnerInformation.md new file mode 100644 index 0000000000..1e8729e1ad --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaPartnerInformation.md @@ -0,0 +1,242 @@ +--- +title: Set-EntraBetaPartnerInformation +description: This article provides details on the Set-EntraBetaPartnerInformation command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPartnerInformation + +schema: 2.0.0 +--- + +# Set-EntraBetaPartnerInformation + +## Synopsis + +Sets company information for partners. + +## Syntax + +```powershell +Set-EntraBetaPartnerInformation + [-CompanyType ] + [-PartnerCompanyName ] + [-PartnerSupportTelephones ] + [-PartnerSupportEmails ] + [-PartnerCommerceUrl ] + [-PartnerSupportUrl ] + [-PartnerHelpUrl ] + [-TenantId ] + [] +``` + +## Description + +The `Set-EntraBetaPartnerInformation` cmdlet is used by partners to set partner-specific properties. + +These properties can view by all tenants that the partner has access to. + +## Examples + +### Example 1: Update the help URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaPartnerInformation -PartnerHelpUrl 'http://www.help.contoso.com' +``` + +This example shows how to update the help URL. + +### Example 2: Update the Support URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaPartnerInformation -PartnerSupportUrl 'http://www.test1.com' +``` + +This example shows how to update the support URL. + +### Example 3: Update the Commerce URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaPartnerInformation -PartnerCommerceUrl 'http://www.test1.com' +``` + +This example shows how to update the commerce URL. + +### Example 4: Update the SupportEmails + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaPartnerInformation -PartnerSupportEmails 'contoso@example.com' +``` + +This example shows how to update the support email addresses. + +### Example 5: Update the SupportTelephones + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$tenantId = (Get-EntraContext).TenantId +$params = @{ + PartnerSupportTelephones = '234234234' + TenantId = $tenantId +} +Set-EntraBetaPartnerInformation @params +``` + +This example shows how to update support telephone numbers. + +## Parameters + +### -PartnerCommerceUrl + +Specifies the URL for the partner's commerce website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerHelpUrl + +Specifies the URL for the partner's Help website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportEmails + +Specifies the support email address for the partner. + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportTelephones + +Specifies the support telephone numbers for the partner. + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportUrl + +Specifies the URL for the partner's support website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the unique ID of the tenant on which to perform the operation. +The default value is the tenant of the current user. +This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -CompanyType + +Specifies the partner's company type. + +```yaml +Type: CompanyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerCompanyName + +Specifies the partner's company name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaPartnerInformation](Get-EntraBetaPartnerInformation.md) diff --git a/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaTenantDetail.md b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaTenantDetail.md new file mode 100644 index 0000000000..4d33468b9b --- /dev/null +++ b/module/docs/entra-powershell-beta/DirectoryManagement/Set-EntraBetaTenantDetail.md @@ -0,0 +1,216 @@ +--- +title: Set-EntraBetaTenantDetail +description: This article provides details on the Set-EntraBetaTenantDetail command. + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaTenantDetail + +schema: 2.0.0 +--- + +# Set-EntraBetaTenantDetail + +## Synopsis + +Set contact details for a tenant. + +## Syntax + +```powershell +Set-EntraBetaTenantDetail + [-MarketingNotificationEmails ] + [-TechnicalNotificationMails ] + [-PrivacyProfile ] + [-SecurityComplianceNotificationMails ] + [-SecurityComplianceNotificationPhones ] + [] +``` + +## Description + +This cmdlet is used to set various contact details for a tenant. + +For delegated scenarios, the signed-in user must have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Privileged Role Administrator +- User Administrator +- Helpdesk Administrator + +## Examples + +### Example 1: Set contact details for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$params = @{ + MarketingNotificationEmails = @('amy@contoso.com', 'henry@contoso.com') + SecurityComplianceNotificationMails = @('john@contoso.com', 'mary@contoso.com') + SecurityComplianceNotificationPhones = @('1-555-625-9999', '1-555-233-5544') + TechnicalNotificationMails = 'peter@contoso.com' +} + +Set-EntraBetaTenantDetail @params +``` + +This example demonstrates how to set various contact details for a tenant. + +- `-MarketingNotificationEmails` parameter indicates the email addresses that are used to send marketing notification emails. +- `-SecurityComplianceNotificationMails` parameter indicates the email addresses that are used to send security compliance emails. +- `-SecurityComplianceNotificationPhones` parameter specifies the phone numbers that are used for security compliance. +- `-TechnicalNotificationMails` parameter indicates the email addresses that are used for technical notification emails. + +### Example 2: Set MarketingNotificationEmails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaTenantDetail -MarketingNotificationEmails @('amy@contoso.com','henry@contoso.com') +``` + +This example demonstrates how to set MarketingNotificationEmails detail for a tenant. + +- `-MarketingNotificationEmails` parameter indicates the email addresses that are used to send marketing notification emails. + +### Example 3: Set SecurityComplianceNotificationMails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaTenantDetail -SecurityComplianceNotificationMails @('john@contoso.com','mary@contoso.com') +``` + +This example demonstrates how to set SecurityComplianceNotificationMails detail for a tenant. + +- `-SecurityComplianceNotificationMails` parameter indicates the email addresses that are used to send security compliance emails. + +### Example 4: Set -SecurityComplianceNotificationPhones for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaTenantDetail -SecurityComplianceNotificationPhones @('1-555-625-9999', '1-555-233-5544') +``` + +This example demonstrates how to set MarketingNotificationEmails detail for a tenant. + +- `-SecurityComplianceNotificationPhones` parameter specifies the phone numbers that are used for security compliance. + +### Example 5: Set TechnicalNotificationMails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraBetaTenantDetail -TechnicalNotificationMails 'peter@contoso.com' +``` + +This example demonstrates how to set TechnicalNotificationMails detail for a tenant. + +- `-TechnicalNotificationMails` parameter indicates the email addresses that are used for technical notification emails. + +## Parameters + +### -MarketingNotificationEmails + +The email addresses that are used to send marketing notification emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityComplianceNotificationMails + +The email addresses that are used to send security compliance emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityComplianceNotificationPhones + +One or more phone numbers that are used for security compliance. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TechnicalNotificationMails + +The email addresses that are used for technical notification emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrivacyProfile + +Represents a company's privacy profile, which includes a privacy statement URL and a contact person for questions regarding the privacy statement. + +```yaml +Type: PrivacyProfile +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +- For more details see [Update organization](https://learn.microsoft.com/graph/api/organization-update). + +## Related Links + +[Get-EntraBetaTenantDetail](Get-EntraBetaTenantDetail.md) diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleAssignment.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleAssignment.md new file mode 100644 index 0000000000..ff6e927171 --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleAssignment.md @@ -0,0 +1,282 @@ +--- +title: Get-EntraBetaDirectoryRoleAssignment +description: This article provides details on the Get-EntraBetaDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryRoleAssignment + +## Synopsis + +Get a Microsoft Entra ID roleAssignment. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDirectoryRoleAssignment + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDirectoryRoleAssignment + -UnifiedRoleAssignmentId + [-All] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaDirectoryRoleAssignment + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryRoleAssignment` cmdlet gets information about role assignments in Microsoft Entra ID. To get a role assignment, specify the `UnifiedRoleAssignmentId` parameter. Specify the `SearchString` or `Filter` parameter to find a particular role assignment. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: + +- microsoft.directory/roleAssignments/standard/read (least privileged) +- microsoft.directory/roleAssignments/allProperties/read +- microsoft.directory/roleAssignments/allProperties/allTasks + +The least privileged roles for this operation, from least to most privileged, are: + +- Directory Readers +- Global Reader +- Privileged Role Administrator + +## Examples + +### Example 1: Get role assignments + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments in Microsoft Entra ID. + +### Example 2: Get role assignments using 'All' parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment -All +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets all the role assignments in Microsoft Entra ID. + +### Example 3: Get role assignments by Id + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment -UnifiedRoleAssignmentId '00001111-aaaa-2222-bbbb-3333cccc4444' +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments using specified roleAssignment Id. + +- `UnifiedRoleAssignmentId` parameter specifies the roleAssignment object ID. + +### Example 4: Get role assignments filter by principalId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment -Filter "principalId eq 'aaaaaaaa-bbbb-cccc-1111-222222222222'" +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments containing the specified principalId. + +### Example 5: Get role assignments filter by roleDefinitionId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment -Filter "roleDefinitionId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments containing the specified roleDefinitionId. + +### Example 6: Get top two role assignments + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleAssignment -Top 2 +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets top two role assignments. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UnifiedRoleAssignmentId + +The unique identifier of a Microsoft Entra ID roleAssignment object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleAssignment + +## Notes + +`Get-EntraBetaRoleAssignment` is an alias for `Get-EntraBetaDirectoryRoleAssignment`. + +## Related Links + +[New-EntraBetaDirectoryRoleAssignment](New-EntraBetaDirectoryRoleAssignment.md) + +[Remove-EntraBetaDirectoryRoleAssignment](Remove-EntraBetaDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleDefinition.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleDefinition.md new file mode 100644 index 0000000000..72fd4229b2 --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaDirectoryRoleDefinition.md @@ -0,0 +1,276 @@ +--- +title: Get-EntraBetaDirectoryRoleDefinition +description: This article provides details on the Get-EntraBetaDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Get-EntraBetaDirectoryRoleDefinition + +## Synopsis + +Gets information about role definitions in Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDirectoryRoleDefinition + [-All] + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaDirectoryRoleDefinition + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDirectoryRoleDefinition + -UnifiedRoleDefinitionId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaDirectoryRoleDefinition` cmdlet gets information about role definitions in Microsoft Entra ID. To get a role definition, specify the `UnifiedRoleDefinitionId` parameter. Specify the SearchString or Filter parameter to find particular role definition. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: + +- microsoft.directory/roleAssignments/standard/read (least privileged) +- microsoft.directory/roleAssignments/allProperties/read +- microsoft.directory/roleAssignments/allProperties/allTasks + +The least privileged roles for this operation, from least to most privileged, are: + +- Directory Readers +- Global Reader +- Privileged Role Administrator + +## Examples + +### Example 1: Get all role definitions + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleDefinition +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Guest User 11bb11bb-cc22-dd33-ee44-55ff55ff55ff 10dae51f-b6af-4016-8d66-8c2a99b929b3 Default role for guest users. Can read a limited set of directory information. +Restricted Guest User 33dd33dd-ee44-ff55-aa66-77bb77bb77bb 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory informati… +Guest Inviter 44ee44ee-ff55-aa66-bb77-88cc88cc88cc 95e79109-95c0-4d8e-aee3-d01accf2d47b Can invite guest users independent of the 'members can invite guests' setting. +``` + +This command returns all the role definitions present. + +### Example 2: Get a role definition by UnifiedRoleDefinitionId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleDefinition -UnifiedRoleDefinitionId '1a327991-10cb-4266-877a-998fb4df78ec' +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Restricted Guest User 2af84b1e-32c8-42b7-82bc-daa82404023b 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. +``` + +This command returns a specified role definition. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. + +### Example 3: Filter role definitions by display name + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleDefinition -Filter "startsWith(displayName, 'Restricted')" +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Restricted Guest User 2af84b1e-32c8-42b7-82bc-daa82404023b 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. +``` + +This command return all the role definitions containing the specified display name. + +### Example 4: Get top two role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleDefinition -Top 2 +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +Restricted Guest User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. True True +``` + +This command return top two the role definitions in Microsoft Entra ID. + +### Example 5: Filter role definitions by display name + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraBetaDirectoryRoleDefinition -SearchString 'Global' + ``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +Global Administrator 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 62e90394-69f5-4237-9190-012177145e10 Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identit… +Global Reader 11bb11bb-cc22-dd33-ee44-55ff55ff55ff f2ef992c-3afb-46b9-b7cf-a126ee74c451 Can read everything that a Global Administrator can, but not update anything. +``` + +This command return all the role definitions containing the specified display name. + +## Parameters + +### -UnifiedRoleDefinitionId + +Specifies the ID of the role definition. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records that this cmdlet gets. The default value is 100. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter string to match a set of role definitions. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition + +## Notes + +`Get-EntraBetaRoleDefinition` is an alias for `Get-EntraBetaDirectoryRoleDefinition`. + +## Related Links + +[New-EntraBetaDirectoryRoleDefinition](New-EntraBetaDirectoryRoleDefinition.md) + +[Remove-EntraBetaDirectoryRoleDefinition](Remove-EntraBetaDirectoryRoleDefinition.md) + +[Set-EntraBetaDirectoryRoleDefinition](Set-EntraBetaDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedResource.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedResource.md new file mode 100644 index 0000000000..c6b1c04fea --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedResource.md @@ -0,0 +1,232 @@ +--- +title: Get-EntraBetaPrivilegedResource +description: This article provides details on Get-EntraBetaPrivilegedResource command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivilegedResource + +schema: 2.0.0 +--- + +# Get-EntraBetaPrivilegedResource + +## Synopsis + +Get Microsoft Entra ID privileged resource. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPrivilegedResource + -ProviderId + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPrivilegedResource + -ProviderId + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaPrivilegedResource` cmdlet get Microsoft Entra ID privileged resource. + +## Examples + +### Example 1: Get all resources + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +Get-EntraBetaPrivilegedResource -ProviderId 'aadRoles' +``` + +```Output +Id DisplayName ExternalId RegisteredDateTime RegisteredRoot Status Type +-- ----------- ---------- ------------------ -------------- ------ ---- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AdminUnitName /administrativeUnits/aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Active administrativeUnits +``` + +This example demonstrates how to retrieve all resources for aadRoles provider. + +- `-ProviderId` Parameter specifies the ID of the specific provider. + +### Example 2: Get a specific privileged resource + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraBetaPrivilegedResource @params +``` + +```Output +Id DisplayName ExternalId RegisteredDateTime RegisteredRoot Status Type +-- ----------- ---------- ------------------ -------------- ------ ---- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AdminUnitName /administrativeUnits/aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Active administrativeUnits +``` + +This example retrieves a resource for aadRoles provider with ID `aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb`. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the unique identifier of the specific resource. + +### Example 3: Get a specific privileged resource by filter + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Filter = "DisplayName eq 'AdminUnitName'" +} +Get-EntraBetaPrivilegedResource @params +``` + +```Output +Id DisplayName ExternalId RegisteredDateTime RegisteredRoot Status Type +-- ----------- ---------- ------------------ -------------- ------ ---- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AdminUnitName /administrativeUnits/aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Active administrativeUnits +``` + +This example retrieves a resource for aadRoles provider Filter. + +- `-ProviderId` Parameter specifies the ID of the specific provider. + +### Example 4: Get top privileged resources + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' +} +Get-EntraBetaPrivilegedResource @params -Top 1 +``` + +```Output +Id DisplayName ExternalId RegisteredDateTime RegisteredRoot Status Type +-- ----------- ---------- ------------------ -------------- ------ ---- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Test /administrativeUnits/aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Active administrativeUnits +``` + +This example retrieves top resources for aadRoles provider. + +- `-ProviderId` Parameter specifies the ID of the specific provider. + +## Parameters + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of the specific resource. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProviderId + +The unique identifier of the specific provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The top result count. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRole.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRole.md new file mode 100644 index 0000000000..6ef05bdaa6 --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRole.md @@ -0,0 +1,116 @@ +--- +title: Get-EntraBetaPrivilegedRole +description: This article provides details on the Get-EntraBetaPrivilegedRole command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivilegedRole + +schema: 2.0.0 +--- + +# Get-EntraBetaPrivilegedRole + +## Synopsis +{{ Fill in the Synopsis }} + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPrivilegedRole + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPrivilegedRole + -Id + [-Property ] + [] +``` + +## Description +{{ Fill in the Description }} + +## Examples + +### Example 1 +```powershell +PS C:\> {{ Add example code here }} +``` + +{{ Add example description here }} + +## Parameters + +### -Filter +{{ Fill Filter Description }} + +```yaml +Type: String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id +{{ Fill Id Description }} + +```yaml +Type: String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.md new file mode 100644 index 0000000000..27d2c9323c --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleDefinition.md @@ -0,0 +1,263 @@ +--- +title: Get-EntraBetaPrivilegedRoleDefinition +description: This article provides details on Get-EntraBetaPrivilegedRoleDefinition command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivilegedRoleDefinition + +schema: 2.0.0 +--- + +# Get-EntraBetaPrivilegedRoleDefinition + +## Synopsis + +Get role definitions. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPrivilegedRoleDefinition + -ResourceId + -ProviderId + [-Filter ] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPrivilegedRoleDefinition + -ResourceId + -Id + -ProviderId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaPrivilegedRoleDefinition` cmdlet gets role definitions from Microsoft Entra ID. + +## Examples + +### Example 1: Get role definitions for a specific provider and resource + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraBetaPrivilegedRoleDefinition @params +``` + +```Output +Id DisplayName ExternalId ResourceId TemplateId +-- ----------- ---------- ---------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222… +bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333… +cccccccc-2222-3333-4444-dddddddddddd Search Administrator cccccccc-2222-3333-4444-dddddddddddd 00001111-aaaa-2222-bbbb-3333cccc4444 cccccccc-2222-3333-4444… +``` + +This example retrieves role definitions for a specific provider and resource. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-ResourceId` Parameter specifies the ID of the specific resource. + +### Example 2: Get a role definition for a specific provider + +```Powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + ResourceId = '11112222-bbbb-3333-cccc-4444dddd5555' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Get-EntraBetaPrivilegedRoleDefinition @params +``` + +```Output +Id DisplayName ExternalId ResourceId TemplateId +-- ----------- ---------- ---------- ---------- +bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333… +``` + +This example retrieves a role definition for a specific provider, resource, and ID. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-ResourceId` Parameter specifies the ID of the specific resource. +- `-Id` Parameter specifies the ID of a role definition. + +### Example 3: Get a specific role definition by filter + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Filter = "DisplayName eq 'custom proxy'" +} +Get-EntraBetaPrivilegedRoleDefinition @params +``` + +```Output +Id DisplayName ExternalId ResourceId TemplateId +-- ----------- ---------- ---------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222… +``` + +This example retrieves a specific role definition by Filter. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-ResourceId` Parameter specifies the ID of the specific resource. + +### Example 4: Get top role definition + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraBetaPrivilegedRoleDefinition @params -Top 1 +``` + +```Output +Id DisplayName ExternalId ResourceId TemplateId +-- ----------- ---------- ---------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222… +``` + +This example retrieves a top one role definition. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-ResourceId` Parameter specifies the ID of the specific resource. + +## Parameters + +### -Id + +The ID of a role definition. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProviderId + +The unique identifier of the specific provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ResourceId + +The unique identifier of the specific resource. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The top result count. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleSetting.md b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleSetting.md new file mode 100644 index 0000000000..cf9df3ddbe --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Get-EntraBetaPrivilegedRoleSetting.md @@ -0,0 +1,243 @@ +--- +title: Get-EntraBetaPrivilegedRoleSetting +description: This article provides details on Get-EntraBetaPrivilegedRoleSetting command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivilegedRoleSetting + +schema: 2.0.0 +--- + +# Get-EntraBetaPrivilegedRoleSetting + +## Synopsis + +Get role settings. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPrivilegedRoleSetting + -ProviderId + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPrivilegedRoleSetting + -Id + -ProviderId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaPrivilegedRoleSetting` cmdlet gets role settings from Microsoft Entra ID. + +## Examples + +### Example 1: Get role settings for a specific provider and resource + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Filter = "ResourceId eq 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'" +} +Get-EntraBetaPrivilegedRoleSetting @params +``` + +```Output +Id IsDefault LastUpdatedBy LastUpdatedDateTime ResourceId RoleDefinitionId +-- --------- ------------- ------------------- ---------- ---------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False MG_graph_auth 06/08/2024 05:12:08 22223333-cccc-4444-dddd-5555eeee6666 44445555-eeee-6666-ffff-7777aaaa8888 +bbbbbbbb-1111-2222-3333-cccccccccccc False MG_graph_auth 26/07/2024 12:28:15 11112222-bbbb-3333-cccc-4444dddd5555 55556666-ffff-7777-aaaa-8888bbbb9999 +``` + +This example retrieves role settings for a specific provider and resource. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- In, `-Filter` parameter `ResourceId` specifies the ID of the specific resource. + +### Example 2: Get a role setting for a specific provider and Id + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraBetaPrivilegedRoleSetting @params +``` + +```Output +Id IsDefault LastUpdatedBy LastUpdatedDateTime ResourceId RoleDefinitionId +-- --------- ------------- ------------------- ---------- ---------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False MG_graph_auth 06/08/2024 05:12:08 22223333-cccc-4444-dddd-5555eeee6666 44445555-eeee-6666-ffff-7777aaaa8888 +``` + +This example retrieves role settings for a specific provider and Id. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. + +### Example 3: Get role settings for a specific provider and resource + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Filter = "ResourceId eq 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'" +} +Get-EntraBetaPrivilegedRoleSetting @params -Top 1 +``` + +```Output +Id IsDefault LastUpdatedBy LastUpdatedDateTime ResourceId RoleDefinitionId +-- --------- ------------- ------------------- ---------- ---------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False MG_graph_auth 06/08/2024 05:12:08 22223333-cccc-4444-dddd-5555eeee6666 44445555-eeee-6666-ffff-7777aaaa8888 +``` + +This example retrieves a top one specific role setting. + +- `-ProviderId` Parameter specifies the ID of the specific provider. + +### Example 4: Get role settings with Filter query + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup' +$params = @{ + ProviderId = 'aadRoles' + Filter = "ResourceId eq 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' and LastUpdatedBy eq 'MOD Administrator'" +} +Get-EntraBetaPrivilegedRoleSetting @params +``` + +```Output +Id IsDefault LastUpdatedBy LastUpdatedDateTime ResourceId RoleDefinitionId +-- --------- ------------- ------------------- ---------- ---------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False MG_graph_auth 06/08/2024 05:12:08 22223333-cccc-4444-dddd-5555eeee6666 44445555-eeee-6666-ffff-7777aaaa8888 +``` + +This example retrieves role settings for a specific provider and resource. + +- `-ProviderId` Parameter specifies the ID of the specific provider. + +## Parameters + +### -Id + +The unique identifier of the specific role setting. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProviderId + +The unique identifier of the specific provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The top result count. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +### System. Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaPrivilegedRoleSetting](Set-EntraBetaPrivilegedRoleSetting.md) diff --git a/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleAssignment.md b/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleAssignment.md new file mode 100644 index 0000000000..9d05adcd28 --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleAssignment.md @@ -0,0 +1,136 @@ +--- +title: New-EntraBetaDirectoryRoleAssignment +description: This article provides details on the New-EntraBetaDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaDirectoryRoleAssignment + +## Synopsis + +Create a new Microsoft Entra ID roleAssignment. + +## Syntax + +```powershell +New-EntraBetaDirectoryRoleAssignment + -RoleDefinitionId + -DirectoryScopeId + -PrincipalId + [] +``` + +## Description + +The `New-EntraBetaDirectoryRoleAssignment` cmdlet creates a new Microsoft Entra role assignment. + +## Examples + +### Example 1: Create a new Microsoft Entra ID role assignment + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory','EntitlementManagement.ReadWrite.All' +$params = @{ + RoleDefinitionId = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + PrincipalId = 'aaaaaaaa-bbbb-cccc-1111-222222222222' + DirectoryScopeId = '/' + } + +New-EntraBetaDirectoryRoleAssignment @params +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command creates a new role assignment in Microsoft Entra ID. + +- `-RoleDefinitionId` parameter specifies the ID of the role definition that you want to assign. Role definitions describe the permissions that are granted to users or groups by the role. This is the Identifier of the `unifiedRoleDefinition` the assignment is for. + +- `-PrincipalId` parameter specifies the ID of the principal (user, group, or service principal) to whom the role is being assigned. + +- `-DirectoryScopeId` parameter specifies the scope of the directory over which the role assignment is effective. The '/' value typically represents the root scope, meaning the role assignment is applicable across the entire directory. + +## Parameters + +### -DirectoryScopeId + +Specifies the scope for the role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies the principal for role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleDefinitionId + +Specifies the role definition for role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleAssignment + +## Notes + +`New-EntraBetaRoleAssignment` is an alias for `New-EntraBetaDirectoryRoleAssignment`. + +## Related Links + +[Get-EntraBetaDirectoryRoleAssignment](Get-EntraBetaDirectoryRoleAssignment.md) + +[Remove-EntraBetaDirectoryRoleAssignment](Remove-EntraBetaDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleDefinition.md b/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleDefinition.md new file mode 100644 index 0000000000..a931d1d6dd --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/New-EntraBetaDirectoryRoleDefinition.md @@ -0,0 +1,347 @@ +--- +title: New-EntraBetaDirectoryRoleDefinition +description: This article provides details on the New-EntraBetaDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# New-EntraBetaDirectoryRoleDefinition + +## Synopsis + +Create a new Microsoft Entra ID roleDefinition. + +## Syntax + +```powershell +New-EntraBetaDirectoryRoleDefinition + -IsEnabled + -DisplayName + -RolePermissions + [-Description ] + [-InheritsPermissionsFrom ] + [-Version ] + [-ResourceScopes ] + [-TemplateId ] + [] +``` + +## Description + +Create a new Microsoft Entra ID roleDefinition object. + +## Examples + +### Example 1: Creates a new role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' +} + +New-EntraBetaDirectoryRoleDefinition @params +``` + +```Output + +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 93ff7659-04bd-4d97-8add-b6c992cce98e False False + +``` + +This command creates a new role definition in Microsoft Entra ID. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. + +### Example 2: Creates a new role definition with Description parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + Description = 'Role Definition demo' +} + +New-EntraBetaDirectoryRoleDefinition @params +``` + +```Output + +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 e14cb8e2-d696-4756-bd7f-c7df25271f3d Role Definition demo False False + +``` + +This command creates a new role definition with Description parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Description` parameter specifies the description for the role definition. + +### Example 3: Creates a new role definition with ResourceScopes parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + ResourceScopes = '/' +} + +New-EntraBetaDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 2bc29892-ca2e-457e-b7c0-03257a0bcd0c False False + +``` + +This command creates a new role definition with ResourceScopes parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-ResourceScopes` parameter specifies the resource scopes for the role definition. + +### Example 4: Creates a new role definition with TemplateId parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + TemplateId = '4dd5aa9c-cf4d-4895-a993-740d342802b9' +} + +New-EntraBetaDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 4dd5aa9c-cf4d-4895-a993-740d342802b9 False False + +``` + +This command creates a new role definition with TemplateId parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-TemplateId` parameter specifies the template ID for the role definition. + +### Example 5: Creates a new role definition with Version parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + Version = '2' +} + +New-EntraBetaDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 b69d16e9-b3f9-4289-a87f-8f796bd9fa28 False False + +``` + +This command creates a new role definition with Version parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Version` parameter specifies the version for the role definition. + +## Parameters + +### -Description + +Specifies a description for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InheritsPermissionsFrom + +Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles support this attribute. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies whether the role definition is enabled. Flag indicating if the role is enabled for assignment. If false, the role isn't available for assignment. Read-only when `isBuiltIn` is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceScopes + +Specifies the resource scopes for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RolePermissions + +Specifies permissions for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TemplateId + +Specifies the template ID for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Version + +Specifies version for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition + +## Notes + +`New-EntraBetaRoleDefinition` is an alias for `New-EntraBetaDirectoryRoleDefinition`. + +## Related Links + +[Get-EntraBetaDirectoryRoleDefinition](Get-EntraBetaDirectoryRoleDefinition.md) + +[Remove-EntraBetaDirectoryRoleDefinition](Remove-EntraBetaDirectoryRoleDefinition.md) + +[Set-EntraBetaDirectoryRoleDefinition](Set-EntraBetaDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-beta/Governance/New-EntraBetaPrivilegedRoleAssignment.md b/module/docs/entra-powershell-beta/Governance/New-EntraBetaPrivilegedRoleAssignment.md new file mode 100644 index 0000000000..f6db071299 --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/New-EntraBetaPrivilegedRoleAssignment.md @@ -0,0 +1,146 @@ +--- +title: New-EntraBetaPrivilegedRoleAssigment +description: This article provides details on the New-EntraBetaPrivilegedRoleAssignment command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPrivilegedRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaPrivilegedRoleAssignment + +## Synopsis +{{ Fill in the Synopsis }} + +## Syntax + +``` +New-EntraBetaPrivilegedRoleAssignment [-IsElevated ] [-Id ] [-ResultMessage ] + [-ExpirationDateTime ] -RoleId -UserId [] +``` + +## Description +{{ Fill in the Description }} + +## Examples + +### Example 1 +``` +PS C:\> {{ Add example code here }} +``` + +{{ Add example description here }} + +## Parameters + +### -ExpirationDateTime +{{ Fill ExpirationDateTime Description }} + +```yaml +Type: DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id +{{ Fill Id Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsElevated +{{ Fill IsElevated Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResultMessage +{{ Fill ResultMessage Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleId +{{ Fill RoleId Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId +{{ Fill UserId Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None +## Outputs + +### System.Object +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.md b/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.md new file mode 100644 index 0000000000..68b0e1fe3c --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleAssignment.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraBetaDirectoryRoleAssignment +description: This article provides details on the Remove-EntraBetaDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraBetaDirectoryRoleAssignment + +## Synopsis + +Delete a Microsoft Entra ID roleAssignment. + +## Syntax + +```powershell +Remove-EntraBetaDirectoryRoleAssignment + -UnifiedRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraBetaDirectoryRoleAssignment` cmdlet removes a role assignment from Microsoft Entra ID. + +## Examples + +### Example 1: Remove a role assignment + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory','EntitlementManagement.ReadWrite.All' +Remove-EntraBetaDirectoryRoleAssignment -UnifiedRoleAssignmentId 'Y1vFBcN4i0e3ngdNDocmngJAWGnAbFVAnJQyBBLv1lM-1' +``` + +This example removes the specified role assignment from Microsoft Entra ID. + +- `-UnifiedRoleAssignmentId` parameter specifies the role assignment ID. + +## Parameters + +### -UnifiedRoleAssignmentId + +The unique identifier of an object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Remove-EntraBetaRoleAssignment` is an alias for `Remove-EntraBetaDirectoryRoleAssignment`. + +## Related Links + +[New-EntraBetaDirectoryRoleAssignment](New-EntraBetaDirectoryRoleAssignment.md) + +[Get-EntraBetaDirectoryRoleAssignment](Get-EntraBetaDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.md b/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.md new file mode 100644 index 0000000000..b8fefb0ced --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Remove-EntraBetaDirectoryRoleDefinition.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraBetaDirectoryRoleDefinition +description: This article provides details on the Remove-EntraBetaDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Remove-EntraBetaDirectoryRoleDefinition + +## Synopsis + +Delete a Microsoft Entra ID Directory roleDefinition object. + +## Syntax + +```powershell +Remove-EntraBetaDirectoryRoleDefinition + -UnifiedRoleDefinitionId + [] +``` + +## Description + +Delete a Microsoft Entra ID Directory roleDefinition object by ID. + +You can't delete built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. + +## Examples + +### Example 1: Remove a specified role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +Remove-EntraBetaDirectoryRoleDefinition -UnifiedRoleDefinitionId 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +``` + +This example demonstrates how to remove the specified role definition from Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. + +## Parameters + +### -UnifiedRoleDefinitionId + +The unique identifier of an object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Remove-EntraBetaRoleDefinition` is an alias for `Remove-EntraBetaDirectoryRoleDefinition`. + +## Related Links + +[New-EntraBetaDirectoryRoleDefinition](New-EntraBetaDirectoryRoleDefinition.md) + +[Set-EntraBetaDirectoryRoleDefinition](Set-EntraBetaDirectoryRoleDefinition.md) + +[Get-EntraBetaDirectoryRoleDefinition](Get-EntraBetaDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-beta/Governance/Set-EntraBetaDirectoryRoleDefinition.md b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaDirectoryRoleDefinition.md new file mode 100644 index 0000000000..d81052475e --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaDirectoryRoleDefinition.md @@ -0,0 +1,298 @@ +--- +title: Set-EntraBetaDirectoryRoleDefinition +description: This article provides details on the Set-EntraBetaDirectoryRoleDefinition command. + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Set-EntraBetaDirectoryRoleDefinition + +## Synopsis + +Update an existing Microsoft Entra ID roleDefinition. + +## Syntax + +```powershell +Set-EntraBetaDirectoryRoleDefinition + -UnifiedRoleDefinitionId + [-IsEnabled ] + [-InheritsPermissionsFrom ] + [-Version ] + [-ResourceScopes ] + [-Description ] + [-RolePermissions ] + [-TemplateId ] + [-DisplayName ] + [] +``` + +## Description + +Updates a Microsoft Entra roleDefinition object identified by ID. You can't update built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. + +## Examples + +### Example 1: Update an roleDefinition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraBetaDirectoryRoleDefinition -Filter "DisplayName eq ''" +$params = @{ + UnifiedRoleDefinitionId = $roleDefinition.Id + DisplayName = 'UpdatedDisplayName' +} +Set-EntraBetaDirectoryRoleDefinition @params +``` + +This example updates the specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-DisplayName` parameter specifies the display name for the role definition. + +### Example 2: Update an roleDefinition with Description + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraBetaDirectoryRoleDefinition -Filter "DisplayName eq ''" +$params = @{ + UnifiedRoleDefinitionId = $roleDefinition.Id + Description = 'MYROLEUPDATE1S' +} +Set-EntraBetaDirectoryRoleDefinition @params +``` + +This example updates the Description of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-Description` parameter specifies the description for the role definition. + +### Example 3: Update an roleDefinition with IsEnabled + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraBetaDirectoryRoleDefinition -Filter "DisplayName eq ''" +$params = @{ + UnifiedRoleDefinitionId = $roleDefinition.Id + IsEnabled = $true +} +Set-EntraBetaDirectoryRoleDefinition @params +``` + +This example updates the IsEnabled of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-IsEnabled` parameter specifies whether the role definition is enabled. + +### Example 4: Update an roleDefinition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraBetaDirectoryRoleDefinition -Filter "DisplayName eq ''" +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/standard/read") +$params = @{ + UnifiedRoleDefinitionId = $roleDefinition.Id + Description = 'Update' + DisplayName = 'Update' + ResourceScopes = '/' + IsEnabled = $false + RolePermissions = $RolePermissions + TemplateId = '54d418b2-4cc0-47ee-9b39-e8f84ed8e073' + Version = 2 +} + +Set-EntraBetaDirectoryRoleDefinition @params +``` + +This example updates the RolePermissions, TemplateId, TemplateId, ResourceScopes of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Description` parameter specifies the description for the role definition. +- `-ResourceScopes` parameter specifies the resource scopes for the role definition. +- `-TemplateId` parameter specifies the template ID for the role definition. +- `-Version` parameter specifies the version for the role definition. + +## Parameters + +### -Description + +Specifies a description for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UnifiedRoleDefinitionId + +Specifies the roleDefinition object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -InheritsPermissionsFrom + +Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles support this attribute. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies whether the role definition is enabled. Flag indicating if the role is enabled for assignment. If false, the role is not available for assignment. Read-only when `isBuiltIn` is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceScopes + +Specifies the resource scopes for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RolePermissions + +Specifies permissions for the role definition. List of permissions included in the role. Read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TemplateId + +Specifies the template ID for the role definition. A custom template ID can be set when `isBuiltIn` is `false`. This ID is typically used to keep the same identifier across different directories. It is read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Version + +Specifies version for the role definition. Indicates version of the role definition. Read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Set-EntraBetaRoleAssignment` is an alias for `Set-EntraBetaDirectoryRoleAssignment`. + +## Related Links + +[New-EntraBetaDirectoryRoleDefinition](New-EntraBetaDirectoryRoleDefinition.md) + +[Remove-EntraBetaDirectoryRoleDefinition](Remove-EntraBetaDirectoryRoleDefinition.md) + +[Get-EntraBetaDirectoryRoleDefinition](Get-EntraBetaDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.md b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.md new file mode 100644 index 0000000000..70ce0884da --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleAssignmentRequest.md @@ -0,0 +1,149 @@ +--- +title: Set-EntraBetaDirectoryRoleAssignmentRequest +description: This article provides details on the Set-EntraBetaDirectoryRoleAssignmentRequest command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPrivilegedRoleAssignmentRequest + +schema: 2.0.0 +--- + +# Set-EntraBetaPrivilegedRoleAssignmentRequest + +## Synopsis +Update a role assignment request + +## Syntax + +``` +Set-EntraBetaPrivilegedRoleAssignmentRequest -Id [-Schedule ] + [-AssignmentState ] [-Decision ] [-Reason ] -ProviderId [] +``` + +## Description +Update a role assignment request + +## Examples + +### Example 1 +``` +PS C:\> Set-EntraBetaPrivilegedRoleAssignmentRequest -ProviderId AzureResources -Id 8d28fcb3-1373-4810-8e84-75adea9a18be -Reason "{'RequestorReason':'test','AdminReason':'gg'}" -Decision "AdminDenied" +``` + +Update a role assignment request by setting to denied + +## Parameters + +### -AssignmentState +The state of assignment, and the values can be Eligible or Active. +For decision of AdminApproved, it is required. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Decision +The administrator decision of the role assignment request. +The value should be updated as AdminApproved or AdminDenied. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id +The unique identifier of the specific role assignment request + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProviderId +The unique identifier of the specific provider + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Reason +The reason provided by the administrator for his decision. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Schedule +The schedule of the role assignment request. +For status of AdminApproved, it is required. + +```yaml +Type: AzureADMSPrivilegedSchedule +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String +## Outputs + +### System.Object +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleSetting.md b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleSetting.md new file mode 100644 index 0000000000..182c1ba4dd --- /dev/null +++ b/module/docs/entra-powershell-beta/Governance/Set-EntraBetaPrivilegedRoleSetting.md @@ -0,0 +1,314 @@ +--- +title: Set-EntraBetaPrivilegedRoleSetting +description: This article provides details on Set-EntraBetaPrivilegedRoleSetting command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Governance-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPrivilegedRoleSetting + +schema: 2.0.0 +--- + +# Set-EntraBetaPrivilegedRoleSetting + +## Synopsis + +Update role setting. + +## Syntax + +```powershell +Set-EntraBetaPrivilegedRoleSetting + [-ResourceId ] + [-UserEligibleSettings ] + -Id + [-AdminEligibleSettings ] + [-RoleDefinitionId ] + [-AdminMemberSettings ] + [-UserMemberSettings ] + -ProviderId [] +``` + +## Description + +The `Set-EntraBetaPrivilegedRoleSetting` cmdlet update role setting. + +## Examples + +### Example 1: Update a UserMember Settings by setting the justification to be false + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.ReadWrite.AzureResources', 'PrivilegedAccess.ReadWrite.AzureADGroup' + +$setting1 = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting +$setting1.RuleIdentifier = "JustificationRule" +$setting1.Setting = "{`"required`":false}" +$params = @{ + ProviderId = 'aadRoles' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + UserMemberSettings = $setting1 +} +Set-EntraBetaPrivilegedRoleSetting @params +``` + +This command update a role setting by setting the justification to be false. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. +- `-UserMemberSettings` Parameter rule settings that are evaluated when a user tries to activate his role assignment. + +### Example 2: Update a AdminEligible Settings by setting the MfaRule to be true + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.ReadWrite.AzureResources', 'PrivilegedAccess.ReadWrite.AzureADGroup' + +$setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting +$setting.RuleIdentifier = "MfaRule" +$setting.Setting = "{`"mfaRequired`": true}" +$params = @{ + ProviderId = 'aadRoles' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + AdminEligibleSettings = $setting +} +Set-EntraBetaPrivilegedRoleSetting @params +``` + +This command update a AdminEligible Settings by setting the MfaRule to be true. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. +- `-AdminEligibleSettings` Parameter rule settings that are evaluated when an administrator tries to add an eligible role assignment. + +### Example 3: Update a UserEligibleSettings Settings + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.ReadWrite.AzureResources', 'PrivilegedAccess.ReadWrite.AzureADGroup' + +$setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting +$setting.RuleIdentifier = "AttributeConditionRule" +$setting.Setting = "{ + `"condition`": null, + `"conditionVersion`": null, + `"conditionDescription`": null, + `"enableEnforcement`": true + }" +$params = @{ + ProviderId = 'aadRoles' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + UserEligibleSettings = $setting +} +Set-EntraBetaPrivilegedRoleSetting @params +``` + +This command update a UserEligible Settings. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. +- `-UserEligibleSettings` Parameter rule settings that are evaluated when a user tries to add an eligible role assignment. + +### Example 4: Update a AdminMemberSettings Settings + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.ReadWrite.AzureResources', 'PrivilegedAccess.ReadWrite.AzureADGroup' + +$setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting +$setting.RuleIdentifier = "JustificationRule" +$setting.Setting = "{`"required`":true}" +$temp = New-Object System.Collections.Generic.List[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] +$temp.Add($setting) +$params = @{ + ProviderId = 'aadRoles' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + AdminMemberSettings = $temp +} +Set-EntraBetaPrivilegedRoleSetting @params +``` + +This command update a AdminMember Settings. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. +- `-AdminMemberSettings` Parameter rule settings that are evaluated when an administrator tries to add an activate role assignment. + +### Example 5: Update a AdminEligible Settings + +```powershell +Connect-Entra -Scopes 'PrivilegedAccess.ReadWrite.AzureAD', 'PrivilegedAccess.ReadWrite.AzureResources', 'PrivilegedAccess.ReadWrite.AzureADGroup' + +$setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting +$setting.RuleIdentifier = "MfaRule" +$setting.Setting = "{`"mfaRequired`": true}" +$params = @{ + ProviderId = 'aadRoles' + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + RoleDefinitionId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + ResourceId = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + AdminEligibleSettings = $setting +} +Set-EntraBetaPrivilegedRoleSetting @params +``` + +This command update a AdminEligible Settings. + +- `-ProviderId` Parameter specifies the ID of the specific provider. +- `-Id` Parameter specifies the ID of the specific role setting. +- `-AdminEligibleSettings` Parameter rule settings that are evaluated when an administrator tries to add an eligible role assignment. +- `-ResourceId` Parameter specifies the ID of the specific resource. +- `-RoleDefinitionId` Parameter specifies the ID of the specific role definition + +## Parameters + +### -AdminEligibleSettings + +The rule settings that are evaluated when an administrator tries to add an eligible role assignment. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AdminMemberSettings + +The rule settings that are evaluated when an administrator tries to add an activate role assignment. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of the specific role setting. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProviderId + +The unique identifier of the specific provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ResourceId + +The unique identifier of the specific resource. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleDefinitionId + +The unique identifier of the specific role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserEligibleSettings + +The rule settings that are evaluated when a user tries to add an eligible role assignment. +This isn't supported for pimforazurerbac scenario for now, and may be available in the future scenarios. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserMemberSettings + +The rule settings that are evaluated when a user tries to activate their role assignment. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaPrivilegedRoleSetting](Get-EntraBetaPrivilegedRoleSetting.md) diff --git a/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupMember.md b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupMember.md new file mode 100644 index 0000000000..cde674dac9 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupMember.md @@ -0,0 +1,105 @@ +--- +title: Add-EntraBetaGroupMember +description: This article provides details on the Add-EntraBetaGroupMember command. + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaGroupMember + +schema: 2.0.0 +--- + +# Add-EntraBetaGroupMember + +## Synopsis + +Add a member to a group. + +## Syntax + +```powershell +Add-EntraBetaGroupMember + -GroupId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaGroupMember` cmdlet adds a member to a group. Specify the `GroupId` and `RefObjectId` parameters to add a member to a group. + +`-GroupId` - specifies the unique identifier (Object ID) of the group to which you want to add a member. + +`-RefObjectId` - specifies the unique identifier (Object ID) of the member to be added to the group. + +## Examples + +### Example 1: Add a member to a group + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$params = @{ + GroupId = 'dddddddd-2222-3333-5555-rrrrrrrrrrrr' + RefObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} + +Add-EntraBetaGroupMember @params +``` + +This example demonstrates how to add a member to a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroupMember](Get-EntraBetaGroupMember.md) + +[Remove-EntraBetaGroupMember](Remove-EntraBetaGroupMember.md) diff --git a/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupOwner.md b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupOwner.md new file mode 100644 index 0000000000..f09c35c291 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaGroupOwner.md @@ -0,0 +1,108 @@ +--- +title: Add-EntraBetaGroupOwner +description: This article provides details on the Add-EntraBetaGroupOwner command. + + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaGroupOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaGroupOwner + +## Synopsis + +Adds an owner to a group. + +## Syntax + +```powershell +Add-EntraBetaGroupOwner + -GroupId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaGroupOwner` cmdlet adds an owner to a Microsoft Entra ID group. Specify the `GroupId` and `RefObjectId` parameters to add an owner to a group. + +`-GroupId` - specifies the unique identifier (Object ID) of the group to which you want to add an owner. + +`-RefObjectId` - specifies the unique identifier (Object ID) of the owner to be added to the group (user or service principal). + +## Examples + +### Example 1: Add an owner to a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$params = @{ + GroupId = $group.ObjectId + RefObjectId = $user.ObjectId +} + +Add-EntraBetaGroupOwner @params +``` + +This example demonstrates how to add an owner to a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroupOwner](Get-EntraBetaGroupOwner.md) + +[Remove-EntraBetaGroupOwner](Remove-EntraBetaGroupOwner.md) diff --git a/module/docs/entra-powershell-beta/Groups/Add-EntraBetaLifecyclePolicyGroup.md b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaLifecyclePolicyGroup.md new file mode 100644 index 0000000000..7aa8f0b6bc --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Add-EntraBetaLifecyclePolicyGroup.md @@ -0,0 +1,111 @@ +--- +title: Add-EntraLifecyclePolicyGroup +description: This article provides details on the Add-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Add-EntraBetaLifecyclePolicyGroup + +## Synopsis + +Adds a group to a lifecycle policy. + +## Syntax + +```powershell +Add-EntraBetaLifecyclePolicyGroup + -GroupLifecyclePolicyId + -GroupId + [] +``` + +## Description + +The `Add-EntraBetaLifecyclePolicyGroup` cmdlet adds a group to a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1 + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraBetaGroupLifecyclePolicy | Select-Object -First 1 +$params = @{ + GroupLifecyclePolicyId = $policy.Id + groupId = $group.ObjectId +} +Add-EntraBetaLifecyclePolicyGroup @params +``` + +This example adds a group to the lifecycle policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy add to the group. +- `-GroupId` parameter specifies the ID of the group add to the Lifecycle Policy. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaLifecyclePolicyGroup](Get-EntraBetaLifecyclePolicyGroup.md) + +[Remove-EntraBetaLifecyclePolicyGroup](Remove-EntraBetaLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaDeletedGroup.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaDeletedGroup.md new file mode 100644 index 0000000000..2b3361bcf7 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaDeletedGroup.md @@ -0,0 +1,283 @@ +--- +title: Get-EntraBetaDeletedGroup +description: This article provides details on the Get-EntraBetaDeletedGroup. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaDeletedGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaDeletedGroup + +## Synopsis + +This cmdlet is used to retrieve the soft deleted groups in a Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaDeletedGroup + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaDeletedGroup + -GroupId + [-All] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaDeletedGroup + [-All] + [-SearchString ] + [-Property ] + [] +``` + +## Description + +This cmdlet retrieves soft-deleted groups from a directory. When a group is deleted, it is soft deleted and can be recovered within 30 days. After 30 days, the group is permanently deleted and cannot be recovered. + +Please note that soft delete currently applies only to Unified Groups (also known as Office 365 Groups). + +## Examples + +### Example 1: Get deleted groups in the directory + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the Microsoft Entra ID. + +### Example 2: Get deleted groups in the directory using All parameter + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup -All +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the directory, using All parameter. + +### Example 3: Get top two deleted groups + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup -Top 2 +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +``` + +This cmdlet retrieves top two deleted groups in the directory. + +### Example 4: Get deleted groups containing string 'test2' + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup -SearchString 'test2' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, containing the specified string. + +### Example 5: Get deleted groups filter by display name + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup -Filter "displayName eq 'test21'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, having the specified display name. + +### Example 6: Get deleted group by GroupId + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraBetaDeletedGroup -GroupId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves the deleted group specified by GroupId. + +- `-GroupId` parameter specifies the deleted group ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The GroupId of the deleted group to be retrieved. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroup.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroup.md new file mode 100644 index 0000000000..3caaf45ce5 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroup.md @@ -0,0 +1,308 @@ +--- +title: Get-EntraBetaGroup +description: This article provides details on the Get-EntraBetaGroup command. + +ms.topic: reference +ms.date: 06/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaGroup + +## Synopsis + +Gets a group. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaGroup + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraBetaGroup + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaGroup + -GroupId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaGroup` cmdlet gets a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a specific group. + +## Examples + +### Example 1: Get all groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroup +``` + +```Output +DisplayName Id MailNickname Description +----------- -- ------------ ----------- +SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName +SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName +testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 +My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group +SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName +``` + +This example demonstrates how to get all groups from Microsoft Entra ID. + +### Example 2: Get a specific group by using an GroupId + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroup -GroupId 'eeeeeeee-4444-5555-6666-ffffffffffff' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +SimpleTestGrp eeeeeeee-4444-5555-6666-ffffffffffff NickName {} +``` + +This example demonstrates how to retrieve specific group by providing ID. + +### Example 3: Get top five groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroup -Top 5 +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName {} +SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName {} +testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 {DynamicMembership, Unified} +My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group {} +SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName {} +``` + +This example demonstrates how to get top five groups. + +### Example 4: Get a group by DisplayName + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroup -Filter "DisplayName eq 'Parents of Contoso'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +Parents of Contoso aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb parentsofcontoso Parents of Contoso {Unified} +``` + +In this example, we retrieve group using the Display Name. + +### Example 5: Get groups that contain a search string + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroup -SearchString 'New' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +New Employee Onboarding aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb newemployeeonboarding New Employee Onboarding {Unified} +new1 bbbbbbbb-7777-8888-9999-cccccccccccc new1 new1 {DynamicM... +``` + +This example demonstrates how to retrieve groups that include the text new in their display names from Microsoft Entra ID. + +### Example 6: Listing ownerless groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraBetaGroup -All +$groupsWithoutOwners = foreach ($group in $allGroups) { + $owners = Get-EntraBetaGroupOwner -ObjectId $group.Id + if ($owners.Count -eq 0) { + $group + } +} +$groupsWithoutOwners | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without owners. By identifying ownerless groups, IT admins can improve overall governance and operational efficiency. + +### Example 7: Listing empty groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraBetaGroup -All +$groupsWithoutMembers = foreach ($group in $allGroups) { + $members = Get-EntraBetaGroupMember -ObjectId $group.Id + if ($members.Count -eq 0) { + $group + } +} +$groupsWithoutMembers | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without members. By identifying memberless groups, IT admins can identify and clean up unused or obsolete groups that no longer serve a purpose. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The unique identifier of a group in Microsoft Entra ID. (GroupId) + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaGroup](New-EntraBetaGroup.md) + +[Remove-EntraBetaGroup](Remove-EntraBetaGroup.md) + +[Set-EntraBetaGroup](Set-EntraBetaGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupAppRoleAssignment.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupAppRoleAssignment.md new file mode 100644 index 0000000000..d3121ba032 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupAppRoleAssignment.md @@ -0,0 +1,181 @@ +--- +title: Get-EntraBetaGroupAppRoleAssignment +description: This article provides details on the Get-EntraBetaGroupAppRoleAssignment command. + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraBetaGroupAppRoleAssignment + +## Synopsis + +Gets a group application role assignment. + +## Syntax + +```powershell +Get-EntraBetaGroupAppRoleAssignment + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaGroupAppRoleAssignment` cmdlet gets a group application role assignment in Microsoft Entra ID. Specify the `GroupId` parameter to get a group application role assignment. + +## Examples + +### Example 1: Retrieve application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$GroupId = (Get-EntraBetaGroup -Top 1).ObjectId +Get-EntraBetaGroupAppRoleAssignment -GroupId $GroupId +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves the application role assignments of a group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 2: Retrieve all application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaGroupAppRoleAssignment -GroupId 'eeeeeeee-4444-5555-6666-ffffffffffff' -All +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves all application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 3: Retrieve top two application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaGroupAppRoleAssignment -GroupId 'cccccccc-8888-9999-0000-dddddddddddd' -Top 2 +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +``` + +This example retrieves top two application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) + +[New-EntraBetaGroupAppRoleAssignment](New-EntraBetaGroupAppRoleAssignment.md) + +[Remove-EntraBetaGroupAppRoleAssignment](Remove-EntraBetaGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupLifecyclePolicy.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupLifecyclePolicy.md new file mode 100644 index 0000000000..f77e881e9d --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupLifecyclePolicy.md @@ -0,0 +1,140 @@ +--- +title: Get-EntraBetaGroupLifecyclePolicy +description: This article provides details on the Get-EntraBetaGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaGroupLifecyclePolicy + +## Synopsis + +Retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaGroupLifecyclePolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaGroupLifecyclePolicy` command retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. Specify the `-GroupLifecyclePolicyId` parameter to get the group lifecycle policy. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Examples + +### Example 1: Retrieve all groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaGroupLifecyclePolicy +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +eeeeeeee-4444-5555-6666-ffffffffffff example@contoso.com 200 Selected +``` + +This example demonstrates how to retrieve the properties and relationships of all groupLifecyclePolicies in Microsoft Entra ID. + +### Example 2: Retrieve properties of an groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId 'ffffffff-5555-6666-7777-aaaaaaaaaaaa' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 Selected +``` + +This command is used to retrieve a specific Microsoft Group Lifecycle Policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaGroupLifecyclePolicy](Set-EntraBetaGroupLifecyclePolicy.md) + +[New-EntraBetaGroupLifecyclePolicy](New-EntraBetaGroupLifecyclePolicy.md) + +[Remove-EntraBetaGroupLifecyclePolicy](Remove-EntraBetaGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupMember.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupMember.md new file mode 100644 index 0000000000..9996a56a9d --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupMember.md @@ -0,0 +1,214 @@ +--- +title: Get-EntraBetaGroupMember +description: This article provides details on the Get-EntraBetaGroupMember command. + +ms.topic: reference +ms.date: 06/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroupMember + +schema: 2.0.0 +--- + +# Get-EntraBetaGroupMember + +## Synopsis + +Gets a member of a group. + +## Syntax + +```powershell +Get-EntraBetaGroupMember + -GroupId + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaGroupMember` cmdlet gets a member of a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a member of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: `microsoft.directory/groups/members/read`, `microsoft.directory/groups/members/limitedRead`, or `microsoft.directory/groups/hiddenMembers/read` (for hidden members). The following least privileged roles support this operation: + +- Group owners +- "Member" users +- "Guest" users (with limited read permissions) +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator (includes hidden members) +- Exchange Administrator (includes hidden members) +- SharePoint Administrator (includes hidden members) +- Intune Administrator (includes hidden members) +- Teams Administrator (includes hidden members) +- Yammer Administrator (includes hidden members) + +To list members of a hidden group, the `Member.Read.Hidden` permission is also required. + +## Examples + +### Example 1: Get a group member by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupMember -GroupId 'eeeeeeee-4444-5555-6666-ffffffffffff' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This example demonstrates how to retrieve group member by ID. + +- `-GroupId` Specifies the ID of a group. + +### Example 2: Get two group member + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupMember -GroupId 'bbbbbbbb-7777-8888-9999-cccccccccccc' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +cccccccc-8888-9999-0000-dddddddddddd +dddddddd-9999-0000-1111-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve top two groups from Microsoft Entra ID. + +- `-GroupId` specifies the ID of a group. + +### Example 3: Get all members within a group by group ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupMember -GroupId 'dddddddd-9999-0000-1111-eeeeeeeeeeee' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +cccccccc-8888-9999-0000-dddddddddddd +``` + +This example retrieves all members within a group by group ID. + +- `-GroupId` specifies the ID of a group. + +### Example 4: Retrieve and Select Group Member Properties + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupMember -GroupId 'tttttttt-0000-2222-0000-aaaaaaaaaaaa' | Select-Object DisplayName, '@odata.type' +``` + +```Output +displayName @odata.type +----------- ----------- +test1 #microsoft.graph.user +test2 #microsoft.graph.user +test2 #microsoft.graph.servicePrincipal +test3 #microsoft.graph.servicePrincipal +``` + +This example retrieves the members of a specified group by its `GroupId` and selects only the `DisplayName` and `@odata.type` properties for each member. + +- `-GroupId` specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaGroupMember](Add-EntraBetaGroupMember.md) + +[Remove-EntraBetaGroupMember](Remove-EntraBetaGroupMember.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupOwner.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupOwner.md new file mode 100644 index 0000000000..88244c7718 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupOwner.md @@ -0,0 +1,183 @@ +--- +title: Get-EntraBetaGroupOwner +description: This article provides details on the Get-EntraBetaGroupOwner command. + +ms.topic: reference +ms.date: 06/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroupOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaGroupOwner + +## Synopsis + +Gets an owner of a group. + +## Syntax + +```powershell +Get-EntraBetaGroupOwner + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaGroupOwner` cmdlet gets an owner of a group in Microsoft Entra ID. Specify `GroupId` parameter gets an owner of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/owners/read` permission. The following least privileged roles support this operation: + +- Group owners +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator + +## Examples + +### Example 1: Get a group owner by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupOwner -GroupId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to retrieve the owner of a specific group. + +- `-GroupId` parameter specifies the ID of a group. + +### Example 2: Gets all group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupOwner -GroupId 'ffffffff-5555-6666-7777-aaaaaaaaaaaa' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve the all owner of a specific group. + +- `-GroupId` parameter specifies the ID of a group. + +### Example 3: Gets two group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupOwner -GroupId 'bbbbbbbb-7777-8888-9999-cccccccccccc' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-9999-0000-1111-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to retrieve the top two owners of a specific group. + +- `-GroupId` parameter specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaGroupOwner](Add-EntraBetaGroupOwner.md) + +[Remove-EntraBetaGroupOwner](Remove-EntraBetaGroupOwner.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupPermissionGrant.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupPermissionGrant.md new file mode 100644 index 0000000000..976f442b3b --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaGroupPermissionGrant.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaGroupPermissionGrant +description: This article provides details on the Get-EntraBetaGroupPermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGroupPermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraBetaGroupPermissionGrant + +## Synopsis + +Retrieve a list of permission grants consented for this group. + +## Syntax + +```powershell +Get-EntraBetaGroupPermissionGrant + -GroupId + [-Property ] + [] +``` + +## Description + +Retrieve a list of permission grants consented for this group. + +## Examples + +### Example 1: List existing permission grants for the group + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraBetaGroupPermissionGrant -GroupId 'CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3' +``` + +```Output + Id : CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3 + ClientId : 00001111-aaaa-2222-bbbb-3333cccc4444 + ClientAppId : 44445555-eeee-6666-ffff-7777aaaa8888 + ResourceAppId : bbbb1111-cc22-3333-44dd-555555eeeeee + PermissionType : Application + Permission : Member.Read.Group +``` + +This cmdlet list existing permission grants for the specified group. + +## Parameters + +### -GroupId + +The unique identifier of group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.GetMSGroupPermissionGrantsResponse + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaLifecyclePolicyGroup.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaLifecyclePolicyGroup.md new file mode 100644 index 0000000000..f0d7b27e00 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaLifecyclePolicyGroup.md @@ -0,0 +1,110 @@ +--- +title: Get-EntraBetaLifecyclePolicyGroup +description: This article provides details on the Get-EntraBetaLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaLifecyclePolicyGroup + +## Synopsis + +Retrieves the lifecycle policy object to which a group belongs. + +## Syntax + +```powershell +Get-EntraBetaLifecyclePolicyGroup + -GroupId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaLifecyclePolicyGroup` retrieves the lifecycle policy object to which a group belongs. Specify the `-GroupId` parameter to get the lifecycle policy object to which a group belongs. + +## Examples + +### Example 1: Retrieve lifecycle policy object + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaLifecyclePolicyGroup -GroupId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +bbbbbbbb-1111-2222-3333-cccccccccccc admingroup@contoso.com 200 All +``` + +This example demonstrates how to retrieve lifecycle policy object by Id in Microsoft Entra ID. + +- `-GroupId` - specifies the ID of a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraBetaLifecyclePolicyGroup](Add-EntraBetaLifecyclePolicyGroup.md) + +[Remove-EntraBetaLifecyclePolicyGroup](Remove-EntraBetaLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectByObjectId.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectByObjectId.md new file mode 100644 index 0000000000..6670c3e675 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectByObjectId.md @@ -0,0 +1,140 @@ +--- +title: Get-EntraBetaObjectByObjectId +description: This article provides details on the Get-EntraBetaObjectByObjectId. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaObjectByObjectId + +schema: 2.0.0 +--- + +# Get-EntraBetaObjectByObjectId + +## Synopsis + +Retrieves the objects specified by the ObjectIds parameter. + +## Syntax + +```powershell +Get-EntraBetaObjectByObjectId + [-Types ] + -ObjectIds + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaObjectByObjectId` cmdlet retrieves the objects specified by the ObjectIds parameter. + +## Examples + +### Example 1: Get an object One or more object IDs + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaObjectByObjectId -ObjectIds 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb', 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to retrieve objects for a specified object Ids. + +- `ObjectIds` parameter specifies the One or more object IDs. + +### Example 2: Get an object by types + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaObjectByObjectId -ObjectIds 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Types User +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve objects for a specified object type. + +- `-ObjectIds` parameter specifies the One or more object IDs. +- `-Types` parameter specifies the type of object ID. + +## Parameters + +### -ObjectIds + +One or more object IDs's, separated by commas, for which the objects are retrieved. The IDs are GUIDs, represented as strings. You can specify up to 1,000 IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Types + +Specifies the type of objects that the cmdlet returns. If not specified, the default is directoryObject, which includes all resource types defined in the directory. You can specify any object derived from directoryObject in the collection, such as user, group, and device objects. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectSetting.md b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectSetting.md new file mode 100644 index 0000000000..d5b51ea9ac --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Get-EntraBetaObjectSetting.md @@ -0,0 +1,262 @@ +--- +title: Get-EntraBetaObjectSetting +description: This article provides details on the Get-EntraBetaObjectSetting command. + + +ms.topic: reference +ms.date: 08/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaObjectSetting + +schema: 2.0.0 +--- + +# Get-EntraBetaObjectSetting + +## Synopsis + +Gets an object setting. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaObjectSetting + -TargetType + -TargetObjectId + [-Top ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaObjectSetting + -Id + -TargetType + -TargetObjectId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaObjectSetting` cmdlet retrieves an object setting from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraBetaObjectSetting @params +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 2: Retrieve a specific object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' + Id ='aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraBetaObjectSetting @params +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves Specific object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. +- `-Id` Parameter specifies the ID of a settings object. + +### Example 3: Retrieve top one object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraBetaObjectSetting @params -Top 1 +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves top one object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 4: Retrieve all object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraBetaObjectSetting @params -All +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves all records of object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a settings object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the ID of the target object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the target type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaObjectSetting](New-EntraBetaObjectSetting.md) + +[Remove-EntraBetaObjectSetting](Remove-EntraBetaObjectSetting.md) + +[Set-EntraBetaObjectSetting](Set-EntraBetaObjectSetting.md) diff --git a/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroup.md b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroup.md new file mode 100644 index 0000000000..ebd08aa6d5 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroup.md @@ -0,0 +1,446 @@ +--- +title: New-EntraBetaGroup +description: This article provides details on the New-EntraBetaGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaGroup + +schema: 2.0.0 +--- + +# New-EntraBetaGroup + +## Synopsis + +Creates a Microsoft Entra ID group. + +## Syntax + +```powershell +New-EntraBetaGroup + -DisplayName + -MailNickname + -MailEnabled + -SecurityEnabled + [-MembershipRule ] + [-Description ] + [-GroupTypes ] + [-Visibility ] + [-MembershipRuleProcessingState ] + [-IsAssignableToRole ] + [] +``` + +## Description + +The `New-EntraBetaGroup` cmdlet creates a Microsoft Entra ID group. Specify the `DisplayName`, `MailNickname`, `MailEnabled` and `SecurityEnabled` parameters for creating a Microsoft Entra ID group. + +For information about creating dynamic groups, see: [Using attributes to create advanced rules](https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership). + +**Notes on permissions:** + +- To create the group with users as owners or members, the app must have at least the `User.Read.All` permission. +- To create the group with other service principals as owners or members, the app must have at least the `Application.Read.All` permission. +- To create the group with either users or service principals as owners or members, the app must have at least the `Directory.Read.All` permission. + +## Examples + +### Example 1: Create a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq helpDeskAdminGroup {} +``` + +This example demonstrates how to create the new group. + +### Example 2: Create a group with Description parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group' + MailEnabled = $false + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $true + Description = 'Group assignable to role' +} + +New-EntraBetaGroup @params +``` + +```Output + +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group zzzzzzzz-6666-8888-9999-pppppppppppp helpDeskAdminGroup Group assignable to role {} + +``` + +This example demonstrates how to create the new group with description parameter. + +### Example 3: Create a group with IsAssignableToRole parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + Description = 'Group assignable to role' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + IsAssignableToRole = $True +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 vvvvvvvv-8888-9999-0000-jjjjjjjjjjjj helpDeskAdminGroup Group assignable to role {} +``` + +This example demonstrates how to create the new group with IsAssignableToRole parameter. + +### Example 4: Create a group with Visibility parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + Description = 'Group assignable to role' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + Visibility = 'Private' +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 gggggggg-0000-4444-3333-llllllllllll helpDeskAdminGroup Group assignable to role {} +``` + +This example demonstrates how to create the new group with Visibility parameter. + +### Example 5: Create a group with GroupTypes parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group3' + Description = 'group des' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup1' + SecurityEnabled = $True + GroupTypes = 'Unified' +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group3 xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb helpDeskAdminGroup1 group des {Unified} +``` + +This example demonstrates how to create the new group with GroupTypes parameter. + +### Example 6: Create a group membership rule processing state parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' #Delegated Permission +Connect-Entra -Scopes 'Group.Create' #Application permission +$params = @{ + DisplayName = 'HelpDesk admin group2' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + MembershipRuleProcessingState = 'On' +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb helpDeskAdminGroup {} +``` + +This example demonstrates how to create the new group with MembershipRuleProcessingState parameter + +### Example 7: Create a group membership rule parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' #Delegated Permission +Connect-Entra -Scopes 'Group.Create' #Application permission +$params = @{ + DisplayName = 'HelpDesk admin group2' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + MembershipRule = '(user.department -contains "Marketing")' + MembershipRuleProcessingState = 'On' +} + +New-EntraBetaGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb helpDeskAdminGroup {} +``` + +This example demonstrates how to create a new group with the following rule: + +\`user.department -contains "Marketing"\` + +The double quotation marks are replaced with single quotation marks. + +The processing state is On. +Which means that all users in the directory that qualify the rule are added as members to the group. +Any users that don't qualify are removed from the group. + +## Parameters + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a unified or dynamic group. + +Notes: + +- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailEnabled + +Specifies whether this group is mail enabled. + +Currently, you can't create mail enabled groups in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. +If MailEnabled is $False, you must still specify a mail nickname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRule + +Specifies the membership rule for a dynamic group. + +For more information about the rules that you can use for dynamic groups, see Using attributes to create advanced rules (). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRuleProcessingState + +Specifies the rule processing state. +The acceptable values for this parameter are: + +- "On" - Process the group rule. +- "Paused" - Stop processing the group rule. + +Changing the value of the processing state doesn't change the members list of the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Specifies whether the group is security enabled. +For security groups, this value must be $True. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +This parameter determines the visibility of the group's content and members list. + +This parameter can take one of the following values: + +- "Public" - Anyone can view the contents of the group +- "Private" - Only members can view the content of the group +- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value is "Public". + +Notes: + +- This parameter is only valid for groups that have the groupType set to "Unified". +- If a group has this attribute set to "HiddenMembership", it can't be changed later. +- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) + +[Remove-EntraBetaGroup](Remove-EntraBetaGroup.md) + +[Set-EntraBetaGroup](Set-EntraBetaGroup.md) + +[Using attributes to create advanced rules](https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership) diff --git a/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupAppRoleAssignment.md b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupAppRoleAssignment.md new file mode 100644 index 0000000000..97c93ad2e2 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupAppRoleAssignment.md @@ -0,0 +1,148 @@ +--- +title: New-EntraBetaGroupAppRoleAssignment +description: This article provides details on the New-EntraBetaGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaGroupAppRoleAssignment + +## Synopsis + +Assign a group of users to an application role. + +## Syntax + +```powershell +New-EntraBetaGroupAppRoleAssignment + -ResourceId + -AppRoleId + -GroupId + -PrincipalId + [] +``` + +## Description + +The `New-EntraBetaGroupAppRoleAssignment` cmdlet assigns a group of users to an application role in Microsoft Entra ID. + +## Examples + +### Example 1: Assign a group of users to an application + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$appname = 'Box' +$spo = Get-EntraBetaServicePrincipal -Filter "Displayname eq '$appname'" +$group = Get-EntraBetaGroup -SearchString 'Contoso Team' +New-EntraBetaGroupAppRoleAssignment -GroupId $group.ObjectId -PrincipalId $group.ObjectId -ResourceId $spo.ObjectId -AppRoleId $spo.Approles[1].id +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + AaBbCcDdEeFfGgHhIiJjKkLlMmNnOo1 00000000-0000-0000-0000-000000000000 3/13/2024 4:41:43 AM Contoso Team aaaaaaaa-bbbb-cccc-1111-222222222222 +3/13/2024 4:45:00 AM BbCcDdEeFfGgHhIiJjKkLlMmNnOoPp2 00000000-0000-0000-0000-000000000000 3/13/2024 4:45:00 AM Finance Group bbbbbbbb-cccc-dddd-2222-333333333333 +``` + +This example demonstrates how to assign a group of users to an application role in Microsoft Entra ID. + +- `-GroupId` parameter specifies the ID of a group to which you're assigning the app role. +- `-PrincipalId` parameter specifies the ID of a group to which you're assigning the app role. +- `-ResourceId` parameter specifies the ID of a resource service Principal, which has defined the app role. +- `-AppRoleId` parameter specifies the ID of a appRole (defined on the resource service principal) to assign to the group. + +## Parameters + +### -AppRoleId + +Specifies the ID of the app role (defined on the resource service principal) to assign. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a user (as a UserPrincipalName or GroupId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies the principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The unique identifier (ID) for the resource service principal for which the assignment is made. +Required on create. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroupAppRoleAssignment](Get-EntraBetaGroupAppRoleAssignment.md) + +[Remove-EntraBetaGroupAppRoleAssignment](Remove-EntraBetaGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupLifecyclePolicy.md b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupLifecyclePolicy.md new file mode 100644 index 0000000000..ef0e835d05 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/New-EntraBetaGroupLifecyclePolicy.md @@ -0,0 +1,138 @@ +--- +title: New-EntraBetaGroupLifecyclePolicy +description: This article provides details on the New-EntraBetaGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# New-EntraBetaGroupLifecyclePolicy + +## Synopsis + +Creates a new groupLifecyclePolicy. + +## Syntax + +```powershell +New-EntraBetaGroupLifecyclePolicy + -AlternateNotificationEmails + -ManagedGroupTypes + -GroupLifetimeInDays + [] +``` + +## Description + +Creates a new groupLifecyclePolicy in Microsoft Entra ID. + +## Examples + +### Example 1: Creates a new groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$Params = @{ + GroupLifetimeInDays = 99 + ManagedGroupTypes = 'Selected' + AlternateNotificationEmails = 'example@contoso.com' +} +New-EntraBetaGroupLifecyclePolicy @params +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb example@contoso.com 99 Selected +``` + +This example creates a new groupLifecyclePolicy with a group lifetime of 99 days for a selected set of Office 365 groups. Renewal notification emails are sent to for groups without owners. + +- `-GroupLifetimeInDays` parameter specifies the number of days a group can exist before it needs to be renewed. +- `-ManagedGroupTypes` parameter allows the admin to select which office 365 groups the policy applies to. +- `-AlternateNotificationEmails` parameter specifies notification emails for group. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups without owners are sent to these email addresses, separated by a ';'. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +This parameter allows the admin to select which Office 365 groups the policy applies to. +'None' creates the policy in a disabled state. +'All' applies the policy to every Office 365 group in the tenant. +'Selected' allows the admin to choose specific Office 365 groups to which the policy applies. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaGroupLifecyclePolicy](Set-EntraBetaGroupLifecyclePolicy.md) + +[Get-EntraBetaGroupLifecyclePolicy](Get-EntraBetaGroupLifecyclePolicy.md) + +[Remove-EntraBetaGroupLifecyclePolicy](Remove-EntraBetaGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-beta/Groups/New-EntraBetaObjectSetting.md b/module/docs/entra-powershell-beta/Groups/New-EntraBetaObjectSetting.md new file mode 100644 index 0000000000..642cbdc4c5 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/New-EntraBetaObjectSetting.md @@ -0,0 +1,131 @@ +--- +title: New-EntraBetaObjectSetting +description: This article provides details on the New-EntraBetaObjectSetting command. + + +ms.topic: reference +ms.date: 08/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaObjectSetting + +schema: 2.0.0 +--- + +# New-EntraBetaObjectSetting + +## Synopsis + +Creates a settings object. + +## Syntax + +```powershell +New-EntraBetaObjectSetting + -DirectorySetting + -TargetType + -TargetObjectId + [] +``` + +## Description + +The `New-EntraBetaObjectSetting` cmdlet creates a settings object in Microsoft Entra ID. + +## Examples + +### Example 1: Creates a settings object + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$template = Get-EntraBetaDirectorySettingTemplate | ? {$_.displayname -eq 'group.unified.guest'} +$settingsCopy = $template.CreateDirectorySetting() +$settingsCopy['AllowToAddGuests']=$False +$groupID= (Get-EntraBetaGroup -SearchString 'Demo group123').ObjectId +New-EntraBetaObjectSetting -TargetType 'Groups' -TargetObjectId $groupID -DirectorySetting $settingsCopy +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command creates a new settings object. + +- `-TargetType` Parameter specifies the type of the directory object. +- `-TargetObjectId` Parameter specifies the ID of directory object to which to assign settings. +- `-DirectorySetting` Parameter Create a new setting using templates from `DirectorySettingTemplates` + +## Parameters + +### -DirectorySetting + +Specifies the new settings. + +```yaml +Type: DirectorySetting +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the ID of directory object to which to assign settings. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the type of the directory object to which to assign settings. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaObjectSetting](Get-EntraBetaObjectSetting.md) + +[Remove-EntraBetaObjectSetting](Remove-EntraBetaObjectSetting.md) + +[Set-EntraBetaObjectSetting](Set-EntraBetaObjectSetting.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroup.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroup.md new file mode 100644 index 0000000000..82ae0c2933 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroup.md @@ -0,0 +1,94 @@ +--- +title: Remove-EntraBetaGroup +description: This article provides details on the Remove-EntraBetaGroup command. + + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaGroup + +schema: 2.0.0 +--- + +# Remove-EntraBetaGroup + +## Synopsis + +Removes a group. + +## Syntax + +```powershell +Remove-EntraBetaGroup + -GroupId + [] +``` + +## Description + +The `Remove-EntraBetaGroup` cmdlet removes a group from Microsoft Entra ID. Specify the `GroupId` parameter removes a group. + +Unified Group can be restored withing 30 days after deletion using the `Restore-EntraBetaDeletedDirectoryObject` cmdlet. Security groups can't be restored after deletion. + +**Notes on permissions:** + +The following conditions apply for apps to delete role-assignable groups: + +- For delegated scenarios, the app must be assigned the `RoleManagement.ReadWrite.Directory` delegated permission, and the calling user must be the creator of the group or be assigned at least the Privileged Role Administrator Microsoft Entra role. +- For app-only scenarios, the calling app must be the owner of the group or be assigned the `RoleManagement.ReadWrite.Directory` application permission or be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Remove a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Remove-EntraBetaGroup -GroupId $group.Id +``` + +This example demonstrates how to remove a group in Microsoft Entra ID. + +- `GroupId` parameter specifies the group ID . + +## Parameters + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) + +[New-EntraBetaGroup](New-EntraBetaGroup.md) + +[Set-EntraBetaGroup](Set-EntraBetaGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.md new file mode 100644 index 0000000000..f7a2480edf --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupAppRoleAssignment.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraBetaGroupAppRoleAssignment +description: This article provides details on the Remove-EntraBetaGroupAppRoleAssignment command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraBetaGroupAppRoleAssignment + +## Synopsis + +Delete a group application role assignment. + +## Syntax + +```powershell +Remove-EntraBetaGroupAppRoleAssignment + -GroupId + -AppRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraBetaGroupAppRoleAssignment` cmdlet removes a group application role assignment from Microsoft Entra ID. + +## Examples + +### Example 1: Remove group app role assignment + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.Id + AppRoleAssignmentId = 'CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3' +} +Remove-EntraBetaGroupAppRoleAssignment @params +``` + +This example demonstrates how to remove the specified group application role assignment. + +- `-GroupId` parameter specifies the object ID of a group. +- `-AppRoleAssignmentId` parameter specifies the object ID of a group application role assignment. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the object ID of the group application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroupAppRoleAssignment](Get-EntraBetaGroupAppRoleAssignment.md) + +[New-EntraBetaGroupAppRoleAssignment](New-EntraBetaGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.md new file mode 100644 index 0000000000..48f6ad8e18 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupLifecyclePolicy.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaGroupLifecyclePolicy +description: This article provides details on the Remove-EntraBetaGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaGroupLifecyclePolicy + +## Synopsis + +Deletes a groupLifecyclePolicies object + +## Syntax + +```powershell +Remove-EntraBetaGroupLifecyclePolicy + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Remove-EntraBetaGroupLifecyclePolicy` command deletes a groupLifecyclePolicies object in Microsoft Entra ID. Specify `GroupLifecyclePolicyId` parameter deletes the groupLifecyclePolicies object. + +## Examples + +### Example 1: Remove a groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId '1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5' +``` + +This example demonstrates how to delete the groupLifecyclePolicies object that has the specified ID. You can use `Get-EntraBetaGroupLifecyclePolicy` to get Id details. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraBetaGroupLifecyclePolicy](Get-EntraBetaGroupLifecyclePolicy.md) + +[New-EntraBetaGroupLifecyclePolicy](New-EntraBetaGroupLifecyclePolicy.md) + +[Set-EntraBetaGroupLifecyclePolicy](Set-EntraBetaGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupMember.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupMember.md new file mode 100644 index 0000000000..3a18dece3f --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupMember.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraBetaGroupMember +description: This article provides details on the Remove-EntraBetaGroupMember command. + + +ms.topic: reference +ms.date: 06/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaGroupMember + +schema: 2.0.0 +--- + +# Remove-EntraBetaGroupMember + +## Synopsis + +Removes a member from a group. + +## Syntax + +```powershell +Remove-EntraBetaGroupMember + -GroupId + -MemberId + [] +``` + +## Description + +The `Remove-EntraBetaGroupMember` cmdlet removes a member from a group in Microsoft Entra ID. Specify the `GroupId` and `MemberId` parameters to remove a member from a group. + +## Examples + +### Example 1: Remove a member + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MemberId = 'zzzzzzzz-6666-8888-9999-pppppppppppp' +} + +Remove-EntraBetaGroupMember @params +``` + +This example demonstrates how to remove a member from a group in Microsoft Entra ID. + +## Parameters + +### -MemberId + +Specifies the ID of the member to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaGroupMember](Add-EntraBetaGroupMember.md) + +[Get-EntraBetaGroupMember](Get-EntraBetaGroupMember.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupOwner.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupOwner.md new file mode 100644 index 0000000000..cae70ab937 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaGroupOwner.md @@ -0,0 +1,107 @@ +--- +title: Remove-EntraBetaGroupOwner +description: This article provides details on the Remove-EntraBetaGroupOwner command. + + +ms.topic: reference +ms.date: 06/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaGroupOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaGroupOwner + +## Synopsis + +Removes an owner from a group. + +## Syntax + +```powershell +Remove-EntraBetaGroupOwner + -OwnerId + -GroupId + [] +``` + +## Description + +The `Remove-EntraBetaGroupOwner` cmdlet removes an owner from a group in Microsoft Entra ID. Specify the `GroupId` and `OwnerId` parameters to remove an owner from a group. + +## Examples + +### Example 1: Remove an owner + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.Id + OwnerId = 'xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb' +} + +Remove-EntraBetaGroupOwner @params +``` + +This example demonstrates how to remove an owner from a group in Microsoft Entra ID. + +- `GroupId` specifies the ID of a group in Microsoft Entra ID. + +- `OwnerId` specifies the ID of an owner. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of an owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Add-EntraBetaGroupOwner](Add-EntraBetaGroupOwner.md) + +[Get-EntraBetaGroupOwner](Get-EntraBetaGroupOwner.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.md new file mode 100644 index 0000000000..c70b3a6530 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaLifecyclePolicyGroup.md @@ -0,0 +1,117 @@ +--- +title: Remove-EntraBetaLifecyclePolicyGroup +description: This article provides details on the Remove-EntraBetaLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 07/23/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Remove-EntraBetaLifecyclePolicyGroup + +## Synopsis + +Removes a group from a lifecycle policy. + +## Syntax + +```powershell +Remove-EntraBetaLifecyclePolicyGroup + -GroupLifecyclePolicyId + -GroupId + [] +``` + +## Description + +The `Remove-EntraBetaLifecyclePolicyGroup` cmdlet removes a group from a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1: Remove lifecycle policy group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraBetaLifecyclePolicyGroup -Id $group.ObjectId +$params = @{ + GroupLifecyclePolicyId = $policy.Id + GroupId = $group.ObjectId +} +Remove-EntraBetaLifecyclePolicyGroup @params +``` + +```Output +Value +----- +True +``` + +This example demonstrates how to remove a group from a lifecycle policy in Microsoft Entra ID with specified Id and groupId. + +- `-GroupLifecyclePolicyId` parameter specifies the lifecycle policy object ID. +- `-GroupId` parameter specifies the ID of Office365 group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraBetaLifecyclePolicyGroup](Add-EntraBetaLifecyclePolicyGroup.md) + +[Get-EntraBetaLifecyclePolicyGroup](Get-EntraBetaLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaObjectSetting.md b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaObjectSetting.md new file mode 100644 index 0000000000..f28ba46a2b --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Remove-EntraBetaObjectSetting.md @@ -0,0 +1,126 @@ +--- +title: Remove-EntraBetaObjectSetting +description: This article provides details on the Remove-EntraBetaObjectSetting command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaObjectSetting + +schema: 2.0.0 +--- + +# Remove-EntraBetaObjectSetting + +## Synopsis + +Deletes settings in Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraBetaObjectSetting + -Id + -TargetType + -TargetObjectId + [] +``` + +## Description + +The `Remove-EntraBetaObjectSetting` cmdlet removes object settings in Microsoft Entra ID. + +## Examples + +### Example 1: Removes object settings + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Remove-EntraBetaObjectSetting @params +``` + +This example removes object settings from Microsoft Entra ID + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. +- `-Id` Parameter specifies the ID of a settings object. + +## Parameters + +### -Id + +Specifies the ID of a settings object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the object ID of the target. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the target type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaObjectSetting](Get-EntraBetaObjectSetting.md) + +[New-EntraBetaObjectSetting](New-EntraBetaObjectSetting.md) + +[Set-EntraBetaObjectSetting](Set-EntraBetaObjectSetting.md) diff --git a/module/docs/entra-powershell-beta/Groups/Reset-EntraBetaLifeCycleGroup.md b/module/docs/entra-powershell-beta/Groups/Reset-EntraBetaLifeCycleGroup.md new file mode 100644 index 0000000000..5e12cbd27f --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Reset-EntraBetaLifeCycleGroup.md @@ -0,0 +1,84 @@ +--- +title: Reset-EntraBetaLifeCycleGroup +description: This article provides details on the Reset-EntraBetaLifeCycleGroup command. + + +ms.topic: reference +ms.date: 07/23/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Reset-EntraBetaLifeCycleGroup + +schema: 2.0.0 +--- + +# Reset-EntraBetaLifeCycleGroup + +## Synopsis + +Renews a group by updating the RenewedDateTime property on a group to the current DateTime. + +## Syntax + +```powershell +Reset-EntraBetaLifeCycleGroup + -GroupId + [] +``` + +## Description + +The `Reset-EntraBetaLifeCycleGroup` renews a group by updating the RenewedDateTime property on a group to the current DateTime. +When a group is renewed, the group expiration is extended by the number of days defined in the policy. + +## Examples + +### Example 1: Renew a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +Reset-EntraBetaLifeCycleGroup -GroupId 'hhhhhhhh-8888-9999-8888-cccccccccccc' +``` + +This example demonstrates how to renew a specified group. + +- `-GroupId` - Specifies the lifecycle policy object ID. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.md b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.md new file mode 100644 index 0000000000..2c900e6efa --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsContactIsMemberOf.md @@ -0,0 +1,99 @@ +--- +title: Select-EntraBetaGroupIdsContactIsMemberOf +description: This article provides details on the Select-EntraBetaGroupIdsContactIsMemberOf. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Select-EntraBetaGroupIdsContactIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraBetaGroupIdsContactIsMemberOf + +## Synopsis + +Get groups in which a contact is a member. + +## Syntax + +```powershell +Select-EntraBetaGroupIdsContactIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraBetaGroupIdsContactIsMemberOf` cmdlet gets groups in Microsoft Entra ID in which a contact is a member. + +## Examples + +### Example 1: Get groups in which a contact is a member + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All,Group.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraBetaGroup -Filter "DisplayName eq 'Entra PowerShell Group'").ObjectId +$UserID = (Get-EntraBetaContact -ObjectId 'hhhhhhhh-8888-9999-8888-cccccccccccc').ObjectId +Select-EntraBetaGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups +``` + +This example demonstrates how to get groups in which a contact is a member. + +- `-ObjectId` parameter specifies the contact Object ID. +- `-GroupIdsForMembershipCheck` parameter specifies the group Object ID. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the object ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.md b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.md new file mode 100644 index 0000000000..956c9eae62 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsGroupIsMemberOf.md @@ -0,0 +1,101 @@ +--- +title: Select-EntraBetaGroupIdsGroupIsMemberOf +description: This article provides details on the Select-EntraBetaGroupIdsGroupIsMemberOf. + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Select-EntraBetaGroupIdsGroupIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraBetaGroupIdsGroupIsMemberOf + +## Synopsis + +Gets group IDs that a group is a member of. + +## Syntax + +```powershell +Select-EntraBetaGroupIdsGroupIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraBetaGroupIdsGroupIsMemberOf` cmdlet gets the groups that a specified group is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a group + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraBetaGroup -Top 1).ObjectId +$GroupId = (Get-EntraBetaGroup -Top 1).ObjectId +Select-EntraBetaGroupIdsGroupIsMemberOf -ObjectId $GroupId -GroupIdsForMembershipCheck $Groups +``` + +This example gets the group membership of a group identified by $GroupId. Use `Get-EntraBetaGroup` cmdlet to obtain group `ObjectId` value. + +- `-ObjectId` parameter specifies the group ID. +- `-GroupIdsForMembershipCheck` Specifies an array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.md b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.md new file mode 100644 index 0000000000..5b45323290 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Select-EntraBetaGroupIdsUserIsMemberOf.md @@ -0,0 +1,109 @@ +--- +title: Select-EntraBetaGroupIdsUserIsMemberOf +description: This article provides details on the Select-EntraBetaGroupIdsUserIsMemberOf command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Select-EntraBetaGroupIdsUserIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraBetaGroupIdsUserIsMemberOf + +## Synopsis + +Selects the groups that a user is a member of. + +## Syntax + +```powershell +Select-EntraBetaGroupIdsUserIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraBetaGroupIdsUserIsMemberOf` cmdlet selects the groups that a user is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a user + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$myGroup = Get-EntraBetaGroup -Filter "DisplayName eq ''" +$UserId = 'SawyerM@contoso.com' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = $myGroup.ObjectId +$Params = @{ + ObjectId = $UserId + GroupIdsForMembershipCheck = $Groups +} +Select-EntraBetaGroupIdsUserIsMemberOf @Params +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example retrieves the group membership of a group for a user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-GroupIdsForMembershipCheck` parameter specifies the group Object Ids. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroup.md b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroup.md new file mode 100644 index 0000000000..77fdd1c707 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroup.md @@ -0,0 +1,373 @@ +--- +title: Set-EntraBetaGroup +description: This article provides details on the Set-EntraBetaGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaGroup + +schema: 2.0.0 +--- + +# Set-EntraBetaGroup + +## Synopsis + +Sets the properties for an existing Microsoft Entra ID group. + +## Syntax + +```powershell +Set-EntraBetaGroup + -GroupId + [-GroupTypes ] + [-DisplayName ] + [-Description ] + [-IsAssignableToRole ] + [-SecurityEnabled ] + [-Visibility ] + [-MailEnabled ] + [-MailNickname ] + [-MembershipRule ] + [-MembershipRuleProcessingState ] + [] +``` + +## Description + +The `Set-EntraBetaGroup` cmdlet sets the properties for an existing Microsoft Entra ID group. Specify the `GroupId` parameter to set the properties for an existing Microsoft Entra ID group. + +## Examples + +### Example 1: Update a group display name + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + DisplayName = 'UPDATE HelpDesk Team Leaders' +} +Set-EntraBetaGroup @params +``` + +This command updates the display name of a specified group in Microsoft Entra ID. + +### Example 2: Update a group description + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + Description = 'This is my new group' +} +Set-EntraBetaGroup @params +``` + +This example demonstrates how to update a group description. + +### Example 3: Update a group mail nickname + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MailNickName = 'newnickname' +} +Set-EntraBetaGroup @params +``` + +This command updates the mail nickname of a specified group in Microsoft Entra ID. + +### Example 4: Update a group security enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + SecurityEnabled = $true +} +Set-EntraBetaGroup @params +``` + +This command updates the security enabled of a specified group in Microsoft Entra ID. + +### Example 5: Update a group mail enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MailEnabled = $false +} +Set-EntraBetaGroup @params +``` + +This example demonstrates how to update a group main enabled. + +### Example 6: Update a property for a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + Visibility = 'Private' + GroupTypes = 'DynamicMembership' + IsAssignableToRole = $true +} +Set-EntraBetaGroup @params +``` + +This example demonstrates how to update a property for an existing Microsoft Entra ID group. + +### Example 7: Update a group membership rule + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MembershipRule = '(user.UserType -contains "Member")' +} +Set-EntraBetaGroup @params +``` + +This example demonstrates how to update the membership rule of a specified group in Microsoft Entra ID. + +### Example 8: Update a group membership rule processing state + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Set-EntraBetaGroup -GroupId $group.ObjectId -MembershipRuleProcessingState 'On' +``` + +This example demonstrates how to update the membership rule processing state of a specified group in Microsoft Entra ID. + +## Parameters + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a dynamic group. +To create a dynamic group, specify a value of DynamicMembership. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailEnabled + +Indicates whether this group is mail enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRule + +The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership) + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MembershipRuleProcessingState + +Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Indicates whether the group is security enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +Specifies the visibility of the group's content and members list. +This parameter can take one of the following values: + +* "Public": Anyone can view the contents of the group. +* "Private": Only members can view the content of the group. +* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value is "Public." + +Notes: + +* This parameter is only valid for groups that have the groupType set to "Unified." +* If a group has this attribute set to "HiddenMembership," it can't be changed later. +* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraBetaGroup](Get-EntraBetaGroup.md) + +[New-EntraBetaGroup](New-EntraBetaGroup.md) + +[Remove-EntraBetaGroup](Remove-EntraBetaGroup.md) diff --git a/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroupLifecyclePolicy.md b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroupLifecyclePolicy.md new file mode 100644 index 0000000000..fe7d495975 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaGroupLifecyclePolicy.md @@ -0,0 +1,160 @@ +--- +title: Set-EntraBetaGroupLifecyclePolicy +description: This article provides details on the Set-EntraBetaGroupLifecyclePolicy command. + +ms.topic: reference +ms.date: 07/23/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaGroupLifecyclePolicy + +## Synopsis + +Updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraBetaGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-AlternateNotificationEmails ] + [-ManagedGroupTypes ] + [-GroupLifetimeInDays ] + [] +``` + +## Description + +The `Set-EntraBetaGroupLifecyclePolicy` command updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Examples + +### Example 1: Updates group lifecycle policy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$policy = Get-EntraBetaGroupLifecyclePolicy | Select-Object -First 1 +$params = @{ + GroupLifecyclePolicyId = $policy.Id + GroupLifetimeInDays = 200 + AlternateNotificationEmails = 'example@contoso.com' + ManagedGroupTypes = 'All' +} +Set-EntraBetaGroupLifecyclePolicy @params +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 All +``` + +This example updates the specified groupLifecyclePolicy in Microsoft Entra ID. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy to be modified. +- `-GroupLifetimeInDays` parameter specifies the lifetime of the groups in the policy to 200 days. The GroupLifetimeInDays represents the number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the number of days defined. +- `-AlternateNotificationEmails` parameter specifies the email address that receives notifications about the policy. Multiple email address can be defined by separating email address with a semicolon. +- `-ManagedGroupTypes` parameter specifies which office 365 groups the policy applies to. Possible values are `All`, `Selected`, or `None`. +In this case, 'All' suggests that the policy manages all types of groups. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups that have no owners are sent to these email addresses. +List of email addresses separated by a ";". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +Allows the admin to select which office 365 groups the policy applies to. + +- "None" will create the policy in a disabled state. +- "All" will apply the policy to every Office 365 group in the tenant. +- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaGroupLifecyclePolicy](Get-EntraBetaGroupLifecyclePolicy.md) + +[New-EntraBetaGroupLifecyclePolicy](New-EntraBetaGroupLifecyclePolicy.md) + +[Remove-EntraBetaGroupLifecyclePolicy](Remove-EntraBetaGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-beta/Groups/Set-EntraBetaObjectSetting.md b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaObjectSetting.md new file mode 100644 index 0000000000..ba71b02573 --- /dev/null +++ b/module/docs/entra-powershell-beta/Groups/Set-EntraBetaObjectSetting.md @@ -0,0 +1,148 @@ +--- +title: Set-EntraBetaObjectSetting +description: This article provides details on the Set-EntraBetaObjectSetting command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Groups-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaObjectSetting + +schema: 2.0.0 +--- + +# Set-EntraBetaObjectSetting + +## Synopsis + +Updates object settings. + +## Syntax + +```powershell +Set-EntraBetaObjectSetting + -Id + -DirectorySetting + -TargetType + -TargetObjectId + [] +``` + +## Description + +The `Set-EntraBetaObjectSetting` cmdlet updates the settings for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Updates the settings + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$template= Get-EntraBetaDirectorySettingTemplate | ? {$_.displayname -eq "Group.Unified.Guest"} +$settingsCopy = $template.CreateDirectorySetting() +$settingsCopy["AllowToAddGuests"]=$True +$params = @{ + TargetType = 'groups' + TargetObjectId = '22cc22cc-dd33-ee44-ff55-66aa66aa66aa' + DirectorySetting = $settingsCopy + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Set-EntraBetaObjectSetting @params +``` + +This command updated the settings object. + +- `-TargetType` Parameter specifies the type of the directory object. +- `-TargetObjectId` Parameter specifies the ID of directory object to which to assign settings. +- `-DirectorySetting` Parameter Create a new setting using templates from `DirectorySettingTemplates` +- `-Id` Parameter specifies the ID of a settings object. + +## Parameters + +### -DirectorySetting + +Specifies a DirectorySetting object. + +```yaml +Type: DirectorySetting +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a settings object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the object ID of directory object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the target type of a directory object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaObjectSetting](Get-EntraBetaObjectSetting.md) + +[New-EntraBetaObjectSetting](New-EntraBetaObjectSetting.md) + +[Remove-EntraBetaObjectSetting](Remove-EntraBetaObjectSetting.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md deleted file mode 100644 index de07afde7d..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -title: Add-EntraBetaAdministrativeUnitMember -description: This article provides details on the Add-EntraBetaAdministrativeUnitMember command. - - -ms.topic: reference -ms.date: 08/05/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Add-EntraBetaAdministrativeUnitMember - -## Synopsis - -Adds an administrative unit member. - -## Syntax - -```powershell -Add-EntraBetaAdministrativeUnitMember - -RefObjectId - -AdministrativeUnitId - [] -``` - -## Description - -The `Add-EntraBetaAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. - -Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. - -To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add an administrative unit member - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -RefObjectId $user.Id -``` - -This example demonstrates adding an administrative unit member. Use `Get-EntraBetaAdministrativeUnit` to find the administrative unit ID and `Get-EntraBetaUser` to find the user ID. - -- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of a Microsoft Entra ID administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the unique ID of the specific Microsoft Entra ID object that is assigned as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) -[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) -[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md deleted file mode 100644 index a6b3b5b985..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Add-EntraBetaApplicationOwner -description: This article provides details on the Add-EntraBetaApplicationOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner - -schema: 2.0.0 ---- - -# Add-EntraBetaApplicationOwner - -## Synopsis - -Adds an owner to an application. - -## Syntax - -```powershell -Add-EntraBetaApplicationOwner - -ApplicationId - -RefObjectId - [] -``` - -## Description - -The `Add-EntraBetaApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. - -## Examples - -### Example 1: Add a user as an owner to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Add-EntraBetaApplicationOwner -ApplicationId $application.Id -RefObjectId $user.Id -``` - -This example demonstrates how to add an owner to an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the ID of an application. -- `-RefObjectId` parameter specifies the ID of a user. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) - -[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md deleted file mode 100644 index aa2665af87..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md +++ /dev/null @@ -1,132 +0,0 @@ ---- -title: Add-EntraBetaScopedRoleMembership -description: This article provides details on the Add-EntraBetaScopedRoleMembership command. - - -ms.topic: reference -ms.date: 08/06/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership - -schema: 2.0.0 ---- - -# Add-EntraBetaScopedRoleMembership - -## Synopsis - -Assign a Microsoft Entra role with an administrative unit scope. - -## Syntax - -```powershell -Add-EntraBetaScopedRoleMembership - -AdministrativeUnitId - [-RoleMemberInfo ] - [-RoleObjectId ] - [] -``` - -## Description - -The `Add-EntraBetaScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. - -For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add a scoped role membership to an administrative unit - -```powershell -Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' -$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo -$roleMember.Id = $user.Id -Add-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -RoleObjectId $role.Id -RoleMemberInfo $roleMember -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -The example shows how to add a user to the specified role within the specified administrative unit. - -- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. -- `-RoleObjectId` Parameter specifies the ID of a directory role. -- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RoleMemberInfo - -Specifies a RoleMemberInfo object. - -```yaml -Type: System.RoleMemberInfo -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -RoleObjectId - -Specifies DirectoryRole ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) - -[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md deleted file mode 100644 index 25221afebe..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md +++ /dev/null @@ -1,105 +0,0 @@ ---- -title: Add-EntraBetaServicePrincipalOwner -description: This article provides details on the Add-EntraBetaServicePrincipalOwner command. - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner - -schema: 2.0.0 ---- - -# Add-EntraBetaServicePrincipalOwner - -## Synopsis - -Adds an owner to a service principal. - -## Syntax - -```powershell -Add-EntraBetaServicePrincipalOwner - -ServicePrincipalId - -RefObjectId - [] -``` - -## Description - -The `Add-EntraBetaServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Add a user as an owner to a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$owner = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Add-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -RefObjectId $owner.Id -``` - -This example demonstrates how to add an owner to a service principal. - -- `-ServicePrincipalId` parameter specifies the service principal Id. -- `-RefObjectId` parameter specifies the user object Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) - -[Get-EntraBetaUser](Get-EntraBetaUser.md) - -[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md deleted file mode 100644 index fc76f02dca..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md +++ /dev/null @@ -1,73 +0,0 @@ ---- -title: Enable-EntraBetaGlobalSecureAccessTenant -description: This article provides details on the Enable-EntraBetaGlobalSecureAccessTenant command. - -ms.topic: reference -ms.date: 10/31/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Enable-EntraBetaGlobalSecureAccessTenant - -## Synopsis - -Onboard the Global Secure Access service in the tenant. - -## Syntax - -```powershell -Enable-EntraBetaGlobalSecureAccessTenant -``` - -## Description - -The `Enable-EntraBetaGlobalSecureAccessTenant` cmdlet onboards the Global Secure Access service in the tenant. - -In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the necessary permissions: - -- Global Secure Access Administrator -- Security Administrator - -## Examples - -### Example 1: Enable Global Secure Access for a tenant - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -Enable-EntraBetaGlobalSecureAccessTenant -``` - -```Output -@odata.context : https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity -onboardingStatus : onboarded -onboardingErrorMessage : -``` - -This command onboards the Global Secure Access service in the tenant. - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaGlobalSecureAccessTenantStatus](Get-EntraBetaGlobalSecureAccessTenantStatus.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md deleted file mode 100644 index a9c6f76f5c..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md +++ /dev/null @@ -1,195 +0,0 @@ ---- -title: Get-EntraBetaAdministrativeUnitMember -description: This article provides details on the Get-EntraBetaAdministrativeUnitMember command. - - -ms.topic: reference -ms.date: 07/04/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Get-EntraBetaAdministrativeUnitMember - -## Synopsis - -Gets a member of an administrative unit. - -## Syntax - -```powershell -Get-EntraBetaAdministrativeUnitMember - -AdministrativeUnitId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. - -In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: - -- Directory Readers: Read basic properties on administrative units -- Global Reader: Read all properties of administrative units, including members -- Privileged Role Administrator: Create and manage administrative units (including members) - -## Examples - -### Example 1: Get an administrative unit member by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example returns the list of administrative unit members from specified administrative unit ObjectId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -### Example 2: Get all administrative unit members by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example returns the list of all administrative unit members from specified administrative unit ObjectId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -### Example 3: Get top three administrative unit members by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -Top 3 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -``` - -This example returns top three administrative unit members from specified administrative unit ObjectId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) - -[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) - -[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md deleted file mode 100644 index d07a50c3b0..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Get-EntraBetaApplicationExtensionProperty -description: This article provides details on the Get-EntraBetaApplicationExtensionProperty command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationExtensionProperty - -## Synopsis - -Gets application extension properties. - -## Syntax - -```powershell -Get-EntraBetaApplicationExtensionProperty - -ApplicationId - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. - -## Examples - -### Example 1: Get extension properties - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ------------- ---------------------- ---- ------------- - aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} -``` - -This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraBetaApplication` to get application ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -## Parameters - -### -ApplicationId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) - -[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md deleted file mode 100644 index 56dd2bf1d4..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md +++ /dev/null @@ -1,87 +0,0 @@ ---- -title: Get-EntraBetaApplicationKeyCredential -description: This article provides details on the Get-EntraBetaApplicationKeyCredential command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationKeyCredential - -## Synopsis - -Gets the key credentials for an application. - -## Syntax - -```powershell -Get-EntraBetaApplicationKeyCredential - -ObjectId - [] -``` - -## Description - -The `Get-EntraBetaApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. - -## Examples - -### Example 1: Get key credentials - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Get-EntraBetaApplicationKeyCredential -ObjectId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage -------------------- ----------- ----------- --- ----- ------------- ---- ----- -{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify -``` - -This command gets the key credentials for the specified application. -`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -ObjectId - -Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraBetaApplication` for more details. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) - -[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md deleted file mode 100644 index d2c340f3ca..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md +++ /dev/null @@ -1,137 +0,0 @@ ---- -title: Get-EntraBetaApplicationLogo -description: This article provides details on the Get-EntraBetaApplicationLogo command. - - -ms.topic: reference -ms.date: 06/17/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationLogo - -## Synopsis - -Retrieve the logo of an application. - -## Syntax - -```powershell -Get-EntraBetaApplicationLogo - -ApplicationId - [-FileName ] - [-FilePath ] - [-View ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. - -## Examples - -### Example 1: Get an application logo for an application by ID - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraBetaApplicationLogo -ApplicationId $application.Id -FilePath 'D:\outfile1.jpg' -``` - -This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. - -## Parameters - -### -FileName - -If provided, the application logo is saved to the file using the specified file name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -FilePath - -If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -The ApplicationId of the application for which the logo is to be retrieved. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -View - -If set to $true, the application's logo is displayed in a new window on the screen. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -### System.Boolean - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Set-EntraBetaApplicationLogo](Set-EntraBetaApplicationLogo.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md deleted file mode 100644 index 8bb543918f..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md +++ /dev/null @@ -1,211 +0,0 @@ ---- -title: Get-EntraBetaApplicationOwner -description: This article provides details on the Get-EntraBetaApplicationOwner command. - - -ms.topic: reference -ms.date: 08/06/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationOwner - -## Synopsis - -Gets the owner of an application. - -## Syntax - -```powershell -Get-EntraBetaApplicationOwner - -ApplicationId - [-Top ] - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. - -## Examples - -### Example 1: Get the owner of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraBetaApplicationOwner -ApplicationId $application.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -``` - -This example demonstrates how to get the owners of an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -### Example 2: Get the details about the owner of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -SearchString '' -$applicationOwners = Get-EntraBetaApplicationOwner -ObjectId $application.ObjectId -$ownerDetails = $applicationOwners | ForEach-Object { - $ownerDetail = Get-EntraBetaObjectByObjectId -ObjectIds $_.Id - [PSCustomObject]@{ - displayName = $ownerDetail.displayName - Id = $ownerDetail.Id - UserPrincipalName = $ownerDetail.UserPrincipalName - UserType = $ownerDetail.UserType - accountEnabled = $ownerDetail.accountEnabled - } -} -$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize -``` - -```Output -displayName Id UserPrincipalName UserType accountEnabled ------------ -- ----------------- -------- -------------- -Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True -Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True -``` - -This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. - -### Example 3: Get all owners of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraBetaApplicationOwner -ApplicationId $application.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -``` - -This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -### Example 4: Get top two owners of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraBetaApplicationOwner -ApplicationId $application.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -``` - -This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) - -[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md deleted file mode 100644 index cd452a7e84..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Get-EntraBetaApplicationPasswordCredential -description: This article provides details on the Get-EntraBetaApplicationPasswordCredential command. - -ms.topic: reference -ms.date: 07/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationPasswordCredential - -## Synopsis - -Gets the password credential for an application. - -## Syntax - -```powershell -Get-EntraBetaApplicationPasswordCredential - -ApplicationId - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. - -## Examples - -### Example 1: Get password credential for specified application - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- -{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 -``` - -This example shows how to retrieve the password credential for specified application. - -- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -ApplicationId - -The objectID of the application for which to get the password credential. Use `Get-EntraBetaApplication` for more details. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaApplicationPasswordCredential](New-EntraBetaApplicationPasswordCredential.md) - -[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md deleted file mode 100644 index ffb5c9f3fc..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md +++ /dev/null @@ -1,113 +0,0 @@ ---- -title: Get-EntraBetaApplicationProxyApplication -description: This article provides details on the Get-EntraBetaApplicationProxyApplication. - -ms.topic: reference -ms.date: 07/15/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationProxyApplication - -## Synopsis - -Retrieves an application configured for Application Proxy in Microsoft Entra ID. - -## Syntax - -```powershell -Get-EntraBetaApplicationProxyApplication - -ApplicationId - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationProxyApplication` cmdlet retrieves an application configured for Application Proxy in Microsoft Entra ID. Specify `ApplicationId` parameter to retrieve application configured for application proxy. - -## Examples - -### Example 1: Retrieves an application configured for Application Proxy - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso App Proxy'" -Get-EntraBetaApplicationProxyApplication -ApplicationId $application.Id -``` - -```Output -AlternateUrl ApplicationServerTimeout ApplicationType ExternalAuthenticationType ExternalUrl ------------- ------------------------ --------------- -------------------------- ----------- - Long enterpriseapp aadPreAuthentication -https://testp-m365x99297270.msapppr... -``` - -This example retrieves an application configured for Application Proxy. - -- `ApplicationId` parameter specifies the application ID. - -## Parameters - -### -ApplicationId - -The ApplicationId is a unique identifier for the application. You can find it using the `Get-EntraBetaApplication` command in PowerShell, or in the Microsoft Entra admin portal by navigating to **Entra ID** > **Enterprise Applications** > **All Applications**, selecting your application, and viewing the **Properties** tab. Use the `ObjectId` value. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[New-EntraBetaApplicationProxyApplication](New-EntraBetaApplicationProxyApplication.md) - -[Set-EntraBetaApplicationProxyApplication](Set-EntraBetaApplicationProxyApplication.md) - -[Remove-EntraBetaApplicationProxyApplication](Remove-EntraBetaApplicationProxyApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md deleted file mode 100644 index 18e007ab0a..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md +++ /dev/null @@ -1,96 +0,0 @@ ---- -title: Get-EntraBetaApplicationProxyApplicationConnectorGroup -description: This article provides details on the Get-EntraBetaApplicationProxyApplicationConnectorGroup. - -ms.topic: reference -ms.date: 07/15/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationProxyApplicationConnectorGroup - -## Synopsis - -The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for a specific application. - -## Syntax - -```powershell -Get-EntraBetaApplicationProxyApplicationConnectorGroup - -ObjectId - [] -``` - -## Description - -The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for the specified application. -The application must be configured for Application Proxy in Microsoft Entra ID. - -## Examples - -### Example 1: retrieves the connector group assigned for the specified application - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso App Proxy'" -Get-EntraBetaApplicationProxyApplicationConnectorGroup -ObjectId $application.Id -``` - -```Output -Id Name ConnectorGroupType IsDefault --- ---- ------------------ --------- -bbbbbbbb-1111-2222-3333-cccccccccccc test-group applicationProxy False -``` - -This example retrieves the connector group assigned for the specified application. - -- `ObjectId` parameter specifies the application ID. - -## Parameters - -### -ObjectId - -ObjectId is the ID of the application. -This ObjectId can be found using the `Get-EntraBetaApplication` command. -You can also find this ObjectId in the Microsoft Portal by navigating to Microsoft Entra ID, Enterprise Applications, All Applications, Select your application, go to the properties tab, and use the ObjectId on that page. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Set-EntraBetaApplicationProxyApplicationConnectorGroup](Set-EntraBetaApplicationProxyApplicationConnectorGroup.md) - -[Remove-EntraBetaApplicationProxyApplicationConnectorGroup](Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md deleted file mode 100644 index f3375abde2..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md +++ /dev/null @@ -1,165 +0,0 @@ ---- -title: Get-EntraBetaApplicationServiceEndpoint -description: This article provides details on the Get-EntraBetaApplicationServiceEndpoint command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationServiceEndpoint - -## Synopsis - -Retrieve the service endpoint of an application. - -## Syntax - -```powershell -Get-EntraBetaApplicationServiceEndpoint - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. - -The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. - -Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. - -## Examples - -### Example 1: Retrieve the application service endpoint by ID - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -``` - -This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -### Example 2: Get all service endpoints - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -All -``` - -This example demonstrates how to retrieve all service endpoints of a specified application. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -### Example 3: Get top five service endpoints - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraBetaApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -Top 5 -``` - -This example demonstrates how to retrieve five service endpoints of a specified application. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -All - -Return all service endpoints. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the object ID of the application for which the service endpoint is retrieved. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of results that are returned. -The default is 100. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md deleted file mode 100644 index 8964120d49..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md +++ /dev/null @@ -1,150 +0,0 @@ ---- -title: Get-EntraBetaApplicationSignInDetailedSummary -description: This article provides details on the Get-EntraBetaApplicationSignInDetailedSummary command. - -ms.topic: reference -ms.date: 07/08/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationSignInDetailedSummary - -## Synopsis - -Get detailed sign in summaries. - -## Syntax - -```powershell -Get-EntraBetaApplicationSignInDetailedSummary - [-Top ] - [-Filter ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationSignInDetailedSummary` cmdlet gets Microsoft Entra ID sign ins, grouped by application, date, and sign in status. - -## Examples - -### Example 1: Get sign in detailed summary - -```powershell -Connect-Entra -Scopes 'Reports.Read.All' -Get-EntraBetaApplicationSignInDetailedSummary -``` - -```Output -Id AggregatedEventDateTime AppDisplayName AppId SignInCount --- ----------------------- -------------- ----- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 08-07-2024 00:00:00 Graph Explorer 00001111-aaaa-2222-bbbb-3333cccc4444 3 -bbbbbbbb-1111-2222-3333-cccccccccccc 04-07-2024 00:00:00 Graph Explorer 11112222-bbbb-3333-cccc-4444dddd55551 -cccccccc-2222-3333-4444-dddddddddddd 05-07-2024 00:00:00 Graph Explorer 22223333-cccc-4444-dddd-5555eeee6666 4 -dddddddd-3333-4444-5555-eeeeeeeeeeee 19-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff77773 -eeeeeeee-4444-5555-6666-ffffffffffff 27-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 2 -ffffffff-5555-6666-7777-aaaaaaaaaaaa 03-07-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 1 -aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 01-07-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 13 -bbbbbbbb-7777-8888-9999-cccccccccccc 28-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 9 -``` - -This example returns all sign ins to Microsoft Entra ID Portal. - -### Example 2: Get sign in detailed summary by application and date - -```powershell -Connect-Entra -Scopes 'Reports.Read.All' -Get-EntraBetaApplicationSignInDetailedSummary -Filter "appDisplayName eq 'Azure Portal' AND aggregatedEventDateTime gt 2024-10-20 AND aggregatedEventDateTime lt 2024-10-22" -``` - -```Output -Id AggregatedEventDateTime AppDisplayName AppId SignInCount --- ----------------------- -------------- ----- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 -bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 -cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 -dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 -eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 -ffffffff-5555-6666-7777-aaaaaaaaaaaa 19-06-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 3 -aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 17-06-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 3 -bbbbbbbb-7777-8888-9999-cccccccccccc 18-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 6 -``` - -This example returns all sign ins to Microsoft Entra ID Portal for the month of June. - -### Example 3: Get top five sign ins - -```powershell -Connect-Entra -Scopes 'Reports.Read.All' -Get-EntraBetaApplicationSignInDetailedSummary -Top 5 -``` - -```Output -Id AggregatedEventDateTime AppDisplayName AppId SignInCount --- ----------------------- -------------- ----- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 -bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 -cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 -dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 -eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 -``` - -This example returns top five sign ins to Microsoft Entra ID portal. - -## Parameters - -### -Top - -The maximum number of records to return. - -```yaml -Type: Sysetm.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Filter - -The OData v4.0 filter statement. -Controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.GetApplicationSignInDetailedSummaryObjectsResponse - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md deleted file mode 100644 index 338a3a62c5..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md +++ /dev/null @@ -1,124 +0,0 @@ ---- -title: Get-EntraBetaApplicationTemplate -description: This article provides details on the Get-EntraBetaApplicationTemplate command. - - -ms.topic: reference -ms.date: 07/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate - -schema: 2.0.0 ---- - -# Get-EntraBetaApplicationTemplate - -## Synopsis - -Retrieve a list of applicationTemplate objects. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraBetaApplicationTemplate - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraBetaApplicationTemplate - -Id - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. - -## Examples - -### Example 1. Gets a list of application template objects - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaApplicationTemplate -``` - -This command gets all the application template objects - -### Example 2. Gets an application template object - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$applicationTemplate = Get-EntraBetaApplicationTemplate -Filter "DisplayName eq 'Dynamics CRM Online'" -Get-EntraBetaApplicationTemplate -Id $applicationTemplate.Id -``` - -```Output -Id Categories Description --- ---------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses -``` - -This command gets an application template object for the given id. - -- `-Id` Specifies the unique identifier of an application template. - -## Parameters - -### -Id - -The unique identifier of an application template. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.ApplicationTemplate - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md deleted file mode 100644 index 5b8fd137a4..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md +++ /dev/null @@ -1,193 +0,0 @@ ---- -title: Get-EntraBetaContract -description: This article provides details on the Get-EntraBetaContract command. - - -ms.topic: reference -ms.date: 08/14/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract - -schema: 2.0.0 ---- - -# Get-EntraBetaContract - -## Synopsis - -Gets a contract. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraBetaContract - [-Filter ] - [-All] - [-Top ] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraBetaContract - -ContractId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaContract` cmdlet gets a contract information associated to a partner tenant. - -In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user - -## Examples - -### Example 1: Get all contracts in the directory - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraBetaContract -``` - -This command gets all contracts in the Microsoft Entra ID. - -### Example 2: Get top two contracts in the directory - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraBetaContract -Top 2 -``` - -This command gets top two contracts in the Microsoft Entra ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ContractId - -Specifies the ID of a contract. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -The contract object contains the following attributes: - -`contractType` - type of the contract. - -Possible values are: - -**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. -They resell and support their customers. -**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. -**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. - -`customerContextId` - unique identifier for the customer tenant referenced by this partnership. - -Corresponds to the ObjectId property of the customer tenant's TenantDetail object. - -`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. - -`deletionTimestamp` - this property isn't valid for contracts and always returns null. - -`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. - -`objectType` - a string that identifies the object type. The value is always `Contract`. - -`ContractId` - the unique identifier for the partnership. - -## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md deleted file mode 100644 index 4783228b6f..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -title: Get-EntraBetaDirSyncConfiguration -description: This article provides details on the Get-EntraBetaDirSyncConfiguration command. - - -ms.topic: reference -ms.date: 08/16/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration - -schema: 2.0.0 ---- - -# Get-EntraBetaDirSyncConfiguration - -## Synopsis - -Gets the directory synchronization settings. - -## Syntax - -```powershell -Get-EntraBetaDirSyncConfiguration - [-TenantId ] - [] -``` - -## Description - -The `Get-EntraBetaDirSyncConfiguration` cmdlet gets the directory synchronization settings. See [configuration settings](https://learn.microsoft.com/graph/api/resources/onpremisesaccidentaldeletionprevention#properties) details. - -For delegated scenarios, the user needs to be assigned the Global Administrator role. - -## Examples - -### Example 1: Get directory synchronization settings - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' -Get-EntraBetaDirSyncConfiguration -``` - -```Output -AccidentalDeletionThreshold DeletionPreventionType ---------------------------- ---------------------- - 500 enabledForCount -``` - -This example gets directory synchronization settings. - -### Example 2: Get directory synchronization settings by TenantId - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' -$tenant = Get-EntraBetaTenantDetail -Get-EntraBetaDirSyncConfiguration -TenantId $tenant.Id -``` - -```Output -AccidentalDeletionThreshold DeletionPreventionType ---------------------------- ---------------------- - 500 enabledForCount -``` - -This example gets directory synchronization settings by TenantId. - -- `-TenantId` Specifies the unique ID of the tenant. - -## Parameters - -### -TenantId - -The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System. Nullable`1[[System. Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] - -## Outputs - -## Notes - -## Related Links - -[Set-EntraBetaDirSyncConfiguration](Set-EntraBetaDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md deleted file mode 100644 index 448a6fb350..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md +++ /dev/null @@ -1,153 +0,0 @@ ---- -title: Get-EntraBetaDirSyncFeature -description: This article provides details on the Get-EntraBetaDirSyncFeature command. - - -ms.topic: reference -ms.date: 08/16/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature - -schema: 2.0.0 ---- - -# Get-EntraBetaDirSyncFeature - -## Synopsis - -Checks the status of directory synchronization features for a tenant. - -## Syntax - -```powershell -Get-EntraBetaDirSyncFeature - [-TenantId ] - [-Feature ] - [] -``` - -## Description - -The `Get-EntraBetaDirSyncFeature` cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status. - -For delegated scenarios, the user needs to be assigned the Global Administrator role. - -Some of the features that can be used with this cmdlet include: - -- **DeviceWriteback** -- **DirectoryExtensions** -- **DuplicateProxyAddressResiliency** -- **DuplicateUPNResiliency** -- **EnableSoftMatchOnUpn** -- **PasswordSync** -- **SynchronizeUpnForManagedUsers** -- **UnifiedGroupWriteback** -- **UserWriteback** - -To view all supported features, see the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). - -## Examples - -### Example 1: Return a list of all directory synchronization features - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' -Get-EntraBetaDirSyncFeature -``` - -```Output -Enabled DirSyncFeature -------- -------------- - False BlockCloudObjectTakeoverThroughHardMatch - False BlockSoftMatch - False BypassDirSyncOverrides - False CloudPasswordPolicyForPasswordSyncedUsers - False ConcurrentCredentialUpdate - True ConcurrentOrgIdProvisioning - False DeviceWriteback - False DirectoryExtensions - False FopeConflictResolution - False GroupWriteBack - False PasswordSync - False PasswordWriteback - True QuarantineUponProxyAddressesConflict - True QuarantineUponUpnConflict - True SoftMatchOnUpn - True SynchronizeUpnForManagedUsers - False UnifiedGroupWriteback - False UserForcePasswordChangeOnLogon - False UserWriteback -``` - -This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). - -### Example 2: Return the PasswordSync feature status - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' -Get-EntraBetaDirSyncFeature -Feature 'PasswordSync' -``` - -```Output -Enabled DirSyncFeature -------- -------------- - False PasswordSync -``` - -This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. - -- `-Feature` specifies the directory synchronization feature to check the status of. - -## Parameters - -### -TenantId - -The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Feature - -The directory sync feature to check. See the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Set-EntraBetaDirSyncFeature](Set-EntraBetaDirSyncFeature.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md deleted file mode 100644 index 02a1d9d7c6..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md +++ /dev/null @@ -1,84 +0,0 @@ ---- -title: Get-EntraBetaGlobalSecureAccessTenantStatus -description: This article provides details on the Get-EntraBetaGlobalSecureAccessTenantStatus command. - -ms.topic: reference -ms.date: 10/19/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Get-EntraBetaGlobalSecureAccessTenantStatus - -## Synopsis - -Retrieves the onboarding status of the Global Secure Access service in the tenant. - -## Syntax - -```powershell -Get-EntraBetaGlobalSecureAccessTenantStatus -``` - -## Description - -The `Get-EntraBetaGlobalSecureAccessTenantStatus` cmdlet retrieves the onboarding status of the Global Secure Access service in the tenant. - -For delegated scenarios involving work or school accounts, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation: - -- Global Reader -- Global Secure Access Administrator -- Security Administrator - -## Examples - -### Example 1: Check Global Secure Access status for the tenant - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -Get-EntraBetaGlobalSecureAccessTenantStatus -``` - -```Output -@odata.context onboardingStatus onboardingErrorMessage --------------- ---------------- ---------------------- -https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity offboarded -``` - -This command checks if the Global Secure Access service is activated in the tenant. - -If the status is `offboarded`, you can activate the service with `New-EntraBetaGlobalSecureAccessTenant`. - -The onboarding status can be: `offboarded`, `offboarding in progress`, `onboarding in progress`, `onboarded`, `onboarding error`, or `offboarding error`. - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) - -[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) - -[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md deleted file mode 100644 index daa37596e3..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md +++ /dev/null @@ -1,163 +0,0 @@ ---- -title: Get-EntraBetaPrivateAccessApplication -description: This article provides details on the Get-EntraBetaPrivateAccessApplication command. - -ms.topic: reference -ms.date: 10/19/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Get-EntraBetaPrivateAccessApplication - -## Synopsis - -Retrieves a list of all Private Access applications, or if specified, details of a specific application. - -## Syntax - -### ApplicationId (Default) - -```powershell -Get-EntraBetaPrivateAccessApplication - [-ApplicationId ] - [] -``` - -### ApplicationName - -```powershell -Get-EntraBetaPrivateAccessApplication - [-ApplicationName ] - [] -``` - -## Description - -The `Get-EntraBetaPrivateAccessApplication` cmdlet retrieves a list of all Private Access applications, or if specified, details of a specific application. - -## Examples - -### Example 1: Retrieve all Private Access applications - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -Get-EntraBetaPrivateAccessApplication -``` - -```Output -displayName : testApp1 -appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -id : bbbbbbbb-1111-2222-3333-cccccccccccc -tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} -createdDateTime : 14/06/2024 12:38:50 AM - -displayName : QuickAccess -appId : dddddddd-3333-4444-5555-eeeeeeeeeeee -id : eeeeeeee-4444-5555-6666-ffffffffffff -tags : {HideApp, NetworkAccessQuickAccessApplication} -createdDateTime : 4/07/2023 4:00:07 AM -``` - -This command retrieves all Private Access applications, including Quick Access. - -### Example 2: Retrieve a specific Private Access application by object Id - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaPrivateAccessApplication | Where-Object {$_.displayName -eq 'Finance team file share'} -Get-EntraBetaPrivateAccessApplication -ApplicationId $application.Id -``` - -```Output -displayName : QuickAccess -appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -id : bbbbbbbb-1111-2222-3333-cccccccccccc -tags : {HideApp, NetworkAccessQuickAccessApplication} -createdDateTime : 4/07/2023 4:00:07 AM -``` - -This example demonstrates how to retrieve information for a specific Private Access application by object id. - -### Example 3: Retrieve a specific Private Access application by name - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -Get-EntraBetaPrivateAccessApplication -ApplicationName 'Finance team file share' -``` - -```Output -displayName : Finance team file share -appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -id : bbbbbbbb-1111-2222-3333-cccccccccccc -tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} -createdDateTime : 14/06/2024 12:38:50 AM -``` - -This example demonstrates how to retrieve information for a specific Private Access application by application name. - -## Parameters - -### -ApplicationId - -The Object ID of a Private Access application object. - -```yaml -Type: System.String -Parameter Sets: SingleAppID -Aliases: ObjectId - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationName - -Specifies a specific application name to retrieve. - -```yaml -Type: System.String -Parameter Sets: SingleAppName -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) - -[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) - -[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md deleted file mode 100644 index a4a56e0752..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md +++ /dev/null @@ -1,133 +0,0 @@ ---- -title: Get-EntraBetaPrivateAccessApplicationSegment -description: This article provides details on the Get-EntraBetaPrivateAccessApplicationSegment command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Get-EntraBetaPrivateAccessApplicationSegment - -## Synopsis - -Retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. - -## Syntax - -```powershell -Get-EntraBetaPrivateAccessApplicationSegment - -ApplicationId - [-ApplicationSegmentId ] - [] -``` - -## Description - -The `Get-EntraBetaPrivateAccessApplicationSegment` cmdlet retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. - -## Examples - -### Example 1: Retrieve all application segments associated to an application - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -``` - -```Output -destinationHost : 10.1.1.20 -destinationType : ip -port : 0 -ports : {22-22} -protocol : tcp -id : cccc2222-dd33-4444-55ee-666666ffffff -``` - -This command retrieves all application segments for an application. - -### Example 2: Retrieve a specific application segment associated to an application - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} -Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id -``` - -```Output -destinationHost : 10.1.1.20 -destinationType : ip -port : 0 -ports : {22-22} -protocol : tcp -id : cccc2222-dd33-4444-55ee-666666ffffff -``` - -This example demonstrates how to retrieve information for a specific application segment. - -## Parameters - -### -ApplicationId - -The Object ID of a Private Access application object. - -```yaml -Type: System.String -Parameter Sets: AllApplicationSegments, SingleApplicationSegment -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - -### -ApplicationSegmentId - -Specifies a specific application segment to retrieve. - -```yaml -Type: System.String -Parameter Sets: SingleApplicationSegment -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) - -[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md deleted file mode 100644 index 7512efebe2..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md +++ /dev/null @@ -1,145 +0,0 @@ ---- -title: Get-EntraBetaScopedRoleMembership -description: This article provides details on the Get-EntraBetaScopedRoleMembership command. - - -ms.topic: reference -ms.date: 07/05/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership - -schema: 2.0.0 ---- - -# Get-EntraBetaScopedRoleMembership - -## Synopsis - -List Microsoft Entra role assignments with administrative unit scope. - -## Syntax - -```powershell -Get-EntraBetaScopedRoleMembership - -AdministrativeUnitId - [-ScopedRoleMembershipId ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `AdministrativeUnitId` parameter to retrieve a specific scoped role membership. - -## Examples - -### Example 1: Get Scoped Role Administrator - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMembership = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} -Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example gets scoped role administrator. You cane use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. - -### Example 2: List scoped administrators for administrative unit by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example list scoped administrators with AdministrativeUnitId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ScopedRoleMembershipId - -Specifies the ID of a scoped role membership. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) - -[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md deleted file mode 100644 index 343367b0be..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md +++ /dev/null @@ -1,370 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipal -description: This article provides details on the Get-EntraBetaServicePrincipal command. - - -ms.topic: reference -ms.date: 08/12/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipal - -## Synopsis - -Gets a service principal. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraBetaServicePrincipal - [-Top ] - [-All] - [-Filter ] - [-Property ] - [] -``` - -### GetVague - -```powershell -Get-EntraBetaServicePrincipal - [-SearchString ] - [-All] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraBetaServicePrincipal - -ServicePrincipalId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve all service principal from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application -ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application -``` - -This example retrieves all service principals from the directory. - -### Example 2: Retrieve a service principal by ServicePrincipalId - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This command retrieves specific service principal. - -- `-ServicePrincipalId` Parameter specifies the ID of a service principal. - -### Example 3: Retrieve all service principals from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -All -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application -ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application -``` - -This example retrieves all service principals from the directory. - -### Example 4: Retrieve top two service principal from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Top 2 -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application -``` - -This command retrieves top two service principals from the directory. - -### Example 5: Get a service principal by display name - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This example gets a service principal by its display name. - -### Example 6: Retrieve a list of all service principal, which has a display name that contains "Helpdesk Application" - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -SearchString 'Helpdesk Application' -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This example gets a list of service principal, which has the specified display name. - -### Example 7: Retrieve all Enterprise apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application -``` - -This example demonstrates how to retrieve all enterprise apps. - -### Example 8: Retrieve all App proxy apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application -``` - -This example demonstrates how to retrieve all app proxy apps. - -### Example 9: Retrieve all disabled apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Filter "accountEnabled eq false" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all disabled apps. - -### Example 10: Retrieve all Global Secure Access apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all Global secure access apps. - -### Example 11: List all applications without user assignment - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraBetaServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all applications without user assignment. - -### Example 12: List all SAML application details - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" -$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize -``` - -```Output -Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses --- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- -00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} -``` - -This example demonstrates how to retrieve all SAML application details. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SearchString - -Specifies a search string. - -```yaml -Type: System.String -Parameter Sets: GetVague -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) - -[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md deleted file mode 100644 index d7e4e453af..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md +++ /dev/null @@ -1,204 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalAppRoleAssignedTo -description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignedTo command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalAppRoleAssignedTo - -## Synopsis - -Gets app role assignments for this app or service, granted to users, groups, and other service principals. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalAppRoleAssignedTo - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups, and other service principals. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Get app role assignment by ID - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Helpdesk Application aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Helpdesk Application -``` - -This example shows how to get app role assignments for an app or service, granted to users, groups, and other service principals. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 2: Get all app role assignments - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff -4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa -5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb -``` - -This command gets the all app role assignments for the service principal granted to users, groups, and other service principals. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 3: Get five app role assignments - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -Top 5 -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff -4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa -5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb -``` - -This command gets the five app role assignments for the service principal granted to users, groups, and other service principals. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -`Get-EntraBetaServiceAppRoleAssignedTo` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignedTo`. - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md deleted file mode 100644 index aafe07b5b5..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,198 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalAppRoleAssignment -description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalAppRoleAssignment - -## Synopsis - -Gets a service principal application role assignment. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalAppRoleAssignment - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Retrieve the application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… -``` - -This command gets application role assignments for specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -### Example 2: Retrieve all application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… -4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User3 ProvisioningPowerBi 021510b7-e753-40… -5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User4 ProvisioningPowerBi 021510b7-e753-40… -``` - -This command gets all application role assignments for specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -### Example 3: Retrieve the top three application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -Top 3 -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… -``` - -This command gets top three application role assignments for specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -The maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Get-EntraBetaServiceAppRoleAssignment` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) - -[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md deleted file mode 100644 index 177f252ae7..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md +++ /dev/null @@ -1,157 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalCreatedObject -description: This article provides details on the Get-EntraBetaServicePrincipalCreatedObject command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalCreatedObject - -## Synopsis - -Get objects created by a service principal. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalCreatedObject - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the objects that created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -``` - -This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 2: Retrieve the all objects created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -All -``` - -This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 3: Retrieve the top two objects created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -Top 2 -``` - -This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md deleted file mode 100644 index 32b1c755a7..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md +++ /dev/null @@ -1,195 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalDelegatedPermissionClassification -description: This article provides details on the Get-EntraBetaServicePrincipalDelegatedPermissionClassification command. - - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalDelegatedPermissionClassification - -## Synopsis - -Retrieve the delegated permission classification objects on a service principal. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraBetaServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - [-Filter ] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraBetaServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - -Id - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. - -## Examples - -### Example 1: Get a list of delegated permission classifications - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile -``` - -This command retrieves all delegated permission classifications from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. - -### Example 2: Get a delegated permission classifications - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$permissionClassification = Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" -Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -``` - -This command retrieves the delegated permission classification by Id from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. -- `-Id` parameter specifies the delegated permission classification object Id. - -### Example 3: Get a delegated permission classification with filter - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -``` - -This command retrieves the filtered delegated permission classifications from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. -- `-Id` parameter specifies the delegated permission classification object Id. - -## Parameters - -### -ServicePrincipalId - -The unique identifier of a service principal object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Id - -The unique identifier of a delegated permission classification object ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Filter - -The OData v4.0 filter statement. -Controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.DelegatedPermissionClassification - -## Notes - -## Related Links - -[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) - -[Remove-EntraBetaServicePrincipalDelegatedPermissionClassification](Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md deleted file mode 100644 index bea64708bb..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md +++ /dev/null @@ -1,88 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalKeyCredential -description: This article provides details on the Get-EntraBetaServicePrincipalKeyCredential command. - - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalKeyCredential - -## Synopsis - -Get key credentials for a service principal. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalKeyCredential - -ServicePrincipalId - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the key credential of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage -------------------- ----------- ----------- --- ----- ------------- ---- ----- - 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign -``` - -This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal object Id. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of the application for which to get the password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md deleted file mode 100644 index 9940d963bc..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md +++ /dev/null @@ -1,179 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalMembership -description: This article provides details on the Get-EntraBetaServicePrincipalMembership command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalMembership - -## Synopsis - -Get a service principal membership. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalMembership - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -``` - -This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 2: Retrieve all memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -22223333-cccc-4444-dddd-5555eeee6666 -33334444-dddd-5555-eeee-6666ffff7777 -``` - -This command gets all memberships of a specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 3: Retrieve top two memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -22223333-cccc-4444-dddd-5555eeee6666 - -``` - -This command gets top two memberships of a specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md deleted file mode 100644 index aa97bae640..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md +++ /dev/null @@ -1,178 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalOAuth2PermissionGrant -description: This article provides details on the Get-EntraBetaServicePrincipalOAuth2PermissionGrant command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalOAuth2PermissionGrant - -## Synopsis - -Gets an OAuth2PermissionGrant object. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalOAuth2PermissionGrant - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalOAuth2PermissionGrant` cmdlet gets an OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -``` - -This cmdlet retrieves a OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 2: Get all OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... -``` - -This example demonstrates how to get all OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 3: Get two OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -Top 2 -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... -``` - -This example demonstrates how to get top two OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md deleted file mode 100644 index 50001b6ad5..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md +++ /dev/null @@ -1,175 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalOwnedObject -description: This article provides details on the Get-EntraBetaServicePrincipalOwnedObject command. - -ms.topic: reference -ms.date: 08/13/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalOwnedObject - -## Synopsis - -Gets an object owned by a service principal. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalOwnedObject - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the owned objects of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -The command retrieves the owned objects of a service principal. - -- `-ServicePrincipalId` Parameter specifies the ID of a service principal. - -### Example 2: Retrieve the all owned objects of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -``` - -This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 3: Retrieve top one owned object of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.Id -Top 1 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md deleted file mode 100644 index 1bbb4094b9..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md +++ /dev/null @@ -1,180 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalOwner -description: This article provides details on the Get-EntraBetaServicePrincipalOwner command. - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalOwner - -## Synopsis - -Get the owner of a service principal. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalOwner - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the owner of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This example gets the owners of a specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -### Example 2: Retrieve all the owners of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -All | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This command gets all the owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -### Example 3: Retrieve top two owners of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -Top 2 | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This command gets top two owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md deleted file mode 100644 index 495788d078..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,92 +0,0 @@ ---- -title: Get-EntraBetaServicePrincipalPasswordCredential -description: This article provides details on the Get-EntraBetaServicePrincipalPasswordCredential command. - - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# Get-EntraBetaServicePrincipalPasswordCredential - -## Synopsis - -Get credentials for a service principal. - -## Syntax - -```powershell -Get-EntraBetaServicePrincipalPasswordCredential - -ServicePrincipalId - [] -``` - -## Description - -The `Get-EntraBetaServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the password credential of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 - 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 - 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 -``` - -This example retrieves the password credentials for specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of the service principal for which to get password credentials. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) - -[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md deleted file mode 100644 index 5e485bf9bd..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md +++ /dev/null @@ -1,169 +0,0 @@ ---- -title: Get-EntraBetaTrustFrameworkPolicy -description: This article provides details on the Get-EntraBetaTrustFrameworkPolicy command. - - -ms.topic: reference -ms.date: 08/14/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy - -schema: 2.0.0 ---- - -# Get-EntraBetaTrustFrameworkPolicy - -## Synopsis - -Retrieves the created trust framework policies (custom policies) in the directory. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraBetaTrustFrameworkPolicy - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraBetaTrustFrameworkPolicy - -Id - [-OutputFilePath ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraBetaTrustFrameworkPolicy` cmdlet retrieves the trust framework policies that have been created in the directory. - -In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. - -## Examples - -### Example 1: Retrieves the list of all trust framework policies in the directory - -```powershell -Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' -Get-EntraBetaTrustFrameworkPolicy -``` - -```Output Id --- B2C_1A_SIGNUP_SIGNIN B2C_1A_TRUSTFRAMEWORKBASE -B2C_1A_TRUSTFRAMEWORKEXTENSIONS -``` - -This example retrieves the list of all trust framework policies in the directory. - -### Example 2: Retrieves the contents of the specified trust framework policy - -```powershell -Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' -$params = @{ - Id = 'B2C_1A_SIGNUP_SIGNIN' -} -Get-EntraBetaTrustFrameworkPolicy @params -``` - -This example retrieves the contents of the specified trust framework policy. - -The contents of received trust framework policy are displayed on screen. - -- `-Id` Parameter specifies ID for a trust framework policy. - -### Example 3: Retrieves the contents of the specified trust framework policy on specific output file path - -```powershell -Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' -$params = @{ - Id = 'B2C_1A_SIGNUP_SIGNIN' - OutputFilePath = 'C:\RetrivedPolicy.xml' -} -Get-EntraBetaTrustFrameworkPolicy @params -``` - -This example retrieves the contents of the specified trust framework policy on specific output file path. - -- `-Id` Parameter specifies ID for a trust framework policy. -- `-OutputFilePath` Parameter specifies the path to the file used for retrieve the contents of trust framework policy. - -## Parameters - -### -Id - -The unique identifier for a trust framework policy. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OutputFilePath - -Path to the file used for retrieve the contents of trust framework policy. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) - -[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) - -[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md deleted file mode 100644 index 5e1f652075..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md +++ /dev/null @@ -1,163 +0,0 @@ ---- -title: New-EntraBetaAdministrativeUnit -description: This article provides details on the New-EntraBetaAdministrativeUnit command. - - -ms.topic: reference -ms.date: 07/03/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit - -schema: 2.0.0 ---- - -# New-EntraBetaAdministrativeUnit - -## Synopsis - -Creates an administrative unit. - -## Syntax - -```powershell -New-EntraBetaAdministrativeUnit - -DisplayName - [-Description ] - [-IsMemberManagementRestricted ] - [] -``` - -## Description - -The `New-EntraBetaAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. - -In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. - -## Examples - -### Example 1: Create an administrative unit - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -New-EntraBetaAdministrativeUnit -DisplayName 'TestAU' -``` - -```Output -DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility ---------------- -- ----------- ----------- ---------------------------- ---------- - aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb TestAU False -``` - -This example demonstrates how to create an administrative unit. - -- `-DisplayName` parameter specifies the display name for the Administrative unit object. - -### Example 2: Create an administrative unit using '-Description' parameter - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -New-EntraBetaAdministrativeUnit -DisplayName 'Pacific Administrative Unit' -Description 'Administrative Unit for Pacific region' -``` - -```Output -DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility ---------------- -- ----------- ----------- ---------------------------- ---------- - bbbbbbbb-1111-2222-3333-cccccccccccc New AdminiatrativeUnit test1 False -``` - -This example demonstrates how to create an administrative unit. - -- `-DisplayName` parameter specifies the display name for the Administrative unit object. -- `-Description` parameter specifies the description for the new administrative unit. - -### Example 3: Create an administrative unit using '-IsMemberManagementRestricted' parameter - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -New-EntraBetaAdministrativeUnit -DisplayName 'NewUnit' -IsMemberManagementRestricted $True -``` - -```Output -DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility ---------------- -- ----------- ----------- ---------------------------- ---------- - cccccccc-2222-3333-4444-dddddddddddd NewUnit True -``` - -This example demonstrates how to create an administrative unit. - -- `-DisplayName` parameter specifies the display name for the Administrative unit object. -- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. - -## Parameters - -### -Description - -Specifies a description for the new administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name of the new administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsMemberManagementRestricted - -Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. -If no value is specified, it defaults to false. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) - -[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) - -[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md deleted file mode 100644 index 0b0394e5f6..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md +++ /dev/null @@ -1,198 +0,0 @@ ---- -title: New-EntraBetaApplicationExtensionProperty -description: This article provides details on the New-EntraBetaApplicationExtensionProperty command. - - -ms.topic: reference -ms.date: 08/06/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty - -schema: 2.0.0 ---- - -# New-EntraBetaApplicationExtensionProperty - -## Synopsis - -Creates an application extension property. - -## Syntax - -```powershell -New-EntraBetaApplicationExtensionProperty - -ApplicationId - [-DataType ] - -Name - [-TargetObjects ] - [] -``` - -## Description - -The `New-EntraBetaApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. - -## Examples - -### Example 1: Create an extension property - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute' -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} -``` - -This command creates an application extension property of the string type for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. - -### Example 2: Create an extension property with data type parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute1' -DataType 'Boolean' -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} -``` - -This command creates an application extension property of the specified data type for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. -- `-DataType` parameter specifies the data type of the value the extension property can hold. - -### Example 3: Create an extension property with targets parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$targets = New-Object System.Collections.Generic.List[System.String] -$targets.Add('User') -New-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute2' -TargetObjects $targets -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} -``` - -The example shows how to create an application extension property with the specified target objects for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. -- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. - -## Parameters - -### -DataType - -Specifies the data type of the value the extension property can hold. Following values are supported. - -- Binary - 256 bytes maximum -- Boolean -- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. -- Integer - 32-bit value. -- LargeInteger - 64-bit value. -- String - 256 characters maximum - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Name - -Specifies the name of the extension property. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -TargetObjects - -Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. - -- User -- Group -- AdministrativeUnit -- Application -- Device -- Organization - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) - -[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md deleted file mode 100644 index f8a2435c71..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md +++ /dev/null @@ -1,153 +0,0 @@ ---- -title: New-EntraBetaApplicationKey -description: This article provides details on the New-EntraBetaApplicationKey command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey - -schema: 2.0.0 ---- - -# New-EntraBetaApplicationKey - -## Synopsis - -Adds a new key to an application. - -## Syntax - -```powershell -New-EntraBetaApplicationKey - -ObjectId - -KeyCredential - -Proof - [-PasswordCredential ] - [] -``` - -## Description - -Adds a new key to an application. - -## Examples - -### Example 1: Add a key credential to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" -$params = @{ - ObjectId = $app.Id - KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } - PasswordCredential = @{ DisplayName = 'mypassword' } - Proof = '{token}' -} - -New-EntraBetaApplicationKey @params -``` - -This command adds a key credential to an specified application. - -- `-ObjectId` parameter specifies the unique identifier of an application. -- `-KeyCredential` parameter specifies the application key credential to add. -- `-PasswordCredential` parameter specifies the application password credential to add. -- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. - -## Parameters - -### -KeyCredential - -The application key credential to add. - -NOTES: keyId value should be null. - -```yaml -Type: KeyCredential -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -The unique identifier of the application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredential - -The application password credential to add. - -NOTES: keyId value should be null. - -```yaml -Type: PasswordCredential -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Proof - -A signed JWT token used as a proof of possession of the existing keys. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -### Microsoft.Open.MSGraph.Model.KeyCredential - -### Microsoft.Open.MSGraph.Model.PasswordCredential - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraBetaApplicationKey](Remove-EntraBetaApplicationKey.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md deleted file mode 100644 index eeadb007c7..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md +++ /dev/null @@ -1,254 +0,0 @@ ---- -title: New-EntraBetaApplicationKeyCredential -description: This article provides details on the New-EntraBetaApplicationKeyCredential command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential - -schema: 2.0.0 ---- - -# New-EntraBetaApplicationKeyCredential - -## Synopsis - -Creates a key credential for an application. - -## Syntax - -```powershell -New-EntraBetaApplicationKeyCredential - -ApplicationId - [-CustomKeyIdentifier ] - [-Type ] - [-Usage ] - [-Value ] - [-EndDate ] - [-StartDate ] - [] -``` - -## Description - -The `New-EntraBetaApplicationKeyCredential` cmdlet creates a key credential for an application. - -An application can use this command along with `Remove-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. - -As part of the request validation, proof of possession of an existing key is verified before the action can be performed. - -## Examples - -### Example 1: Create a new application key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$params = @{ - ApplicationId = $application.Id - CustomKeyIdentifier = 'EntraPowerShellKey' - StartDate = '2024-03-21T14:14:14Z' - Type = 'Symmetric' - Usage = 'Sign' - Value = '' -} -New-EntraBetaApplicationKeyCredential @params -``` - -```Output -CustomKeyIdentifier : {84, 101, 115, 116} -EndDate : 2024-03-21T14:14:14Z -KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 -StartDate : 2025-03-21T14:14:14Z -Type : Symmetric -Usage : Sign -Value : {49, 50, 51} -``` - -This example shows how to create an application key credential. - -- `-ApplicationId` Specifies a unique ID of an application -- `-CustomKeyIdentifier` Specifies a custom key ID. -- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. -- `-Type` Specifies the type of the key. -- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. -- `-Value` Specifies the value for the key. - -You can use the `Get-EntraBetaApplication` cmdlet to retrieve the application Object ID. - -### Example 2: Use a certificate to add an application key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object -$cer.Import('C:\Users\ContosoUser\appcert.cer') -$bin = $cer.GetRawCertData() -$base64Value = [System.Convert]::ToBase64String($bin) -$bin = $cer.GetCertHash() -$base64Thumbprint = [System.Convert]::ToBase64String($bin) -$keyid = [System.Guid]::NewGuid().ToString() - -$params = @{ - ApplicationId = $application.Id - CustomKeyIdentifier = $base64Thumbprint - Type = 'AsymmetricX509Cert' - Usage = 'Verify' - Value = $base64Value - StartDate = $cer.GetEffectiveDateString() - EndDate = $cer.GetExpirationDateString() -} -New-EntraBetaApplicationKeyCredential @params -``` - -This example shows how to create an application key credential. - -- `-ApplicationId` Specifies a unique ID of an application -- `-CustomKeyIdentifier` Specifies a custom key ID. -- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. -- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. -- `-Type` Specifies the type of the key. -- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. -- `-Value` Specifies the value for the key. - -## Parameters - -### -CustomKeyIdentifier - -Specifies a custom key ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -EndDate - -Specifies the time when the key becomes invalid as a DateTime object. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -Specifies the time when the key becomes valid as a DateTime object. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Type - -Specifies the type of the key. - -```yaml -Type: KeyType -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Usage - -Specifies the key usage. - -- `AsymmetricX509Cert`: The usage must be `Verify`. -- `X509CertAndPassword`: The usage must be `Sign`. - -```yaml -Type: KeyUsage -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Value - -Specifies the value for the key. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) - -[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md deleted file mode 100644 index 2e7e9cb4b9..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md +++ /dev/null @@ -1,115 +0,0 @@ ---- -title: New-EntraBetaApplicationPassword -description: This article provides details on the New-EntraBetaApplicationPassword command. - -ms.topic: reference -ms.date: 08/02/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword - -schema: 2.0.0 ---- - -# New-EntraBetaApplicationPassword - -## Synopsis - -Adds a strong password to an application. - -## Syntax - -```powershell -New-EntraBetaApplicationPassword - -ObjectId - -PasswordCredential - [] -``` - -## Description - -Adds a strong password to an application. - -## Examples - -### Example 1: Add a password to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$passwordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential -$passwordCredential.StartDateTime = Get-Date -Year 2024 -Month 10 -Day 23 -$passwordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 -$passwordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('ERP App Password') -$passwordCredential.Hint = 'erpapppassword' -$passwordCredential.DisplayName = 'ERP App Password' -New-EntraBetaApplicationPassword -ObjectId $application.Id -PasswordCredential $passwordCredential -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- -{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM -``` - -This example adds a password to the specified application. - -- `-ObjectId` parameter specifies the unique identifier of the application. -- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. - -## Parameters - -### -ObjectId - -The unique identifier of the application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredential - -Represents a password credential associated with an application or a service principal. - -```yaml -Type: PasswordCredential -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -### Microsoft.Open.MSGraph.Model.PasswordCredential - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraBetaApplicationPassword](Remove-EntraBetaApplicationPassword.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md deleted file mode 100644 index 53f8cd9886..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md +++ /dev/null @@ -1,198 +0,0 @@ ---- -title: New-EntraBetaApplicationPasswordCredential -description: This article provides details on the New-EntraBetaApplicationPasswordCredential command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential - -schema: 2.0.0 ---- - -# New-EntraBetaApplicationPasswordCredential - -## Synopsis - -Creates a password credential for an application. - -## Syntax - -```powershell -New-EntraBetaApplicationPasswordCredential - -ApplicationId - [-CustomKeyIdentifier ] - [-StartDate ] - [-EndDate ] - [] -``` - -## Description - -The `New-EntraBetaApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. - -## Examples - -### Example 1: Create a password credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. - -### Example 2: Create a password credential using CustomKeyIdentifier parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDat - eTime -------------------- ----------- ----------- ---- ----- ---------- -------- -100 101 109 111 80 97 115 115 119 111 114 100 demoPassword 6/10/2026 7:43:45 AM 9tb tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_EaU6cqG 6/10/... -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-CustomKeyIdentifier` Speicifies unique binary identifier. - -### Example 3: Create a password credential using StartDate parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$startDate = (Get-Date).AddYears(0) -New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -StartDate $startDate -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-StartDate` Speicifies the date and time at which the password becomes valid. - -### Example 4: Create a password credential using EndDate parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$endDate = (Get-Date).AddYears(2) -New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -EndDate $endDate -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-EndDate` Speicifies The date and time at which the password expires. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -CustomKeyIdentifier - -A unique binary identifier. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -The date and time at which the password becomes valid. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -EndDate - -The date and time at which the password expires. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md deleted file mode 100644 index e48d0af50c..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md +++ /dev/null @@ -1,165 +0,0 @@ ---- -title: New-EntraBetaIdentityProvider -description: This article provides details on the New-EntraBetaIdentityProvider command. - - -ms.topic: reference -ms.date: 08/07/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider - -schema: 2.0.0 ---- - -# New-EntraBetaIdentityProvider - -## Synopsis - -Configure a new identity provider in the directory. - -## Syntax - -```powershell -New-EntraBetaIdentityProvider - -ClientId - -Type - -ClientSecret - [-Name ] - [] -``` - -## Description - -The `New-EntraBetaIdentityProvider` cmdlet is used to configure an identity provider in the directory. - -Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. - -Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. - -For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. - -The current set of identity providers can be: - -- Microsoft -- Google -- Facebook -- Amazon -- LinkedIn - -The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add Google identity provider - -```powershell -Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' -New-EntraBetaIdentityProvider -Type 'Google' -Name 'GoogleName' -ClientId 'Google123' -ClientSecret 'GoogleClientSecret' -``` - -```Output -Id DisplayName --- ----------- -Google-OAUTH GoogleName -``` - -This example adds a Google identity provider. - -- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. -- `-Name` parameter specifies the display name of the identity provider. -- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. -- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. - -## Parameters - -### -ClientId - -The client identifier for the application, obtained during the application's registration with the identity provider. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ClientSecret - -The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Name - -The display name of the identity provider. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Type - -The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. - -For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### None - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Set-EntraBetaIdentityProvider](Set-EntraBetaIdentityProvider.md) - -[Remove-EntraBetaIdentityProvider](Remove-EntraBetaIdentityProvider.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md deleted file mode 100644 index be03b5a2fd..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md +++ /dev/null @@ -1,113 +0,0 @@ ---- -title: New-EntraBetaPrivateAccessApplication -description: This article provides details on the New-EntraBetaPrivateAccessApplication command. - -ms.topic: reference -ms.date: 10/19/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# New-EntraBetaPrivateAccessApplication - -## Synopsis - -Creates a Private Access application and assigns a connector group to it. - -## Syntax - -```powershell -New-EntraBetaPrivateAccessApplication - -ApplicationName - [-ConnectorGroupId ] - [] -``` - -## Description - -The `New-EntraBetaPrivateAccessApplication` cmdlet creates a Private Access application and assigns a connector group to it. - -## Examples - -### Example 1: Create a new Private Access app and assign the default connector group - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' -``` - -This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to the default connector group. - -### Example 2: Create a new Private Access app and assign a specific connector group - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$connectorGroup = Get-EntraBetaApplicationProxyConnectorGroup -Filter "Name eq 'Contoso GSA Group'" -New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' -ConnectorGroupId $connectorGroup.Id -``` - -This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to a specific connector group. - -## Parameters - -### -ApplicationName - -The name of the new Private Access application. - -```yaml -Type: System.String -Parameter Sets: -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ConnectorGroupId - -Specifies a connector group to assign to the application. Use `Get-EntraBetaApplicationProxyConnectorGroup` to retrieve connector details or `New-EntraBetaApplicationProxyConnectorGroup` to create a new group. - -```yaml -Type: System.String -Parameter Sets: -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaPrivateAccessApplication](Get-EntraBetaPrivateAccessApplication.md) -[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) -[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) -[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) -[New-EntraBetaApplicationProxyConnectorGroup](New-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md deleted file mode 100644 index fd98e1a018..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md +++ /dev/null @@ -1,230 +0,0 @@ ---- -title: New-EntraBetaPrivateAccessApplicationSegment -description: This article provides details on the New-EntraBetaPrivateAccessApplicationSegment command. - -ms.topic: reference -ms.date: 07/18/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# New-EntraBetaPrivateAccessApplicationSegment - -## Synopsis - -Creates an application segment associated to a Private Access application. - -## Syntax - -```powershell -New-EntraBetaPrivateAccessApplicationSegment - -ApplicationId - -DestinationHost - -DestinationType - [-Protocol ] - [-Ports ] - [] -``` - -## Description - -The `New-EntraBetaPrivateAccessApplicationSegment` cmdlet creates an application segment associated to a Private Access application. - -## Examples - -### Example 1: Create a simple application segment - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$params = @{ - ApplicationId = $application.Id - DestinationHost = 'ssh.contoso.local' - Ports = 22 - Protocol = 'TCP' - DestinationType = 'FQDN' -} -New-EntraBetaPrivateAccessApplicationSegment @params -``` - -```Output -destinationHost : ssh.contoso.local -destinationType : FQDN -port : 0 -ports : {22-22} -protocol : tcp -id : cccc2222-dd33-4444-55ee-666666ffffff -``` - -### Example 2: Create an application segment using ranges of IPs and multiple ports - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$params = @{ - ApplicationId = $application.Id - DestinationHost = '192.168.1.100..192.168.1.110' - Ports = '22,3389' - Protocol = 'TCP,UDP' - DestinationType = 'ipRange' -} -New-EntraBetaPrivateAccessApplicationSegment @params -``` - -```Output -destinationHost : 192.168.1.100..192.168.1.110 -destinationType : ipRange -port : 0 -ports : {22-22, 3389-3389} -protocol : tcp,udp -id : cccc2222-dd33-4444-55ee-666666ffffff -``` - -### Example 3: Create application segment using an input file - -AppSegments.csv - -AppObjectId,DestHost,ports,protocol,type\ -00001111-aaaa-2222-bbbb-3333cccc4444,10.106.97.0/24,"1-21,23-442,444-65535","TCP,udp",ipRangeCidr\ -00001111-aaaa-2222-bbbb-3333cccc4444,10.106.96.0/24,"1-21,23-442,444-65535","udp",ipRangeCidr\ -00001111-aaaa-2222-bbbb-3333cccc4444,10.106.95.0/24,"1-21","udp",ipRangeCidr - -CreateAppSegments.ps1 - -```powershell -$csvFile = "C:\temp\AppSegments.csv" - -# Assuming the CSV file has columns named 'AppObjectId', 'DestHost', 'ports', 'protocol', 'type' -$variables = Import-Csv $csvFile - -# Loop through each row of the CSV and execute the command for each set of variables -foreach ($variable in $variables) { - $appObjectId = $variable.AppObjectId - $destHost = $variable.DestHost - $ports = $variable.ports -split "," - $protocol = $variable.protocol -split "," - $type = $variable.type - - # Execute the command - $params = @{ - ApplicationId = $appObjectId - DestinationHost = $destHost - Ports = $ports - Protocol = $protocol - DestinationType = $type - } - New-EntraBetaPrivateAccessApplicationSegment @params -} -``` - -## Parameters - -### -ApplicationId - -The object ID of a Private Access application object. - -```yaml -Type: System.String -Parameter Sets: -Aliases: ObjectId - -Required: True -Position: 1 -Default value: None -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - -### -DestinationHost - -Destination host for the application segment. It can be an IP address, a range of IPs (10.10.10.1..10.10.10.200), a CIDR range (10.1.1.0/24) or an FQDN (ssh.contoso.local). Additionally, DNS suffixes for Quick Access can be created with dnsSuffix. - -```yaml -Type: System.String -Parameter Sets: -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Ports - -Ports for the application segment. It can be a single port, a range (1..100) or a list (22,3389). - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Protocol - -Protocol for the application segment. It can be a single protocol (TCP) or a list (TCP,UDP). - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DestinationType - -Destination type for the application segment. It can be "ipAddress", "dnsSuffix", "ipRangeCidr", "ipRange", or "FQDN". - -```yaml -Type: System.String -Parameter Sets: -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) - -[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md deleted file mode 100644 index a8b77df288..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md +++ /dev/null @@ -1,398 +0,0 @@ ---- -title: New-EntraBetaServicePrincipal -description: This article provides details on the New-EntraBetaServicePrincipal command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal - -schema: 2.0.0 ---- - -# New-EntraBetaServicePrincipal - -## Synopsis - -Creates a service principal. - -## Syntax - -```powershell -New-EntraBetaServicePrincipal - [-AccountEnabled ] - [-Tags ] - [-DisplayName ] - [-AlternativeNames ] - -AppId - [-KeyCredentials ] - [-ReplyUrls ] - [-LogoutUrl ] - [-ServicePrincipalType ] - [-Homepage ] - [-AppRoleAssignmentRequired ] - [-PasswordCredentials ] - [-ServicePrincipalNames ] - [] -``` - -## Description - -Create a new service Principal. - -For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: - -- Application Administrator -- Cloud Application Administrator - -For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. - -## Examples - -### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -$params = @{ - AccountEnabled = $true - AppId = $application.AppId - AppRoleAssignmentRequired = $true - DisplayName = $application.DisplayName - Tags = {WindowsAzureActiveDirectoryIntegratedApp} -} -New-EntraBetaServicePrincipal @params -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. - -The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. - -- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-DisplayName` parameter specifies the service principal display name. -- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. - -### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -$params = @{ - AppId = $application.AppId - Homepage = 'https://localhost/home' - LogoutUrl = 'htpp://localhost/logout' - ReplyUrls = 'https://localhost/redirect' -} -New-EntraBetaServicePrincipal @params -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-Homepage` parameter specifies the home page or landing page of the application. -- `-LogoutUrl` parameter specifies the logout URL. -- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. - -### Example 3: Create a new service principal by KeyCredentials - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential -$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') -$startdate = Get-Date -Year 2024 -Month 07 -Day 23 -$creds.StartDate = $startdate -$creds.Type = 'Symmetric' -$creds.Usage = 'Sign' -$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') -$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" - -New-EntraBetaServicePrincipal -AppId $application.AppId -KeyCredentials $creds -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. - -### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'" -New-EntraBetaServicePrincipal -AppId $application.AppId -AlternativeNames 'sktest2' -ServicePrincipalType 'Application' -ServicePrincipalNames $application.AppId -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-AlternativeNames` parameter specifies the alternative names for this service principal. -- `-ServicePrincipalType` parameter specifies the type of the service principal. -- `-ServicePrincipalNames` parameter specifies an array of service principal names. - -## Parameters - -### -AccountEnabled - -True if the service principal account is enabled; otherwise, false. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AlternativeNames - -The alternative names for this service principal. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppId - -The unique identifier for the associated application (its appId property). - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoleAssignmentRequired - -Indicates whether an application role assignment is required. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the service principal display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Homepage - -Home page or landing page of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -The collection of key credentials associated with the service principal. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -LogoutUrl - -Specifies the logout URL. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PasswordCredentials - -The collection of password credentials associated with the application. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ReplyUrls - -The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalNames - -Specifies an array of service principal names. -Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. -A client uses ServicePrincipalNames to: - -- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. -- Specify a resource URI to acquire an access token, which is the URI returned in the claim. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalType - -The type of the service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Tags linked to this service principal. - -Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) - -[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md deleted file mode 100644 index b69f1f5ed2..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,227 +0,0 @@ ---- -title: New-EntraBetaServicePrincipalAppRoleAssignment -description: This article provides details on the New-EntraBetaServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# New-EntraBetaServicePrincipalAppRoleAssignment - -## Synopsis - -Assigns a service principal to an application role. - -## Syntax - -```powershell -New-EntraBetaServicePrincipalAppRoleAssignment - -ResourceId - -Id - -ObjectId - -PrincipalId - [] -``` - -## Description - -The `New-EntraBetaServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Assign an app role to a service principal - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$resourceServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Microsoft Graph'" -$appRole = $resourceServicePrincipal.AppRoles | Where-Object { $_.Value -eq "User.ReadBasic.All" } - -New-EntraBetaServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -Id $appRole.Id -ResourceId $resourceServicePrincipal.Id -``` - -### Example 2: Assign an app role to another service principal - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" -New-EntraBetaServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -ResourceId $servicePrincipalObject.Id -Id $servicePrincipalObject.Approles[1].Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd -``` - -This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. - -- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. -- `-ResourceId`parameter specifies the ObjectId of the resource service principal. -- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. -- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. - -### Example 3: Assign an app role to a user - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" -$user = Get-EntraBetaUser -UserId 'PattiF@Contoso.com' - -New-EntraBetaServicePrincipalAppRoleAssignment ` - -ObjectId $servicePrincipalObject.Id ` - -ResourceId $servicePrincipalObject.Id ` - -Id $servicePrincipalObject.Approles[1].Id ` - -PrincipalId $user.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee -``` - -This example demonstrates how to assign an app role to a user in Microsoft Entra ID. -You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. -You can use the command `Get-EntraBetaUser` to get a user Id. - -- `-ObjectId` parameter specifies the ObjectId of the app's service principal. -- `-ResourceId`parameter specifies the ObjectId of the app's service principal. -- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. -- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. - -### Example 4: Assign an app role to a group - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipalObject = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Box'" -$group = Get-EntraBetaGroup -Filter "displayName eq 'Contoso marketing'" - -New-EntraBetaServicePrincipalAppRoleAssignment ` - -ObjectId $servicePrincipalObject.Id ` - -ResourceId $servicePrincipalObject.Id ` - -Id $servicePrincipalObject.Approles[1].Id ` - -PrincipalId $group.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff -``` - -This example demonstrates how to assign an app role to a group in Microsoft Entra ID. -You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. -You can use the command `Get-EntraBetaGroup` to get a group Id. - -- `-ObjectId` parameter specifies the ObjectId of the app's service principal. -- `-ResourceId`parameter specifies the ObjectId of the app's service principal. -- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. -- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. - -## Parameters - -### -Id - -Specifies the ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PrincipalId - -Specifies a principal ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ResourceId - -Specifies a resource ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`New-EntraBetaServiceAppRoleAssignment` is an alias for `New-EntraBetaServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) - -[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md deleted file mode 100644 index ca656bfb08..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,160 +0,0 @@ ---- -title: New-EntraBetaServicePrincipalPasswordCredential -description: This article provides details on the New-EntraBetaServicePrincipalPasswordCredential command. - - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# New-EntraBetaServicePrincipalPasswordCredential - -## Synopsis - -Creates a password credential for a service principal. - -## Syntax - -```powershell -New-EntraBetaServicePrincipalPasswordCredential - -ServicePrincipalId - [-EndDate ] - [-StartDate ] - [] -``` - -## Description - -The `New-EntraBetaServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Create a password credential with StartDate - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -New-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -StartDate '2024-11-04T14:14:14Z' -``` - -```Output -secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u -@odata.type : #microsoft.graph.servicePrincipal -endDateTime : 08-08-2026 10:30:00 -hint : LY. -customKeyIdentifier : -startDateTime : 08-08-2024 14:14:14 -keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 -@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword -displayName : -StartDate : 08-08-2024 14:14:14 -EndDate : 08-08-2026 10:30:00 -``` - -This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-StarteDate` parameter specifies the date and time at which the password becomes valid. - -### Example 2: Create a password credential with EndDate - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -New-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -EndDate '2024-11-04T14:14:14Z' -``` - -```Output -secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u -@odata.type : #microsoft.graph.servicePrincipal -endDateTime : 08-08-2026 10:30:00 -hint : LY. -customKeyIdentifier : -startDateTime : 08-08-2024 14:14:14 -keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 -@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword -displayName : -StartDate : 08-08-2024 14:14:14 -EndDate : 08-08-2026 10:30:00 -``` - -This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. - -## Parameters - -### -EndDate - -The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of the service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) - -[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md deleted file mode 100644 index 151a8a191d..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md +++ /dev/null @@ -1,191 +0,0 @@ ---- -title: New-EntraBetaTrustFrameworkPolicy -description: This article provides details on the New-EntraBetaTrustFrameworkPolicy command. - - -ms.topic: reference -ms.date: 08/14/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy - -schema: 2.0.0 ---- - -# New-EntraBetaTrustFrameworkPolicy - -## Synopsis - -This cmdlet is used to create a trust framework policy (custom policy) in the directory. - -## Syntax - -### Content (Default) - -```powershell -New-EntraBetaTrustFrameworkPolicy - -Content - [-OutputFilePath ] - [] -``` - -### File - -```powershell -New-EntraBetaTrustFrameworkPolicy - -InputFilePath - [-OutputFilePath ] - [] -``` - -## Description - -The `New-EntraBetaTrustFrameworkPolicy` cmdlet is used to create a trust framework policy in the directory. - -In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. - -## Examples - -### Example 1: Creates a trust framework policy from the content specified - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string -New-EntraBetaTrustFrameworkPolicy -Content $policyContent -``` - -The example creates a trust framework policy from the content specified. - -The contents of newly created trust framework policy are displayed on screen. - -- `-Content` Parameter specifies the content of the trust framework policy to be created. - -### Example 2: creates a trust framework policy - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string -$params = @{ - Content = $policyContent - OutputFilePath = 'C:\CreatedPolicy.xml' -} -New-EntraBetaTrustFrameworkPolicy @params -``` - -The example creates a trust framework policy from the content specified. - -The contents of newly created trust framework policy are written to file mentioned in output file path. - -- `-Content` Parameter specifies the content of the trust framework policy to be created. -- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. - -### Example 3: Creates a trust framework policy from the file mentioned in InputFilePath - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$params = @{ - InputFilePath = 'C:\InputPolicy.xml' - OutputFilePath = 'C:\CreatedPolicy.xml' -} -New-EntraBetaTrustFrameworkPolicy @params -``` - -The example creates a trust framework policy from the file mentioned in InputFilePath. - -The contents of newly created trust framework policy are written to file mentioned in output file path. - -- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. -- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. - -### Example 4: Creates a trust framework policy from the file mentioned in InputFilePath - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$params = @{ - InputFilePath = 'C:\InputPolicy.xml' -} -New-EntraBetaTrustFrameworkPolicy @params -``` - -The example creates a trust framework policy from the file mentioned in InputFilePath. - -The contents of newly created trust framework policy are displayed on screen. - -- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. - -## Parameters - -### -Content - -The content of the trust framework policy to be created. - -```yaml -Type: System.String -Parameter Sets: Content -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -InputFilePath - -Path to the file used for reading the contents of trust framework policy to be created. - -```yaml -Type: System.String -Parameter Sets: File -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OutputFilePath - -Path to the file used for writing the contents of newly created trust framework policy. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) - -[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) - -[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md deleted file mode 100644 index a797e423b9..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: Remove-EntraBetaAdministrativeUnit -description: This article provides details on the Remove-EntraBetaAdministrativeUnit command. - -ms.topic: reference -ms.date: 07/03/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit - -schema: 2.0.0 ---- - -# Remove-EntraBetaAdministrativeUnit - -## Synopsis - -Removes an administrative unit. - -## Syntax - -```powershell -Remove-EntraBetaAdministrativeUnit - -AdministrativeUnitId - [] -``` - -## Description - -The `Remove-EntraBetaAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. - -To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. - -## Examples - -### Example 1: Remove an administrative unit - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -``` - -This command removes the specified administrative unit from Microsoft Entra ID. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) - -[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) - -[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md deleted file mode 100644 index c330ad1f72..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Remove-EntraBetaAdministrativeUnitMember -description: This article provides details on the Remove-EntraBetaAdministrativeUnitMember command. - -ms.topic: reference -ms.date: 07/04/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Remove-EntraBetaAdministrativeUnitMember - -## Synopsis - -Removes an administrative unit member. - -## Syntax - -```powershell -Remove-EntraBetaAdministrativeUnitMember - -AdministrativeUnitId - -MemberId - [] -``` - -## Description - -The `Remove-EntraBetaAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. - -To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. - -## Examples - -### Example 1: Remove an administrative unit member - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.Read.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$adminUnitMember = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id | Select-Object Id, DisplayName,'@odata.type' | Where-Object {$_.DisplayName -eq 'Saywer Miller'} -Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -MemberId $adminUnitMember.Id -``` - -This command removes a specified member (user or group) from a specified administrative unit. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-MemberId` parameter specifies the ID of the administrative unit member. - -## Parameters - -### -MemberId - -Specifies the ID of the administrative unit member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) - -[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) - -[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md deleted file mode 100644 index 37770322af..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: Remove-EntraBetaApplication -description: This article provides details on the Remove-EntraBetaApplication command. - -ms.topic: reference -ms.date: 06/17/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplication - -## Synopsis - -Deletes an application object. - -## Syntax - -```powershell -Remove-EntraBetaApplication - -ApplicationId - [] -``` - -## Description - -The `Remove-EntraBetaApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. - -## Examples - -### Example 1: Remove an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraBetaApplication -ApplicationId $application.Id -``` - -This example demonstrates how to delete an application object. - -### Example 2: Remove an application using pipelining - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" | Remove-EntraBetaApplication -``` - -This example demonstrates how to delete an application object using pipelining. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[New-EntraBetaApplication](New-EntraBetaApplication.md) - -[Set-EntraBetaApplication](Set-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md deleted file mode 100644 index 5983dff994..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraBetaApplicationExtensionProperty -description: This article provides details on the Remove-EntraBetaApplicationExtensionProperty command. - -ms.topic: reference -ms.date: 08/06/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationExtensionProperty - -## Synopsis - -Removes an application extension property. - -## Syntax - -```powershell -Remove-EntraBetaApplicationExtensionProperty - -ApplicationId - -ExtensionPropertyId - [] -``` - -## Description - -The `Remove-EntraBetaApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an application extension property - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$extension = Get-EntraApplicationExtensionProperty -ApplicationId $application.Id | Where-Object {$_.Name -eq 'extension_3ed1a24748dd4e4cb91fc0ab09576ff0_NewAttribute'} -Remove-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id -ExtensionPropertyId $extension.Id -``` - -This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. - -## Parameters - -### -ExtensionPropertyId - -Specifies the unique ID of the extension property to remove. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) - -[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md deleted file mode 100644 index 5e0d442a7d..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Remove-EntraBetaApplicationKey -description: This article provides details on the Remove-EntraBetaApplicationKey command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationKey - -## Synopsis - -Removes a key from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationKey - -ObjectId - [-KeyId ] - [-Proof ] - [] -``` - -## Description - -Removes a key from an application. - -## Examples - -### Example 1: Remove a key credential from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraBetaApplicationKey -ObjectId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -Proof '{token}' -``` - -This command removes the specified key credential from the specified application. - -- `-ObjectId` parameter specifies the unique identifier of an application. -- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. -- `-Proof` parameter specifies the JWT token provided as a proof of possession. - -## Parameters - -### -ObjectId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -KeyId - -The key Id corresponding to the key object to be removed. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Proof - -The JWT token provided as a proof of possession. - -A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: - -- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. -- `iss`: Issuer needs to be the ID of the application that initiates the request. -- `nbf`: Not before time. -- `exp`: Expiration time should be the value of nbf + 10 minutes. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaApplicationKey](New-EntraBetaApplicationKey.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md deleted file mode 100644 index 95dc3c5435..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraBetaApplicationKeyCredential -description: This article provides details on the Remove-EntraBetaApplicationKeyCredential command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationKeyCredential - -## Synopsis - -Removes a key credential from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationKeyCredential - -ApplicationId - -KeyId - [] -``` - -## Description - -The `Remove-EntraBetaApplicationKeyCredential` cmdlet removes a key credential from an application. - -An application can use this command along with `New-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. - -## Examples - -### Example 1: Remove a key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraBetaApplicationKeyCredential -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -``` - -This command removes the specified key credential from the specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-KeyId` Specifies a custom key ID. Use `Get-EntraBetaApplicationKeyCredential` to get the keyId details. - -## Parameters - -### -KeyId - -Specifies a custom key ID. The unique identifier for the password. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) - -[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md deleted file mode 100644 index daa12be0c4..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraBetaApplicationOwner -description: This article provides details on the Remove-EntraBetaApplicationOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationOwner - -## Synopsis - -Removes an owner from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationOwner - -OwnerId - -ApplicationId - [] -``` - -## Description - -The `Remove-EntraBetaApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an owner from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$owner = Get-EntraBetaApplicationOwner -ApplicationId $application.Id | Where-Object {$_.userPrincipalName -eq 'SawyerM@contoso.com'} -Remove-EntraBetaApplicationOwner -ApplicationId $application.Id -OwnerId $owner.Id -``` - -This example removes the specified owner from the specified application. You can use the command `Get-EntraBetaApplication` to get application Id. - -- `-ApplicationId` parameter specifies the the unique identifier of a application. -- `-OwnerId` parameter specifies the ID of the owner. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OwnerId - -Specifies the ID of the owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) - -[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md deleted file mode 100644 index 7e6b560acb..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: Remove-EntraBetaApplicationPassword -description: This article provides details on the Remove-EntraBetaApplicationPassword command. - -ms.topic: reference -ms.date: 08/02/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationPassword - -## Synopsis - -Remove a password from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationPassword - -ObjectId - [-KeyId ] - [] -``` - -## Description - -Remove a password from an application. - -## Examples - -### Example 1: Removes a password from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$applicationPassword = Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} -Remove-EntraBetaApplicationPassword -ObjectId $application.Id -KeyId $applicationPassword.KeyId -``` - -This example removes the specified password from the specified application. - -- `-ObjectId` parameter specifies the unique identifier of the application. -- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. - -## Parameters - -### -ObjectId - -The unique identifier of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -KeyId - -The unique identifier for the key. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[New-EntraBetaApplicationPassword](New-EntraBetaApplicationPassword.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md deleted file mode 100644 index 591f43afc8..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraBetaApplicationPasswordCredential -description: This article provides details on the Remove-EntraBetaApplicationPasswordCredential command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationPasswordCredential - -## Synopsis - -Removes a password credential from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationPasswordCredential - -ApplicationId - -KeyId - [] -``` - -## Description - -The `Remove-EntraBetaApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an application password credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk Application'" -$applicationPassword = Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} -Remove-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -KeyId $applicationPassword.KeyId -``` - -This example demonstrates how to remove the password credential for an application. - -- `ApplicationId` Specifies the ID of the application. Use `Get-EntraBetaApplication` to get application ApplicationId value. -- `KeyId` Specifies the ID of the password credential. Use `Get-EntraBetaApplicationPasswordCredential` to retrieve a specific credential details. - -## Parameters - -### -KeyId - -Specifies the ID of the password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of the application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[Get-EntraBetaApplicationPasswordCredential](Get-EntraBetaApplicationPasswordCredential.md) - -[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md deleted file mode 100644 index e13292eb59..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md +++ /dev/null @@ -1,84 +0,0 @@ ---- -title: Remove-EntraBetaApplicationVerifiedPublisher -description: This article provides details on the Remove-EntraBetaApplicationVerifiedPublisher command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher - -schema: 2.0.0 ---- - -# Remove-EntraBetaApplicationVerifiedPublisher - -## Synopsis - -Removes the verified publisher from an application. - -## Syntax - -```powershell -Remove-EntraBetaApplicationVerifiedPublisher - -AppObjectId - [] -``` - -## Description - -Removes the verified publisher from an application. - -## Examples - -### Example 1: Remove the verified publisher from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk Application'" -Remove-EntraBetaApplicationVerifiedPublisher -AppObjectId $application.Id -``` - -This command demonstrates how to remove the verified publisher from an application. - -- `-AppObjectId` parameter specifies the unique identifier of an application. - -## Parameters - -### -AppObjectId - -The unique identifier of a Microsoft Entra ID Application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[Set-EntraBetaApplicationVerifiedPublisher](Set-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md deleted file mode 100644 index e802683448..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: Remove-EntraBetaDeletedApplication -description: This article provides details on the Remove-EntraBetaDeletedApplication command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication - -schema: 2.0.0 ---- - -# Remove-EntraBetaDeletedApplication - -## Synopsis - -Permanently delete a recently deleted application object from deleted items. - -## Syntax - -```powershell -Remove-EntraBetaDeletedApplication - [-ObjectId] - [] -``` - -## Description - -Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. - -## Examples - -### Example 1: Remove deleted application object - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' -Remove-EntraBetaDeletedApplication -ObjectId $deletedApplication.Id -``` - -This command removes recently deleted application. You can use the command `Get-EntraBetaDeletedApplication` to get deleted application Id. - -- `-ObjectId` parameter specifies the Id of a deleted application. - -### Example 2: Remove deleted application using pipelining - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -Get-EntraBetaDeletedApplication -Filter "DisplayName eq 'My PowerShell Application'" | Remove-EntraBetaDeletedApplication -``` - -This command removes recently deleted application using pipelining. - -## Parameters - -### -ObjectId - -The unique identifier of deleted application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 0 -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Restore-EntraBetaDeletedApplication](Restore-EntraBetaDeletedApplication.md) - -[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md deleted file mode 100644 index 53604c5f7c..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md +++ /dev/null @@ -1,96 +0,0 @@ ---- -title: Remove-EntraBetaDeletedDirectoryObject -description: This article provides details on the Remove-EntraBetaDeletedDirectoryObject command. - - -ms.topic: reference -ms.date: 08/07/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject - -schema: 2.0.0 ---- - -# Remove-EntraBetaDeletedDirectoryObject - -## Synopsis - -Permanently delete a previously deleted directory object. - -## Syntax - -```powershell -Remove-EntraBetaDeletedDirectoryObject - -Id - [] -``` - -## Description - -The `Remove-EntraBetaDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. - -When a directory object is permanently deleted, it can no longer be restored. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- To permanently delete applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. -- To permanently delete users: `User Administrator`. -- To permanently delete groups: `Groups Administrator`. - -## Examples - -### Example 1: Delete a previously deleted directory object - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' -$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' -Remove-EntraBetaDeletedDirectoryObject -DirectoryObjectId $deletedApplication.Id -``` - -This example demonstrates how to permanently delete a previously deleted directory object by ID. - -- `-Id` parameter specifies the ID of the directory object that is permanently deleted. - -## Parameters - -### -Id - -The ID of the directory object that is permanently deleted. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraBetaDeletedDirectoryObject](Get-EntraBetaDeletedDirectoryObject.md) - -[Restore-EntraBetaDeletedDirectoryObject](Restore-EntraBetaDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md deleted file mode 100644 index e74c8e9db1..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: Remove-EntraBetaPrivateAccessApplicationSegment -description: This article provides details on the Remove-EntraBetaPrivateAccessApplicationSegment command. - -ms.topic: reference -ms.date: 07/18/2024 -ms.author: eunicewaweru -reviewer: andres-canello -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: -schema: 2.0.0 ---- - -# Remove-EntraBetaPrivateAccessApplicationSegment - -## Synopsis - -Removes an application segment associated to a Private Access application. - -## Syntax - -```powershell -Remove-EntraBetaPrivateAccessApplicationSegment - -ApplicationId - [-ApplicationSegmentId ] - [] -``` - -## Description - -The `Remove-EntraBetaPrivateAccessApplicationSegment` cmdlet removes application segments associated to a Private Access application. - -## Examples - -### Example 1: Delete an application segment - -```powershell -Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "displayName eq ''" -$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} -Remove-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id -``` - -This example shows how to remove an application segment associated to a Private Access application. - -- `ApplicationId` is the application Object ID of the Private Access Application. -- `ApplicationSegmentId` is the application segment identifier to be deleted. - -## Parameters - -### -ApplicationId - -The object ID of a Private Access application object. - -```yaml -Type: System.String -Parameter Sets: -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName) -Accept wildcard characters: False -``` - -### -ApplicationSegmentId - -The application segment ID of the application segment to be deleted. - -```yaml -Type: System.String -Parameter Sets: -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## RELATED LINKS - -[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) - -[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md deleted file mode 100644 index 99075c6517..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Remove-EntraBetaScopedRoleMembership -description: This article provides details on the Remove-EntraBetaScopedRoleMembership command. - - -ms.topic: reference -ms.date: 07/06/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership - -schema: 2.0.0 ---- - -# Remove-EntraBetaScopedRoleMembership - -## Synopsis - -Removes a scoped role membership. - -## Syntax - -```powershell -Remove-EntraBetaScopedRoleMembership - -AdministrativeUnitId - -ScopedRoleMembershipId - [] -``` - -## Description - -The `Remove-EntraBetaScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. - -## Examples - -### Example 1: Remove a scoped role membership - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMembership = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} -Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id -``` - -This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraBetaScopedRoleMembership` command. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ScopedRoleMembershipId - -Specifies the ID of the scoped role membership to remove. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) - -[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md deleted file mode 100644 index 361d8dfa18..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md +++ /dev/null @@ -1,85 +0,0 @@ ---- -title: Remove-EntraBetaServicePrincipal -description: This article provides details on the Remove-EntraBetaServicePrincipal command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal - -schema: 2.0.0 ---- - -# Remove-EntraBetaServicePrincipal - -## Synopsis - -Removes a service principal. - -## Syntax - -```powershell -Remove-EntraBetaServicePrincipal - -ServicePrincipalId - [] -``` - -## Description - -The `Remove-EntraBetaServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Removes a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" | Remove-EntraBetaServicePrincipal -``` - -This example demonstrates how to remove a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) - -[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md deleted file mode 100644 index 7544b102a2..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Remove-EntraBetaServicePrincipalAppRoleAssignment -description: This article provides details on the Remove-EntraBetaServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# Remove-EntraBetaServicePrincipalAppRoleAssignment - -## Synopsis - -Removes a service principal application role assignment. - -## Syntax - -```powershell -Remove-EntraBetaServicePrincipalAppRoleAssignment - -ServicePrincipalId - -AppRoleAssignmentId - [] -``` - -## Description - -The `Remove-EntraBetaServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. - -App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Removes a service principal application role assignment - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$group = Get-EntraBetaGroup -Filter "displayName eq 'Contoso marketing'" -$assignment = Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PrincipalId -eq $group.Id} -Remove-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -AppRoleAssignmentId $assignment.Id -``` - -This example demonstrates how to remove a service principal application role assignment for a group in Microsoft Entra ID. - -- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. -- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. - -## Parameters - -### -AppRoleAssignmentId - -Specifies the ID of the application role assignment. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Remove-EntraBetaServiceAppRoleAssignment` is an alias for `Remove-EntraBetaServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) - -[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md deleted file mode 100644 index a82ee36d44..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraBetaServicePrincipalDelegatedPermissionClassification -description: This article provides details on the Remove-EntraBetaServicePrincipalDelegatedPermissionClassification command. - - -ms.topic: reference -ms.date: 08/01/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification - -schema: 2.0.0 ---- - -# Remove-EntraBetaServicePrincipalDelegatedPermissionClassification - -## Synopsis - -Remove delegated permission classification. - -## Syntax - -```powershell -Remove-EntraBetaServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - -Id - [] -``` - -## Description - -The `Remove-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. - -## Examples - -### Example 1: Remove a delegated permission classification - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$permissionClassification = Get-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PermissionName -eq 'Sites.Read.All'} -Remove-EntraBetaServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id -``` - -This command deletes the delegated permission classification by Id from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. -- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. - -## Parameters - -### -ServicePrincipalId - -The unique identifier of a service principal object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Id - -The unique identifier of a delegated permission classification object Id. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) - -[Get-EntraBetaServicePrincipalDelegatedPermissionClassification](Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md deleted file mode 100644 index 4f43f5cf75..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraBetaServicePrincipalOwner -description: This article provides details on the Remove-EntraBetaServicePrincipalOwner command. - -ms.topic: reference -ms.date: 07/29/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner - -schema: 2.0.0 ---- - -# Remove-EntraBetaServicePrincipalOwner - -## Synopsis - -Removes an owner from a service principal. - -## Syntax - -```powershell -Remove-EntraBetaServicePrincipalOwner - -OwnerId - -ServicePrincipalId - [] -``` - -## Description - -The `Remove-EntraBetaServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Removes an owner from a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$ownership = Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -$owner = $ownership | Where-Object {$_.userPrincipalName -eq 'SawyerM@Contoso.com' } -Remove-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -OwnerId $owner.Id -``` - -This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal Id. -- `-OwnerId` parameter specifies the service principal owner Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OwnerId - -Specifies the ID of the owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) - -[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md deleted file mode 100644 index 99980f5ec1..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Remove-EntraBetaServicePrincipalPasswordCredential -description: This article provides details on the Remove-EntraBetaServicePrincipalPasswordCredential command. - -ms.topic: reference -ms.date: 07/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# Remove-EntraBetaServicePrincipalPasswordCredential - -## Synopsis - -Removes a password credential from a service principal. - -## Syntax - -```powershell -Remove-EntraBetaServicePrincipalPasswordCredential - -ServicePrincipalId - -KeyId - [] -``` - -## Description - -The `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Remove a password credential from a service principal in Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$key = Get-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -$key = $key | Where-Object {$_.DisplayName -eq 'My Password friendly name'} -Remove-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.KeyId -``` - -This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ObjectId of a specified Service Principal Password Credential. -- `-KeyId` parameter specifies the unique identifier of a Password Credential. - -## Parameters - -### -KeyId - -Specifies the unique identifier of password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) - -[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md deleted file mode 100644 index 0c0805d7fa..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Remove-EntraBetaTrustFrameworkPolicy -description: This article provides details on the Remove-EntraBetaTrustFrameworkPolicy command. - - -ms.topic: reference -ms.date: 08/08/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy - -schema: 2.0.0 ---- - -# Remove-EntraBetaTrustFrameworkPolicy - -## Synopsis - -Deletes a trust framework policy (custom policy) in the Microsoft Entra ID. - -## Syntax - -```powershell -Remove-EntraBetaTrustFrameworkPolicy - -Id - [] -``` - -## Description - -The `Remove-EntraBetaTrustFrameworkPolicy` cmdlet deletes a trust framework policy in the Microsoft Entra ID. The trust framework policy is permanently deleted. - -In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. - -## Examples - -### Example 1: Removes the specified trust framework policy - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -Remove-EntraBetaTrustFrameworkPolicy -Id 'B2C_1A_signup_signin' -``` - -This example removes the specified trust framework policy. - -- `-Id` parameter specifies unique identifier for a trust framework policy. - -## Parameters - -### -Id - -The unique identifier for a trust framework policy. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) - -[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) - -[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md deleted file mode 100644 index ac138ace93..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Restore-EntraBetaDeletedApplication -description: This article provides details on the Restore-EntraBetaDeletedApplication Command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication - -schema: 2.0.0 ---- - -# Restore-EntraBetaDeletedApplication - -## Synopsis - -Restores a previously deleted application. - -## Syntax - -```powershell -Restore-EntraBetaDeletedApplication - -ObjectId - [-IdentifierUris ] - [] -``` - -## Description - -This cmdlet restores a previously deleted application. - -Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- Application Administrator -- Cloud Application Administrator -- Hybrid Identity Administrator - -## Examples - -### Example 1: Restores a previously deleted application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$deletedApplication = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' -Restore-EntraBetaDeletedApplication -ObjectId $deletedApplication.Id -``` - -```Output -Id DeletedDateTime --- --------------- -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraBetaDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraBetaDeletedApplication` cmdlet. - -- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. - -## Parameters - -### -IdentifierUris - -The IdentifierUris of the application that is to be restored. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -The ObjectId of the deleted application that is to be restored. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Remove-EntraBetaDeletedApplication](Remove-EntraBetaDeletedApplication.md) - -[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md deleted file mode 100644 index cc4f5fa713..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Select-EntraBetaGroupIdsServicePrincipalIsMemberOf -description: This article provides details on the Select-EntraBetaGroupIdsServicePrincipalIsMemberOf command. - - -ms.topic: reference -ms.date: 07/31/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf - -schema: 2.0.0 ---- - -# Select-EntraBetaGroupIdsServicePrincipalIsMemberOf - -## Synopsis - -Selects the groups in which a service principal is a member. - -## Syntax - -```powershell -Select-EntraBetaGroupIdsServicePrincipalIsMemberOf - -ObjectId - -GroupIdsForMembershipCheck - [] -``` - -## Description - -The `Select-EntraBetaGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. - -## Examples - -### Example 1: Get the group membership of a group for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck -$group.GroupIds = (Get-EntraBetaGroup -Top 10).Id -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" -Select-EntraBetaGroupIdsServicePrincipalIsMemberOf -ObjectId $servicePrincipal.Id -GroupIdsForMembershipCheck $group -``` - -```Output -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -``` - -This command gets the group membership of a group for a specified service principal. Use the command `Get-EntraBetaGroup` to get group Id and `Get-EntraBetaServicePrincipal` to get service principal Id. - -- `-ObjectId` parameter specifies the service principal Id. -- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. - -## Parameters - -### -GroupIdsForMembershipCheck - -Specifies an array of group object IDs. - -```yaml -Type: GroupIdsForMembershipCheck -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md deleted file mode 100644 index 4f4809f235..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md +++ /dev/null @@ -1,154 +0,0 @@ ---- -title: Set-EntraBetaAdministrativeUnit -description: This article provides details on the Set-EntraBetaAdministrativeUnit command. - -ms.topic: reference -ms.date: 07/03/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit - -schema: 2.0.0 ---- - -# Set-EntraBetaAdministrativeUnit - -## Synopsis - -Updates an administrative unit. - -## Syntax - -```powershell -Set-EntraBetaAdministrativeUnit - -AdministrativeUnitId - [-IsMemberManagementRestricted ] - [-Description ] - [-DisplayName ] - [] -``` - -## Description - -The `Set-EntraBetaAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. - -In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. - -The Privileged Role Administrator is the least privileged role required for this operation. - -## Examples - -### Example 1: Update DisplayName and description - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -Set-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -DisplayName 'Pacific Admin Unit' -Description 'Pacific Admin Unit Description' -``` - -This Command update DisplayName of specific administrative unit. - -- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. -- `-DisplayName` parameter specifies the display name for the administrative unit. -- `-Description` parameter specifies the description for the administrative unit. - -### Example 2: Update IsMemberManagementRestricted - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" -Set-EntraBetaAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -IsMemberManagementRestricted $True -``` - -This example shows how to update the `IsMemberManagementRestricted` setting for a specific administrative unit. - -- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. -- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. - -## Parameters - -### -Description - -Specifies a description. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies a display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsMemberManagementRestricted - -Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AdministrativeUnitId - -Specifies the Id of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) - -[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) - -[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md deleted file mode 100644 index 5dc53fcabf..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md +++ /dev/null @@ -1,548 +0,0 @@ ---- -title: Set-EntraBetaApplication -description: This article provides details on the Set-EntraBetaApplication command. - - -ms.topic: reference -ms.date: 06/19/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication - -schema: 2.0.0 ---- - -# Set-EntraBetaApplication - -## Synopsis - -Updates the properties of an application object. - -## Syntax - -```powershell -Set-EntraBetaApplication - -ApplicationId - [-Api ] - [-OptionalClaims ] - [-DisplayName ] - [-PreAuthorizedApplications ] - [-Web ] - [-IsFallbackPublicClient ] - [-RequiredResourceAccess ] - [-PublicClient ] - [-IsDeviceOnlyAuthSupported ] - [-OrgRestrictions ] - [-KeyCredentials ] - [-TokenEncryptionKeyId ] - [-IdentifierUris ] - [-ParentalControlSettings ] - [-GroupMembershipClaims ] - [-AddIns ] - [-Tags ] - [-AppRoles ] - [-PasswordCredentials ] - [-SignInAudience ] - [-InformationalUrl ] - [] -``` - -## Description - -Updates the properties of an application object. - -## Examples - -### Example 1: Update an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$params = @{ - ApplicationId = $application.Id - DisplayName = 'Contoso Entra PowerShell App Production' - IdentifierUris = 'https://contoso.com' - GroupMembershipClaims = 'SecurityGroup' - IsDeviceOnlyAuthSupported = $False - Tags = 'mytag' -} -Set-EntraBetaApplication @params -``` - -This command updates an application in Microsoft Entra ID. - -### Example 2: Update an application using IdentifierUris parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraBetaApplication -ApplicationId $application.Id -IdentifierUris 'https://mynewapp.contoso.com' -``` - -This command updates an application in Microsoft Entra ID. - -### Example 3: Update an application using GroupMembershipClaims parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraBetaApplication -ApplicationId $application.Id -GroupMembershipClaims 'SecurityGroup' -``` - -This command updates an application in Microsoft Entra ID. - -### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraBetaApplication -ApplicationId $application.Id -IsDeviceOnlyAuthSupported $False -``` - -This command updates an application in Microsoft Entra ID. - -### Example 5: Update an application using Tags parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraBetaApplication -ApplicationId $application.Id -Tags 'mytag' -``` - -This command updates an application in Microsoft Entra ID. - -## Parameters - -### -AddIns - -Defines custom behavior that a consuming service can use to call an app in specific contexts. -For example, applications that can render file streams might set the addIns property for its "FileHandler" functionality. - -This lets services like Office 365 call the application in the context of a document the user is working on. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Api - -Specifies settings for an application that implements a web API. - -```yaml -Type: ApiApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoles - -The collection of application roles that an application might declare. - -These roles can be assigned to users, groups, or service principals. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupMembershipClaims - -Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IdentifierUris - -Specifies identifier Uniform Resource Identifiers (URIs). - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -InformationalUrl - -Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. - -The terms of service and privacy statement are surfaced to users through the user consent experience. - -```yaml -Type: InformationalUrl -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsDeviceOnlyAuthSupported - -Specifies if the application supports authentication using a device token. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsFallbackPublicClient - -Specifies the fallback application type as public client, such as an installed application running on a mobile device. - -The default value is `false` that means the fallback application type is confidential client such as web app. - -There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). - -In those cases Microsoft Entra ID interprets the application type based on the value of this property. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -Specifies key credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OptionalClaims - -Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. - -```yaml -Type: OptionalClaims -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -OrgRestrictions - -Reserved for future use. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ParentalControlSettings - -Specifies parental control settings for an application. - -```yaml -Type: ParentalControlSettings -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PasswordCredentials - -Specifies password credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PreAuthorizedApplications - -Lists applications and requested permissions for implicit consent. -Requires an admin to have provided consent to the application. - -preAuthorizedApplications don't require the user to consent to the requested permissions. -Permissions listed in preAuthorizedApplications don't require user consent. - -However, any additional requested permissions not listed in preAuthorizedApplications require user consent. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PublicClient - -Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. - -```yaml -Type: PublicClientApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -RequiredResourceAccess - -Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. - -This pre-configuration of required resource access drives the consent experience. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -SignInAudience - -Specifies what Microsoft accounts are supported for the current application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Custom strings that can be used to categorize and identify the application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -TokenEncryptionKeyId - -Specifies the keyId of a public key from the keyCredentials collection. - -When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. - -The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Web - -Specifies settings for a web application. - -```yaml -Type: WebApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### Boolean - -### Microsoft.Open.MSGraph.Model.ApiApplication - -### Microsoft.Open.MSGraph.Model.InformationalUrl - -### Microsoft.Open.MSGraph.Model.OptionalClaims - -### Microsoft.Open.MSGraph.Model.ParentalControlSettings - -### Microsoft.Open.MSGraph.Model.PublicClientApplication - -### Microsoft.Open.MSGraph.Model.WebApplication - -### String - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] - -### System.Collections.Generic.List`1[System.String] - -### System.Nullable`1[System.Boolean] - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaApplication](Get-EntraBetaApplication.md) - -[New-EntraBetaApplication](New-EntraBetaApplication.md) - -[Remove-EntraBetaApplication](Remove-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md deleted file mode 100644 index 39c31f8e71..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md +++ /dev/null @@ -1,122 +0,0 @@ ---- -title: Set-EntraBetaApplicationLogo -description: This article provides details on the Set-EntraBetaApplicationLogo command. - -ms.topic: reference -ms.date: 06/19/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo - -schema: 2.0.0 ---- - -# Set-EntraBetaApplicationLogo - -## Synopsis - -Sets the logo for an Application - -## Syntax - -### File (Default) - -```powershell -Set-EntraBetaApplicationLogo - -ApplicationId - -FilePath - [] -``` - -### Stream - -```powershell -Set-EntraBetaApplicationLogo - -ApplicationId - [] -``` - -### ByteArray - -```powershell -Set-EntraBetaApplicationLogo - -ApplicationId - [] -``` - -## Description - -The `Set-EntraBetaApplicationLogo` cmdlet is used to set the logo for an application. - -## Examples - -### Example 1: Sets the application logo for the application specified by the ApplicationId parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraBetaApplicationLogo -ApplicationId $application.Id -FilePath 'D:\applogo.jpg' -``` - -This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. - -## Parameters - -### -FilePath - -The file path of the file that is to be uploaded as the application logo. - -```yaml -Type: System.String -Parameter Sets: File -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -The ApplicationId of the Application for which the logo is set. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.IO.Stream System.Byte\[\] - -## Outputs - -### System.Object - -## Notes - -File uploads must be smaller than 500KB. - -## Related Links - -[Get-EntraBetaApplicationLogo](Get-EntraBetaApplicationLogo.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md deleted file mode 100644 index 4e5d3e16c6..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Set-EntraBetaApplicationVerifiedPublisher -description: This article provides details on the Set-EntraBetaApplicationVerifiedPublisher command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher - -schema: 2.0.0 ---- - -# Set-EntraBetaApplicationVerifiedPublisher - -## Synopsis - -Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. - -## Syntax - -```powershell -Set-EntraBetaApplicationVerifiedPublisher - -SetVerifiedPublisherRequest - -AppObjectId - [] -``` - -## Description - -Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. - -## Examples - -### Example 1: Set the verified publisher of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$mpnId = '0433167' -$req = @{verifiedPublisherId = $mpnId} -Set-EntraBetaApplicationVerifiedPublisher -AppObjectId $application.Id -SetVerifiedPublisherRequest $req -``` - -This command sets the verified publisher of an application. - -The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. - -- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. -- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. - -## Parameters - -### -AppObjectId - -The unique identifier of a Microsoft Entra ID Application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SetVerifiedPublisherRequest - -A request body object containing the verifiedPublisherId property it's the MPNID value. - -```yaml -Type: SetVerifiedPublisherRequest -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraBetaApplicationVerifiedPublisher](Remove-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md deleted file mode 100644 index 33be8158fd..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md +++ /dev/null @@ -1,415 +0,0 @@ ---- -title: Set-EntraBetaServicePrincipal -description: This article provides details on the Set-EntraBetaServicePrincipal command. - -ms.topic: reference -ms.date: 06/10/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal - -schema: 2.0.0 ---- - -# Set-EntraBetaServicePrincipal - -## Synopsis - -Updates a service principal. - -## Syntax - -```powershell -Set-EntraBetaServicePrincipal - -ServicePrincipalId - [-KeyCredentials ] - [-Homepage ] - [-AppId ] - [-LogoutUrl ] - [-ServicePrincipalType ] - [-AlternativeNames ] - [-PasswordCredentials ] - [-PreferredSingleSignOnMode ] - [-Tags ] - [-AccountEnabled ] - [-ServicePrincipalNames ] - [-AppRoleAssignmentRequired ] - [-DisplayName ] - [-ReplyUrls ] - [] -``` - -## Description - -The `Set-EntraBetaServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Disable the account of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AccountEnabled $false -``` - -This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-AccountEnabled` parameter specifies indicates whether the account is enabled. - -### Example 2: Update Homepage of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$homePage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -Homepage $homePage -``` - -This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-AppId` parameter specifies the application ID. -- `-Homepage` parameter specifies the home page or landing page of the application. - -### Example 3: Update AlternativeNames and DisplayName of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AlternativeNames 'Helpdesk Application Global' -DisplayName 'NewName' -``` - -This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 4: Update LogoutUrl and ReplyUrls of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$logoutUrl = 'https://securescore.office.com/SignOut' -$replyUrls = 'https://admin.contoso.com' -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -LogoutUrl $logoutUrl -ReplyUrls $replyUrls -``` - -This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-LogoutUrl` parameter specifies the sign out URL. -- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. - -### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -ServicePrincipalType 'Application' -AppRoleAssignmentRequired $True -``` - -This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-ServicePrincipalType` parameter specifies the service principal type. -- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. - -### Example 6: Update KeyCredentials of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential -$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') -$startdate = Get-Date -Year 2024 -Month 10 -Day 10 -$creds.StartDate = $startdate -$creds.Type = 'Symmetric' -$creds.Usage = 'Sign' -$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') -$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId -KeyCredentials $creds -``` - -This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. - -Use the `New-EntraBetaServicePrincipalPasswordCredential` and `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. - -### Example 7: Update PreferredSingleSignOnMode of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.Id -PreferredSingleSignOnMode 'saml' -``` - -This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. - -## Parameters - -### -AccountEnabled - -Indicates whether the account is enabled. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AlternativeNames - -The alternative names for this service principal. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppId - -Specifies the application ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoleAssignmentRequired - -Indicates whether an application role assignment is required. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Homepage - -Specifies the home page or landing page of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -Specifies key credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -LogoutUrl - -Specifies the sign out URL. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Species the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredentials - -Specifies password credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PreferredSingleSignOnMode - -Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ReplyUrls - -The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalNames - -Specifies service principal names. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalType - -The service principal type. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Specifies an array of tags. - -If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) - -[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) - -[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md deleted file mode 100644 index 29b0953fb4..0000000000 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md +++ /dev/null @@ -1,220 +0,0 @@ ---- -title: Set-EntraBetaTrustFrameworkPolicy -description: This article provides details on the Set-EntraBetaTrustFrameworkPolicy command. - - -ms.topic: reference -ms.date: 08/14/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy - -schema: 2.0.0 ---- - -# Set-EntraBetaTrustFrameworkPolicy - -## Synopsis - -This cmdlet is used to update a trust framework policy (custom policy) in the directory. - -## Syntax - -### Content (Default) - -```powershell -Set-EntraBetaTrustFrameworkPolicy - [-Id ] - -Content - [-OutputFilePath ] - [] -``` - -### File - -```powershell -Set-EntraBetaTrustFrameworkPolicy - [-Id ] - -InputFilePath - [-OutputFilePath ] - [] -``` - -## Description - -The `Set-EntraBetaTrustFrameworkPolicy` cmdlet is used to update a trust framework policy in the directory. - -In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. - -## Examples - -### Example 1: Updates a trust framework policy from the content specified - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string -$params = @{ - Id = 'B2C_1A_signup_signin' - Content = $policyContent -} -Set-EntraBetaTrustFrameworkPolicy @params -``` - -The example updates a trust framework policy from the content specified. - -The contents of updated trust framework policy are displayed on screen. - -- `-Id` Parameter specifies ID for a trust framework policy. -- `-Content` Parameter specifies the content of the trust framework policy to be updated. - -### Example 2: Updates a trust framework policy from the content specified - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string -$params = @{ - Id = 'B2C_1A_signup_signin' - Content = $policyContent - OutputFilePath = 'C:\UpdatedPolicy.xml' -} -Set-EntraBetaTrustFrameworkPolicy @params -``` - -The example updates a trust framework policy from the content specified. - -The contents of updated trust framework policy are written to file mentioned in output file path. - -- `-Id` Parameter specifies ID for a trust framework policy. -- `-Content` Parameter specifies the content of the trust framework policy to be updated. -- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. - -### Example 3: Updates a trust framework policy from the file mentioned in InputFilePath - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$params = @{ - Id = 'B2C_1A_signup_signin' - InputFilePath = 'C:\InputPolicy.xml' - OutputFilePath = 'C:\UpdatedPolicy.xml' -} -Set-EntraBetaTrustFrameworkPolicy @params -``` - -The example updates a trust framework policy from the file mentioned in InputFilePath. - -The contents of updated trust framework policy are written to file mentioned in output file path. - -- `-Id` Parameter specifies ID for a trust framework policy. -- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. -- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. - -### Example 4: Updates a trust framework policy from the file mentioned in InputFilePath - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' -$params = @{ - Id = 'B2C_1A_signup_signin' - InputFilePath = 'C:\InputPolicy.xml' -} -Set-EntraBetaTrustFrameworkPolicy @params -``` - -The example updates a trust framework policy from the file mentioned in InputFilePath. - -The contents of updated created trust framework policy are displayed on screen. - -- `-Id` Parameter specifies ID for a trust framework policy. -- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. - -## Parameters - -### -Content - -The content of the trust framework policy to be updated. - -```yaml -Type: System.String -Parameter Sets: Content -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Id - -The unique identifier for a trust framework policy. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -InputFilePath - -Path to the file used for reading the contents of trust framework policy to be updated. - -```yaml -Type: System.String -Parameter Sets: File -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OutputFilePath - -Path to the file used for writing the contents of updated trust framework policy. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) - -[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) - -[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.md b/module/docs/entra-powershell-beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.md new file mode 100644 index 0000000000..2670ccb547 --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/Enable-EntraBetaGlobalSecureAccessTenant.md @@ -0,0 +1,73 @@ +--- +title: Enable-EntraBetaGlobalSecureAccessTenant +description: This article provides details on the Enable-EntraBetaGlobalSecureAccessTenant command. + +ms.topic: reference +ms.date: 10/31/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant +schema: 2.0.0 +--- + +# Enable-EntraBetaGlobalSecureAccessTenant + +## Synopsis + +Onboard the Global Secure Access service in the tenant. + +## Syntax + +```powershell +Enable-EntraBetaGlobalSecureAccessTenant +``` + +## Description + +The `Enable-EntraBetaGlobalSecureAccessTenant` cmdlet onboards the Global Secure Access service in the tenant. + +In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the necessary permissions: + +- Global Secure Access Administrator +- Security Administrator + +## Examples + +### Example 1: Enable Global Secure Access for a tenant + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Enable-EntraBetaGlobalSecureAccessTenant +``` + +```Output +@odata.context : https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity +onboardingStatus : onboarded +onboardingErrorMessage : +``` + +This command onboards the Global Secure Access service in the tenant. + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaGlobalSecureAccessTenantStatus](Get-EntraBetaGlobalSecureAccessTenantStatus.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.md b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.md new file mode 100644 index 0000000000..8935092811 --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaGlobalSecureAccessTenantStatus.md @@ -0,0 +1,84 @@ +--- +title: Get-EntraBetaGlobalSecureAccessTenantStatus +description: This article provides details on the Get-EntraBetaGlobalSecureAccessTenantStatus command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus +schema: 2.0.0 +--- + +# Get-EntraBetaGlobalSecureAccessTenantStatus + +## Synopsis + +Retrieves the onboarding status of the Global Secure Access service in the tenant. + +## Syntax + +```powershell +Get-EntraBetaGlobalSecureAccessTenantStatus +``` + +## Description + +The `Get-EntraBetaGlobalSecureAccessTenantStatus` cmdlet retrieves the onboarding status of the Global Secure Access service in the tenant. + +For delegated scenarios involving work or school accounts, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation: + +- Global Reader +- Global Secure Access Administrator +- Security Administrator + +## Examples + +### Example 1: Check Global Secure Access status for the tenant + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaGlobalSecureAccessTenantStatus +``` + +```Output +@odata.context onboardingStatus onboardingErrorMessage +-------------- ---------------- ---------------------- +https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity offboarded +``` + +This command checks if the Global Secure Access service is activated in the tenant. + +If the status is `offboarded`, you can activate the service with `New-EntraBetaGlobalSecureAccessTenant`. + +The onboarding status can be: `offboarded`, `offboarding in progress`, `onboarding in progress`, `onboarded`, `onboarding error`, or `offboarding error`. + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](../Applications/Get-EntraBetaApplication.md) + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.md b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.md new file mode 100644 index 0000000000..2a0144646f --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplication.md @@ -0,0 +1,163 @@ +--- +title: Get-EntraBetaPrivateAccessApplication +description: This article provides details on the Get-EntraBetaPrivateAccessApplication command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivateAccessApplication +schema: 2.0.0 +--- + +# Get-EntraBetaPrivateAccessApplication + +## Synopsis + +Retrieves a list of all Private Access applications, or if specified, details of a specific application. + +## Syntax + +### ApplicationId (Default) + +```powershell +Get-EntraBetaPrivateAccessApplication + [-ApplicationId ] + [] +``` + +### ApplicationName + +```powershell +Get-EntraBetaPrivateAccessApplication + [-ApplicationName ] + [] +``` + +## Description + +The `Get-EntraBetaPrivateAccessApplication` cmdlet retrieves a list of all Private Access applications, or if specified, details of a specific application. + +## Examples + +### Example 1: Retrieve all Private Access applications + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaPrivateAccessApplication +``` + +```Output +displayName : testApp1 +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} +createdDateTime : 14/06/2024 12:38:50 AM + +displayName : QuickAccess +appId : dddddddd-3333-4444-5555-eeeeeeeeeeee +id : eeeeeeee-4444-5555-6666-ffffffffffff +tags : {HideApp, NetworkAccessQuickAccessApplication} +createdDateTime : 4/07/2023 4:00:07 AM +``` + +This command retrieves all Private Access applications, including Quick Access. + +### Example 2: Retrieve a specific Private Access application by object Id + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaPrivateAccessApplication | Where-Object {$_.displayName -eq 'Finance team file share'} +Get-EntraBetaPrivateAccessApplication -ApplicationId $application.Id +``` + +```Output +displayName : QuickAccess +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {HideApp, NetworkAccessQuickAccessApplication} +createdDateTime : 4/07/2023 4:00:07 AM +``` + +This example demonstrates how to retrieve information for a specific Private Access application by object id. + +### Example 3: Retrieve a specific Private Access application by name + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaPrivateAccessApplication -ApplicationName 'Finance team file share' +``` + +```Output +displayName : Finance team file share +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} +createdDateTime : 14/06/2024 12:38:50 AM +``` + +This example demonstrates how to retrieve information for a specific Private Access application by application name. + +## Parameters + +### -ApplicationId + +The Object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: SingleAppID +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationName + +Specifies a specific application name to retrieve. + +```yaml +Type: System.String +Parameter Sets: SingleAppName +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](../Applications/Get-EntraBetaApplication.md) + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..20a714f1c4 --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/Get-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,133 @@ +--- +title: Get-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the Get-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: andres-canello +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment +schema: 2.0.0 +--- + +# Get-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. + +## Syntax + +```powershell +Get-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + [-ApplicationSegmentId ] + [] +``` + +## Description + +The `Get-EntraBetaPrivateAccessApplicationSegment` cmdlet retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. + +## Examples + +### Example 1: Retrieve all application segments associated to an application + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id +``` + +```Output +destinationHost : 10.1.1.20 +destinationType : ip +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +This command retrieves all application segments for an application. + +### Example 2: Retrieve a specific application segment associated to an application + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} +Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id +``` + +```Output +destinationHost : 10.1.1.20 +destinationType : ip +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to retrieve information for a specific application segment. + +## Parameters + +### -ApplicationId + +The Object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: AllApplicationSegments, SingleApplicationSegment +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -ApplicationSegmentId + +Specifies a specific application segment to retrieve. + +```yaml +Type: System.String +Parameter Sets: SingleApplicationSegment +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](../Applications/Get-EntraBetaApplication.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.md b/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.md new file mode 100644 index 0000000000..3808cc368a --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplication.md @@ -0,0 +1,113 @@ +--- +title: New-EntraBetaPrivateAccessApplication +description: This article provides details on the New-EntraBetaPrivateAccessApplication command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPrivateAccessApplication +schema: 2.0.0 +--- + +# New-EntraBetaPrivateAccessApplication + +## Synopsis + +Creates a Private Access application and assigns a connector group to it. + +## Syntax + +```powershell +New-EntraBetaPrivateAccessApplication + -ApplicationName + [-ConnectorGroupId ] + [] +``` + +## Description + +The `New-EntraBetaPrivateAccessApplication` cmdlet creates a Private Access application and assigns a connector group to it. + +## Examples + +### Example 1: Create a new Private Access app and assign the default connector group + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' +``` + +This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to the default connector group. + +### Example 2: Create a new Private Access app and assign a specific connector group + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$connectorGroup = Get-EntraBetaApplicationProxyConnectorGroup -Filter "Name eq 'Contoso GSA Group'" +New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' -ConnectorGroupId $connectorGroup.Id +``` + +This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to a specific connector group. + +## Parameters + +### -ApplicationName + +The name of the new Private Access application. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConnectorGroupId + +Specifies a connector group to assign to the application. Use `Get-EntraBetaApplicationProxyConnectorGroup` to retrieve connector details or `New-EntraBetaApplicationProxyConnectorGroup` to create a new group. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplication](Get-EntraBetaPrivateAccessApplication.md) +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) +[New-EntraBetaApplicationProxyConnectorGroup](../Applications/New-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..e814466f8e --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/New-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,230 @@ +--- +title: New-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the New-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: andres-canello +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment +schema: 2.0.0 +--- + +# New-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Creates an application segment associated to a Private Access application. + +## Syntax + +```powershell +New-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + -DestinationHost + -DestinationType + [-Protocol ] + [-Ports ] + [] +``` + +## Description + +The `New-EntraBetaPrivateAccessApplicationSegment` cmdlet creates an application segment associated to a Private Access application. + +## Examples + +### Example 1: Create a simple application segment + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + DestinationHost = 'ssh.contoso.local' + Ports = 22 + Protocol = 'TCP' + DestinationType = 'FQDN' +} +New-EntraBetaPrivateAccessApplicationSegment @params +``` + +```Output +destinationHost : ssh.contoso.local +destinationType : FQDN +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +### Example 2: Create an application segment using ranges of IPs and multiple ports + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + DestinationHost = '192.168.1.100..192.168.1.110' + Ports = '22,3389' + Protocol = 'TCP,UDP' + DestinationType = 'ipRange' +} +New-EntraBetaPrivateAccessApplicationSegment @params +``` + +```Output +destinationHost : 192.168.1.100..192.168.1.110 +destinationType : ipRange +port : 0 +ports : {22-22, 3389-3389} +protocol : tcp,udp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +### Example 3: Create application segment using an input file + +AppSegments.csv + +AppObjectId,DestHost,ports,protocol,type\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.97.0/24,"1-21,23-442,444-65535","TCP,udp",ipRangeCidr\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.96.0/24,"1-21,23-442,444-65535","udp",ipRangeCidr\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.95.0/24,"1-21","udp",ipRangeCidr + +CreateAppSegments.ps1 + +```powershell +$csvFile = "C:\temp\AppSegments.csv" + +# Assuming the CSV file has columns named 'AppObjectId', 'DestHost', 'ports', 'protocol', 'type' +$variables = Import-Csv $csvFile + +# Loop through each row of the CSV and execute the command for each set of variables +foreach ($variable in $variables) { + $appObjectId = $variable.AppObjectId + $destHost = $variable.DestHost + $ports = $variable.ports -split "," + $protocol = $variable.protocol -split "," + $type = $variable.type + + # Execute the command + $params = @{ + ApplicationId = $appObjectId + DestinationHost = $destHost + Ports = $ports + Protocol = $protocol + DestinationType = $type + } + New-EntraBetaPrivateAccessApplicationSegment @params +} +``` + +## Parameters + +### -ApplicationId + +The object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: +Aliases: ObjectId + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -DestinationHost + +Destination host for the application segment. It can be an IP address, a range of IPs (10.10.10.1..10.10.10.200), a CIDR range (10.1.1.0/24) or an FQDN (ssh.contoso.local). Additionally, DNS suffixes for Quick Access can be created with dnsSuffix. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Ports + +Ports for the application segment. It can be a single port, a range (1..100) or a list (22,3389). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Protocol + +Protocol for the application segment. It can be a single protocol (TCP) or a list (TCP,UDP). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DestinationType + +Destination type for the application segment. It can be "ipAddress", "dnsSuffix", "ipRangeCidr", "ipRange", or "FQDN". + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[Get-EntraBetaApplication](../Applications/Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.md b/module/docs/entra-powershell-beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..892ac45aeb --- /dev/null +++ b/module/docs/entra-powershell-beta/NetworkAccess/Remove-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,108 @@ +--- +title: Remove-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the Remove-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: andres-canello +external help file: Microsoft.Entra.Beta.NetworkAccess-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment +schema: 2.0.0 +--- + +# Remove-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Removes an application segment associated to a Private Access application. + +## Syntax + +```powershell +Remove-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + [-ApplicationSegmentId ] + [] +``` + +## Description + +The `Remove-EntraBetaPrivateAccessApplicationSegment` cmdlet removes application segments associated to a Private Access application. + +## Examples + +### Example 1: Delete an application segment + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} +Remove-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id +``` + +This example shows how to remove an application segment associated to a Private Access application. + +- `ApplicationId` is the application Object ID of the Private Access Application. +- `ApplicationSegmentId` is the application segment identifier to be deleted. + +## Parameters + +### -ApplicationId + +The object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -ApplicationSegmentId + +The application segment ID of the application segment to be deleted. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) + +[Get-EntraBetaApplication](../Applications/Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.md b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.md new file mode 100644 index 0000000000..6a2a89432c --- /dev/null +++ b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.md @@ -0,0 +1,150 @@ +--- +title: Get-EntraBetaApplicationSignInDetailedSummary +description: This article provides details on the Get-EntraBetaApplicationSignInDetailedSummary command. + +ms.topic: reference +ms.date: 07/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Reports-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationSignInDetailedSummary + +## Synopsis + +Get detailed sign in summaries. + +## Syntax + +```powershell +Get-EntraBetaApplicationSignInDetailedSummary + [-Top ] + [-Filter ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationSignInDetailedSummary` cmdlet gets Microsoft Entra ID sign ins, grouped by application, date, and sign in status. + +## Examples + +### Example 1: Get sign in detailed summary + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInDetailedSummary +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 08-07-2024 00:00:00 Graph Explorer 00001111-aaaa-2222-bbbb-3333cccc4444 3 +bbbbbbbb-1111-2222-3333-cccccccccccc 04-07-2024 00:00:00 Graph Explorer 11112222-bbbb-3333-cccc-4444dddd55551 +cccccccc-2222-3333-4444-dddddddddddd 05-07-2024 00:00:00 Graph Explorer 22223333-cccc-4444-dddd-5555eeee6666 4 +dddddddd-3333-4444-5555-eeeeeeeeeeee 19-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff77773 +eeeeeeee-4444-5555-6666-ffffffffffff 27-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 2 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 03-07-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 1 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 01-07-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 13 +bbbbbbbb-7777-8888-9999-cccccccccccc 28-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 9 +``` + +This example returns all sign ins to Microsoft Entra ID Portal. + +### Example 2: Get sign in detailed summary by application and date + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInDetailedSummary -Filter "appDisplayName eq 'Azure Portal' AND aggregatedEventDateTime gt 2024-10-20 AND aggregatedEventDateTime lt 2024-10-22" +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 +bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 +cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 +dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 +eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 19-06-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 3 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 17-06-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 3 +bbbbbbbb-7777-8888-9999-cccccccccccc 18-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 6 +``` + +This example returns all sign ins to Microsoft Entra ID Portal for the month of June. + +### Example 3: Get top five sign ins + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInDetailedSummary -Top 5 +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 +bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 +cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 +dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 +eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 +``` + +This example returns top five sign ins to Microsoft Entra ID portal. + +## Parameters + +### -Top + +The maximum number of records to return. + +```yaml +Type: Sysetm.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.GetApplicationSignInDetailedSummaryObjectsResponse + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInSummary.md b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInSummary.md new file mode 100644 index 0000000000..f99be411b7 --- /dev/null +++ b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaApplicationSignInSummary.md @@ -0,0 +1,166 @@ +--- +title: Get-EntraBetaApplicationSignInSummary +description: This article provides details on the Get-EntraBetaApplicationSignInSummary command. + +ms.topic: reference +ms.date: 07/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Reports-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaApplicationSignInSummary + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationSignInSummary + +## Synopsis + +Get sign in summary by last number of days. + +## Syntax + +```powershell +Get-EntraBetaApplicationSignInSummary + -Days + [-Top ] + [-Filter ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationSignInSummary` cmdlet gets sign-in summaries for the last 7 or 30 days. + +Returns the properties below: + +- appDisplayName - the name of the application that the user signed into. +- failedSignInCount - count of failed sign-ins made by the application. +- successPercentage - the percentage of successful sign-ins made by the application. +- successfulSignInCount - count of successful sign-ins made by the application. + +## Examples + +### Example 1: Get sign in summary by application for the last week + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInSummary -Days 7 -Filter "appDisplayName eq 'Graph Explorer'" +``` + +```Output +Id AppDisplayName FailedSignInCount SuccessPercentage SuccessfulSignInCount +-- -------------- ----------------- ----------------- --------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer 0 100 14 +``` + +This example returns a summary of all sign ins to Graph Explorer for the last seven days. + +- `-Days` parameter specifies the number of past days summary contains. Valid values are only 7 and 30. + +### Example 2: Get sign in summaries for the last month + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInSummary -Days 30 +``` + +```Output +Id AppDisplayName FailedSignInCount SuccessPercentage SuccessfulSignInCount +-- -------------- ----------------- ----------------- --------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer 3 96.74 89 +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 3 99.15 350 +cccccccc-2222-3333-4444-dddddddddddd Microsoft Community v2 0 100 4 +``` + +This example returns summaries for all sign ins from the past 30 days. + +- `-Days` parameter specifies the number of past days summary contains. Valid values are only 7 and 30. + +### Example 3: Get top two sign in summaries for the last month + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInSummary -Days 30 -Top 2 +``` + +```Output +Id AppDisplayName FailedSignInCount SuccessPercentage SuccessfulSignInCount +-- -------------- ----------------- ----------------- --------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer 3 96.74 89 +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 3 99.15 350 +``` + +This example returns top two summaries sign ins from the past 30 days. + +- `-Days` parameter specifies the number of past days summary contains. Valid values are only 7 and 30. + +## Parameters + +### -Days + +Number of past days summary contains. +Valid values are 7 and 30 + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.GetApplicationSignInSummaryObjectsResponse + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditDirectoryLog.md b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditDirectoryLog.md new file mode 100644 index 0000000000..17c27fd558 --- /dev/null +++ b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditDirectoryLog.md @@ -0,0 +1,183 @@ +--- +title: Get-EntraBetaAuditDirectoryLog +description: This article provides details on the Get-EntraBetaAuditDirectoryLog command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Reports-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAuditDirectoryLog + +schema: 2.0.0 +--- + +# Get-EntraBetaAuditDirectoryLog + +## Synopsis + +Get directory audit logs. + +## Syntax + +```powershell +Get-EntraBetaAuditDirectoryLog + [-All] + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAuditDirectoryLog` cmdlet gets a Microsoft Entra ID audit log. +Retrieve audit logs from Microsoft Entra ID, covering logs from various services such as user, app, device, and group management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (SSPR and admin resets), and self-service group management. + +## Examples + +### Example 1: Get all logs + +```powershell + Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' + Get-EntraBetaAuditDirectoryLog -All +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd +Directory_bbbbbbbb-1111-2222-3333-cccccccccccc 17/07/2024 07:31:54 Update user UserManagement bbbb1111-cc22-3333-44dd-555555eeeeee +SSGM_cccccccc-2222-3333-4444-dddddddddddd 17/07/2024 07:13:08 GroupsODataV4_GetgroupLifecyclePolicies GroupManagement cccc2222-dd33-4444-55ee-666666ffffff + +``` + +This command gets all audit logs. + +### Example 2: Get first n logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraBetaAuditDirectoryLog -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId LoggedB + yServic + e +-- ---------------- ------------------- -------- ------------- ------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb_8IAPT_617717139 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd Core... + +``` + +This example returns the first N logs. + +### Example 3: Get audit logs containing a given ActivityDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraBetaAuditDirectoryLog -Filter "ActivityDisplayName eq 'Update rollout policy of feature'" -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Application Proxy_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 16/07/2024 05:13:49 Update rollout policy of feature Authentication aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This command shows how to get audit logs by ActivityDisplayName. + +### Example 4: Get all audit logs with a given result + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraBetaAuditDirectoryLog -Filter "result eq 'failure'" -All +``` + +This command shows how to get audit logs by the result. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraBetaAuditDirectoryLogs` is an alias for `Get-EntraBetaAuditDirectoryLog`. + +## Related Links diff --git a/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditSignInLog.md b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditSignInLog.md new file mode 100644 index 0000000000..c4700c230a --- /dev/null +++ b/module/docs/entra-powershell-beta/Reports/Get-EntraBetaAuditSignInLog.md @@ -0,0 +1,198 @@ +--- +title: Get-EntraBetaAuditSignInLog +description: This article provides details on the Get-EntraBetaAuditSignInLog command. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Reports-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAuditSignInLog + +schema: 2.0.0 +--- + +# Get-EntraBetaAuditSignInLog + +## Synopsis + +Get audit logs of sign-ins. + +## Syntax + +```powershell +Get-EntraBetaAuditSignInLog + [-All] + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAuditSignInLog` cmdlet gets the Microsoft Entra ID sign-in log. + +In addition to delegated permissions, the signed-in user must belong to at least one of the following Microsoft Entra roles to read sign-in reports: + +- Global Reader +- Reports Reader +- Security Administrator +- Security Operator +- Security Reader + +## Examples + +### Example 1: Get all logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraBetaAuditSignInLog -All +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +cccccccc-2222-3333-4444-dddddddddddd Azure Active Directory PowerShell 22223333-cccc-4444-dddd-5555eeee6666 {} none +dddddddd-3333-4444-5555-eeeeeeeeeeee Azure Active Directory PowerShell 33334444-dddd-5555-eeee-6666ffff7777 {} none +``` + +This example returns all audit logs of sign-ins. + +### Example 2: Get the first two logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraBetaAuditSignInLog -Top 2 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +``` + +This example returns the first two audit logs of sign-ins. + +### Example 3: Get audit logs containing a given AppDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraBetaAuditSignInLog -Filter "AppDisplayName eq 'Graph Explorer'" -Top 1 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 +``` + +This example demonstrates how to retrieve sign-in logs by AppDisplayName. + +### Example 4: Get all sign-in logs between dates + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraBetaAuditSignInLog -Filter "createdDateTime ge 2024-07-01T00:00:00Z and createdDateTime le 2024-07-14T23:59:59Z" +``` + +This example shows how to retrieve sign-in logs between dates. + +### Example 5: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraBetaAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraBetaAuditSignInLogs` is an alias for `Get-EntraBetaAuditSignInLog`. + + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md b/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md new file mode 100644 index 0000000000..26181d7ad0 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md @@ -0,0 +1,106 @@ +--- +title: Add-EntraBetaFeatureRolloutPolicyDirectoryObject +description: This article provides details on the Add-EntraBetaFeatureRolloutPolicyDirectoryObject command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject + +schema: 2.0.0 +--- + +# Add-EntraBetaFeatureRolloutPolicyDirectoryObject + +## Synopsis + +Allows an admin to add a group to the cloud authentication roll-out policy in Microsoft Entra ID. +Users in this group start authenticating to the cloud per policy. + +## Syntax + +```powershell +Add-EntraBetaFeatureRolloutPolicyDirectoryObject + -Id + -RefObjectId + [] +``` + +## Description + +An admin uses `Add-EntraBetaFeatureRolloutPolicyDirectoryObject` cmdlet to add a group to the cloud authentication roll-out policy. +Users in these groups start authenticating against the cloud per policy (for example, +with Seamless single sign-on or not, or whether Passthrough auth or not). Specify `Id` and `RefObjectId` parameter to add a group to the cloud authentication roll-out policy. + +## Examples + +### Example 1: Adds a group to the cloud authentication roll-out policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + RefObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Add-EntraBetaFeatureRolloutPolicyDirectoryObject @params +``` + +This command adds a group to the cloud authentication roll-out policy in Microsoft Entra ID. + +- `-Id` Parameter specifies the ID of the cloud authentication roll-out policy. +- `-RefObjectId` Parameter specifies the ID of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +The unique identifier of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaFeatureRolloutPolicyDirectoryObject](Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaServicePrincipalPolicy.md b/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaServicePrincipalPolicy.md new file mode 100644 index 0000000000..31cc047197 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Add-EntraBetaServicePrincipalPolicy.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraBetaServicePrincipalPolicy +description: This article provides details on the Add-EntraBetaServicePrincipalPolicy command. + + +ms.topic: reference +ms.date: 07/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Add-EntraBetaServicePrincipalPolicy + +schema: 2.0.0 +--- + +# Add-EntraBetaServicePrincipalPolicy + +## Synopsis + +Adds a servicePrincipal policy. + +## Syntax + +```powershell +Add-EntraBetaServicePrincipalPolicy + -Id + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaServicePrincipalPolicy` cmdlet adds a service principal policy. Specify the `Id` and `PolicyId` parameter to add a specific servicePrincipal policy. + +## Examples + +### Example 1: Add a service principal policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All, Application.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-1111-1111-cccccccccccc' + RefObjectId = 'ffffffff-5555-6666-7777-aaaaaaaaaaaa' +} +Add-EntraBetaServicePrincipalPolicy @params +``` + +This example demonstrates how to add a policy to a service principal in Microsoft Entra ID. + +## Parameters + +### -RefObjectId + +Specifies the object Id of the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The ID of the Service Principal for which you need to set the policy + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipalPolicy](Get-EntraBetaServicePrincipalPolicy.md) + +[Remove-EntraBetaServicePrincipalPolicy](Remove-EntraBetaServicePrincipalPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaAuthorizationPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaAuthorizationPolicy.md new file mode 100644 index 0000000000..188857f062 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaAuthorizationPolicy.md @@ -0,0 +1,148 @@ +--- +title: Get-EntraBetaAuthorizationPolicy +description: This article provides details on the Get-EntraBetaAuthorizationPolicy command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaAuthorizationPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaAuthorizationPolicy + +## Synopsis + +Gets an authorization policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaAuthorizationPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaAuthorizationPolicy + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAuthorizationPolicy` cmdlet gets a Microsoft Entra ID authorization policy. + +## Examples + +### Example 1: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaAuthorizationPolicy +``` + +### Example 2: Get an authorization policy by ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaAuthorizationPolicy -Id 'authorizationPolicy' | Format-List +``` + +```Output +DefaultUserRolePermissions : @{AllowedToCreateApps=True; AllowedToCreateSecurityGroups=True; AllowedToCreateTenants=True; AllowedToReadBitlockerKeysForOwnedDevice=True; AllowedToReadOtherUsers=True; AdditionalProperties=} +AllowEmailVerifiedUsersToJoinOrganization : False +AllowInvitesFrom : everyone +AllowUserConsentForRiskyApps : +AllowedToSignUpEmailBasedSubscriptions : True +AllowedToUseSspr : True +BlockMsolPowerShell : False +DefaultUserRoleOverrides : +DeletedDateTime : +Description : Used to manage authorization related settings across the company. +DisplayName : Authorization Policy +EnabledPreviewFeatures : {} +GuestUserRoleId : 10dae51f-b6af-4016-8d66-8c2a99b929b3 +Id : authorizationPolicy +PermissionGrantPolicyIdsAssignedToDefaultUserRole : {ManagePermissionGrantsForSelf.microsoft-user-default-legacy, ManagePermissionGrantsForOwnedResource.microsoft-dynamically-managed-permissions-for-team, + ManagePermissionGrantsForOwnedResource.microsoft-dynamically-managed-permissions-for-chat} +AdditionalProperties : {} +``` + +This example gets the Microsoft Entra ID authorization policy. + +- `-Id` parameter specifies the unique identifier of the authorization policy. + +The response properties are: + +- `allowedToSignUpEmailBasedSubscriptions` - indicates whether users can sign up for email based subscriptions. +- `allowedToUseSSPR` - indicates whether administrators of the tenant can use the Self-Service Password Reset (SSPR). +- `allowEmailVerifiedUsersToJoinOrganization` - indicates whether a user can join the tenant by email validation. +- `allowInvitesFrom` - indicates who can invite guests to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. +- `allowUserConsentForRiskyApps` - indicates whether user consent for risky apps is allowed. Default value is `false`. We recommend that you keep the value set to `false`. +- `blockMsolPowerShell` - to disable the use of the MSOnline PowerShell module set this property to `true`. This also disables user-based access to the legacy service endpoint used by the MSOnline PowerShell module. This doesn't affect Microsoft Entra Connect or Microsoft Graph. +- `defaultUserRolePermissions` - specifies certain customizable permissions for default user role. +- `description` - description of this policy. +- `displayName` - display name for this policy. +- `enabledPreviewFeatures` - list of features enabled for private preview on the tenant. +- `guestUserRoleId` -represents role templateId for the role that should be granted to guests. Refer to List unifiedRoleDefinitions to find the list of available role templates. Currently following roles are supported: User (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest User (2af84b1e-32c8-42b7-82bc-daa82404023b). +- `permissionGrantPolicyIdsAssignedToDefaultUserRole` - indicates if user consent to apps is allowed, and if it is, the app consent policy that governs the permission for users to grant consent. Values should be in the format `managePermissionGrantsForSelf.{id}` for user consent policies or `managePermissionGrantsForOwnedResource.{id}` for resource-specific consent policies, where {id} is the id of a built-in or custom app consent policy. An empty list indicates user consent to apps is disabled. + +## Parameters + +### -Id + +Specifies the unique identifier of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaAuthorizationPolicy](Set-EntraBetaAuthorizationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaConditionalAccessPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaConditionalAccessPolicy.md new file mode 100644 index 0000000000..3de7300d1e --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaConditionalAccessPolicy.md @@ -0,0 +1,136 @@ +--- +title: Get-EntraBetaConditionalAccessPolicy +description: This article provides details on the Get-EntraBetaConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaConditionalAccessPolicy + +## Synopsis + +Gets a Microsoft Entra ID conditional access policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaConditionalAccessPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaConditionalAccessPolicy + -PolicyId + [-Property ] + [] +``` + +## Description + +This cmdlet allows an admin to get the Microsoft Entra ID conditional access policy. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Retrieves a list of all conditional access policies in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaConditionalAccessPolicy +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State +-- --------------- ----------- ----------- ---------------- ----- +eeeeeeee-4444-5555-6666-ffffffffffff 2/27/2024 6:23:21 AM ConditionalAccessPolicy 2/29/2024 2:41:17 PM disabled +ffffffff-5555-6666-7777-aaaaaaaaaaaa 2/27/2024 6:26:00 AM ConditionalAccessPolicy 2/29/2024 2:41:34 PM disabled +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 2/27/2024 6:30:48 AM ConditionalAccessPolicy 2/29/2024 2:43:53 PM disabled +``` + +This example retrieves a list of all conditional access policies in Microsoft Entra ID. + +### Example 2: Retrieves a conditional access policy in Microsoft Entra ID with given ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaConditionalAccessPolicy -PolicyId 'eeeeeeee-4444-5555-6666-ffffffffffff' +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State +-- --------------- ----------- ----------- ---------------- ----- +eeeeeeee-4444-5555-6666-ffffffffffff 2/27/2024 6:23:21 AM ConditionalAccessPolicy 2/29/2024 2:41:17 PM disabled +``` + +This example retrieves a specified conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of a conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaConditionalAccessPolicy](New-EntraBetaConditionalAccessPolicy.md) + +[Set-EntraBetaConditionalAccessPolicy](Set-EntraBetaConditionalAccessPolicy.md) + +[Remove-EntraBetaConditionalAccessPolicy](Remove-EntraBetaConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.md new file mode 100644 index 0000000000..a9a7585a82 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaFeatureRolloutPolicy.md @@ -0,0 +1,209 @@ +--- +title: Get-EntraBetaFeatureRolloutPolicy +description: This article provides details on the Get-EntraBetaFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaFeatureRolloutPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaFeatureRolloutPolicy + +## Synopsis + +Gets the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaFeatureRolloutPolicy + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaFeatureRolloutPolicy + [-SearchString ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaFeatureRolloutPolicy + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaFeatureRolloutPolicy` cmdlet allows an admin to get the policy for cloud authentication rollout (users moving from federation to cloud auth) in Microsoft Entra ID. +This policy consists of one or two FeatureRolloutPolicy objects. These objects hold the groups assigned for cloud authentication (Pass-through authentication or Password Hash Sync) and groups assigned for Seamless single sign-on. + +## Examples + +### Example 1: Retrieves a list of all cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaFeatureRolloutPolicy +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee Feature-Rollout-test Feature-Rollout-Policytest passwordHashSync False True +11bb11bb-cc22-dd33-ee44-55ff55ff55ff Feature-Rollout-Policy change emailAsAlternateId False False +``` + +This command retrieves a list of all cloud authentication roll-out policies in Microsoft Entra ID. + +### Example 2: Retrieves cloud authentication roll-out in Microsoft Entra ID with given ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaFeatureRolloutPolicy -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +11bb11bb-cc22-dd33-ee44-55ff55ff55ff Feature-Rollout-test Feature-Rollout-Policytest passwordHashSync False True +``` + +This example retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +- `-Id` - Specify The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +### Example 3: Retrieves cloud authentication roll-out in Microsoft Entra ID with given Search String + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaFeatureRolloutPolicy -SearchString 'Feature-Rollout-Policytest' +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +11bb11bb-cc22-dd33-ee44-55ff55ff55ff Feature-Rollout-test Feature-Rollout-Policytest passwordHashSync False +``` + +This command retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +### Example 4: Retrieves cloud authentication roll-out in Microsoft Entra ID with given Filter parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaFeatureRolloutPolicy -Filter "DisplayName eq 'Feature-Rollout-Policytest'" +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +11bb11bb-cc22-dd33-ee44-55ff55ff55ff Feature-Rollout-test Feature-Rollout-Policytest passwordHashSync False +``` + +This command retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.MsFeatureRolloutPolicy + +## Notes + +## Related Links + +[New-EntraBetaFeatureRolloutPolicy](New-EntraBetaFeatureRolloutPolicy.md) + +[Set-EntraBetaFeatureRolloutPolicy](Set-EntraBetaFeatureRolloutPolicy.md) + +[Remove-EntraBetaFeatureRolloutPolicy](Remove-EntraBetaFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaIdentityProvider.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaIdentityProvider.md new file mode 100644 index 0000000000..740421c31a --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaIdentityProvider.md @@ -0,0 +1,140 @@ +--- +title: Get-EntraBetaIdentityProvider +description: This article provides details on the Get-EntraBetaIdentityProvider command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaIdentityProvider + +schema: 2.0.0 +--- + +# Get-EntraBetaIdentityProvider + +## Synopsis + +This cmdlet is used to retrieve the configured identity providers in the directory. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaIdentityProvider + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaIdentityProvider + -IdentityProviderBaseId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaIdentityProvider` cmdlet is used to retrieve the identity providers that have been configured in the directory. +These identity providers can be used to allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. +The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be Microsoft, Google, Facebook, Amazon, or LinkedIn. + +## Examples + +### Example 1: Retrieve all identity providers + +```powershell +Connect-Entra -Scopes 'IdentityProvider.Read.All' +Get-EntraBetaIdentityProvider +``` + +```Output +Id DisplayName +-- ----------- +AADSignup-OAUTH Directory Sign up +Google-OAUTH Test +EmailOtpSignup-OAUTH Email One Time Passcode +MSASignup-OAUTH Microsoft Account +``` + +This example retrieves the list of all configured identity providers and their properties. + +### Example 2: Retrieve identity provider by Id + +```powershell +Connect-Entra -Scopes 'IdentityProvider.Read.All' +Get-EntraBetaIdentityProvider -IdentityProviderBaseId 'Google-OAUTH' +``` + +```Output +Id DisplayName +-- ----------- +Google-OAUTH GoogleName +``` + +This example retrieves the properties for the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. + +## Parameters + +### -IdentityProviderBaseId + +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaNamedLocationPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaNamedLocationPolicy.md new file mode 100644 index 0000000000..cc69f6ce50 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaNamedLocationPolicy.md @@ -0,0 +1,138 @@ +--- +title: Get-EntraBetaNamedLocationPolicy +description: This article provides details on the Get-EntraBetaNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaNamedLocationPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaNamedLocationPolicy + +## Synopsis + +Gets an Microsoft Entra ID named location policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaNamedLocationPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaNamedLocationPolicy + -PolicyId + [-Property ] + [] +``` + +## Description + +This cmdlet allows an admin to get the Microsoft Entra ID named location policies. + +Named locations are custom rules that define network locations, which can then be used in a Conditional Access policy. + +## Examples + +### Example 1: Retrieves a list of all named location policies in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaNamedLocationPolicy +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee 31/07/2024 9:53:10 NamedLocation 31/07/2024 9:53:10 +eeeeeeee-4444-5555-6666-ffffffffffff 31/07/2024 4:38:42 NamedLocation1 31/07/2024 4:38:42 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 01/08/2024 4:39:42 NamedLocation2 01/08/2024 4:39:42 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 01/08/2024 4:57:03 NamedLocation3 01/08/2024 4:57:03 +``` + +This command retrieves a list of all named location policies in Microsoft Entra ID. + +### Example 2: Retrieves a named location policy by Id + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaNamedLocationPolicy -PolicyId 'dddddddd-3333-4444-5555-eeeeeeeeeeee' +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee 31/07/2024 9:53:10 NamedLocation 31/07/2024 9:53:10 +``` + +This example retrieves a specified named location policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the policy Id of a named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaNamedLocationPolicy](New-EntraBetaNamedLocationPolicy.md) + +[Set-EntraBetaNamedLocationPolicy](Set-EntraBetaNamedLocationPolicy.md) + +[Remove-EntraBetaNamedLocationPolicy](Remove-EntraBetaNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.md new file mode 100644 index 0000000000..ee19654797 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaOAuth2PermissionGrant.md @@ -0,0 +1,190 @@ +--- +title: Get-EntraBetaOAuth2PermissionGrant +description: This article provides details on the Get-EntraBetaOAuth2PermissionGrant Command. + + +ms.topic: reference +ms.date: 10/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraBetaOAuth2PermissionGrant + +## Synopsis + +Gets OAuth2PermissionGrant entities. + +## Syntax + +```powershell +Get-EntraBetaOAuth2PermissionGrant + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaOAuth2PermissionGrant` cmdlet gets OAuth2PermissionGrant entities in Microsoft Entra ID. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader + +## Examples + +### Example 1: Get the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaOAuth2PermissionGrant +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal 1/3/2024 1:28:59 PM aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal 1/3/2024 1:28:59 PM aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets the OAuth2 permission grants. + +### Example 2: Get all the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaOAuth2PermissionGrant -All +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal 1/3/2024 1:28:59 PM aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal 1/3/2024 1:28:59 PM aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets all the OAuth2 permission grants. + +### Example 3: Get OAuth2 permission grants for a user in a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraBetaOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List +``` + +```Output +ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +ClientId : 22223333-cccc-4444-dddd-5555eeee6666 +ConsentType : Principal +Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222 +ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 +Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All +AdditionalProperties : {} +``` + +This example gets the OAuth2 permission grants for a user in a service principal. + +### Example 4: Get top 2 OAuth2 permission grants record + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaOAuth2PermissionGrant -Top 2 +``` + +```output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ------------ ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals 1/3/2024 1:28:59 PM b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +``` + +This command gets top 2 OAuth2 permission grants records. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaOAuth2PermissionGrant](Remove-EntraBetaOAuth2PermissionGrant.md) +[New-EntraBetaOAuth2PermissionGrant](New-EntraBetaOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.md new file mode 100644 index 0000000000..e379cfc51d --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantConditionSet.md @@ -0,0 +1,216 @@ +--- +title: Get-EntraBetaPermissionGrantConditionSet +description: This article provides details on the Get-EntraBetaPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Get-EntraBetaPermissionGrantConditionSet + +## Synopsis + +Get a Microsoft Entra ID permission grant condition set by ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPermissionGrantConditionSet + -ConditionSetType + -PolicyId + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPermissionGrantConditionSet + -Id + -ConditionSetType + -PolicyId + [-Property ] + [] +``` + +## Description + +Get a Microsoft Entra ID permission grant condition set object by ID. + +## Examples + +### Example 1: Get all permission grant condition sets that are included in the permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' +} + +Get-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets all permission grant condition sets that are included in the policy. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. + +### Example 2: Get all permission grant condition sets that are excluded in the permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'excludes' +} + +Get-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +bbbbbbbb-1111-2222-3333-cccccccccccc False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +cccccccc-2222-3333-4444-dddddddddddd False {44445555-eeee-6666-ffff-7777gggg8888} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets all permission grant condition sets that are excluded in the policy. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. + +### Example 3: Get a permission grant condition set + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} + +Get-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets a permission grant condition set specified by Id. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of the permission grant condition set object. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.PermissionGrantConditionSet + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantConditionSet](New-EntraBetaPermissionGrantConditionSet.md) + +[Set-EntraBetaPermissionGrantConditionSet](Set-EntraBetaPermissionGrantConditionSet.md) + +[Remove-EntraBetaPermissionGrantConditionSet](Remove-EntraBetaPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantPolicy.md new file mode 100644 index 0000000000..9ba384bfc9 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPermissionGrantPolicy.md @@ -0,0 +1,135 @@ +--- +title: Get-EntraBetaPermissionGrantPolicy +description: This article provides details on the Get-EntraBetaPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaPermissionGrantPolicy + +## Synopsis + +Gets a permission grant policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPermissionGrantPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPermissionGrantPolicy + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaPermissionGrantPolicy` cmdlet gets a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Get all permission grant policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +Get-EntraBetaPermissionGrantPolicy +``` + +```Output +DeletedDateTime Description +--------------- ----------- + Includes all application permissions (app roles), for all APIs, for any client application. + Includes all chat resoruce-specific application permissions, for all APIs, for any client application. + (Deprecated) Includes all team resource-specific application permissions, for all APIs, for any client application. +``` + +This command gets all the permission grant policies. + +### Example 2: Get a permission grant policy by ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +Get-EntraBetaPermissionGrantPolicy -Id 'testtenant-sampleapp-permissions' +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + Permissions for sample app in test tenant Sample app permissions testtenant-sampleapp-permissions +``` + +This command gets the specified permission grant policy. + +- `Id` parameter specifies the permission grant policy ID. + +## Parameters + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantPolicy](New-EntraBetaPermissionGrantPolicy.md) + +[Set-EntraBetaPermissionGrantPolicy](Set-EntraBetaPermissionGrantPolicy.md) + +[Remove-EntraBetaPermissionGrantPolicy](Remove-EntraBetaPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicy.md new file mode 100644 index 0000000000..a0c4fc6241 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicy.md @@ -0,0 +1,197 @@ +--- +title: Get-EntraBetaPolicy +description: This article provides details on the Get-EntraBetaPolicy command. + + +ms.topic: reference +ms.date: 07/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaPolicy + +## Synopsis + +Gets a policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaPolicy + [-Top ] + [-All] + [] +``` + +### GetById + +```powershell +Get-EntraBetaPolicy + -Id + [-All] + [] +``` + +## Description + +The `Get-EntraBetaPolicy` cmdlet gets a policy in Microsoft Entra ID. Specify `Id` parameter to get a specific policy. + +## Examples + +### Example 1: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaPolicy +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} Activepolicy bbbbbbbb-1111-2222-3333-cccccccccccc +{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} PolicyDemo aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example shows how to return all policies. + +### Example 2: Get policy using Display Name + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + Permissions consentable based on Microsoft's current recommendations. Microsoft User Default Recommended Policy microsoft-user-default-recommended +``` + +This example shows how to get a specific policy using Display Name. + +### Example 3: Get a policy with specific ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaPolicy -Id 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False True +``` + +This example demonstrated how to receive policy with specific ID. + +- `Id` parameter specifies the unique policy ID, which you want to receive. In this example, `bbbbbbbb-1111-2222-3333-cccccccccccc` represents the ID of the policy. + +### Example 4: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaPolicy -All +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} Activepolicy bbbbbbbb-1111-2222-3333-cccccccccccc +{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} PolicyDemo aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example demonstrates how to retrieve all policies in Microsoft Entra ID. + +### Example 5: Get the top one policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaPolicy -Top 1 +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False True +``` + +This example demonstrates how to retrieve top one policies in Microsoft Entra ID. + +## Parameters + +### -Id + +The Id of the policy you want to retrieve. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all policies. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPolicy](New-EntraBetaPolicy.md) + +[Remove-EntraBetaPolicy](Remove-EntraBetaPolicy.md) + +[Set-EntraBetaPolicy](Set-EntraBetaPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicyAppliedObject.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicyAppliedObject.md new file mode 100644 index 0000000000..a497859100 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaPolicyAppliedObject.md @@ -0,0 +1,86 @@ +--- +title: Get-EntraBetaPolicyAppliedObject +description: This article provides details on the Get-EntraBetaPolicyAppliedObject command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaPolicyAppliedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaPolicyAppliedObject + +## Synopsis + +Gets a policy-applied object from Microsoft Entra ID. + +## Syntax + +```powershell +Get-EntraBetaPolicyAppliedObject + -Id + [] +``` + +## Description + +The `Get-EntraBetaPolicyAppliedObject` cmdlet gets a policy-applied object from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve a policy-applied object + +```powershell +Connect-Entra -Scopes 'Application.Read.All', 'Policy.ReadWrite.ApplicationConfiguration' +Get-EntraBetaPolicyAppliedObject -Id 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-1111-1111-1111-000000000000 +bbbbcccc-1111-dddd-2222-eeee3333ffff +``` + +This command retrieves policy-applied object from Microsoft Entra ID. + +- `-Id` Parameter specifies ID of the policy for which you want to find the objects. + +## Parameters + +### -Id + +The ID of the policy for which you want to find the objects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaServicePrincipalPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaServicePrincipalPolicy.md new file mode 100644 index 0000000000..a58d839d97 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaServicePrincipalPolicy.md @@ -0,0 +1,89 @@ +--- +title: Get-EntraBetaServicePrincipalPolicy +description: This article provides details on the Get-EntraBetaServicePrincipalPolicy command. + + +ms.topic: reference +ms.date: 07/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaServicePrincipalPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalPolicy + +## Synopsis + +Gets a servicePrincipal policy. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalPolicy + -Id + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalPolicy` cmdlet gets the policy of a service principal in Microsoft Entra ID. Specify the `Id` parameter to get a specific servicePrincipal policy. + +## Examples + +### Example 1: Get a policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Application.ReadWrite.All' +Get-EntraBetaServicePrincipalPolicy -Id 'bbbbbbbb-1111-1111-1111-cccccccccccc' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +demotest2 bbbbbbbb-1111-1111-1111-cccccccccccc ActivityBasedTimeoutPolicy +``` + +This command retrieves the policy for a specified service principal in Microsoft Entra ID. + +- `-Id` Parameter specifies the ID of the Service Principal. + +## Parameters + +### -Id + +The ID of the Service Principal for which you want to retrieve the policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalPolicy](Add-EntraBetaServicePrincipalPolicy.md) + +[Remove-EntraBetaServicePrincipalPolicy](Remove-EntraBetaServicePrincipalPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..25cf3a0dc7 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,169 @@ +--- +title: Get-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Get-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaTrustFrameworkPolicy + +## Synopsis + +Retrieves the created trust framework policies (custom policies) in the directory. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaTrustFrameworkPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaTrustFrameworkPolicy + -Id + [-OutputFilePath ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaTrustFrameworkPolicy` cmdlet retrieves the trust framework policies that have been created in the directory. + +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. + +## Examples + +### Example 1: Retrieves the list of all trust framework policies in the directory + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +Get-EntraBetaTrustFrameworkPolicy +``` + +```Output Id --- B2C_1A_SIGNUP_SIGNIN B2C_1A_TRUSTFRAMEWORKBASE +B2C_1A_TRUSTFRAMEWORKEXTENSIONS +``` + +This example retrieves the list of all trust framework policies in the directory. + +### Example 2: Retrieves the contents of the specified trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_SIGNUP_SIGNIN' +} +Get-EntraBetaTrustFrameworkPolicy @params +``` + +This example retrieves the contents of the specified trust framework policy. + +The contents of received trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. + +### Example 3: Retrieves the contents of the specified trust framework policy on specific output file path + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_SIGNUP_SIGNIN' + OutputFilePath = 'C:\RetrivedPolicy.xml' +} +Get-EntraBetaTrustFrameworkPolicy @params +``` + +This example retrieves the contents of the specified trust framework policy on specific output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-OutputFilePath` Parameter specifies the path to the file used for retrieve the contents of trust framework policy. + +## Parameters + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for retrieve the contents of trust framework policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.md new file mode 100644 index 0000000000..df4b2a8f6f --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaTrustedCertificateAuthority.md @@ -0,0 +1,165 @@ +--- +title: Get-EntraBetaTrustedCertificateAuthority +description: This article provides details on the Get-EntraBetaTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Get-EntraBetaTrustedCertificateAuthority + +## Synopsis + +Gets the trusted certificate authority. + +## Syntax + +```powershell +Get-EntraBetaTrustedCertificateAuthority + [-TrustedIssuer ] + [-TrustedIssuerSki ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaTrustedCertificateAuthority` cmdlet gets the trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaTrustedCertificateAuthority +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example3.crl +DeltaCrlDistributionPoint : https://example3.crl +TrustedCertificate : {48, 130, 3, 0…} +TrustedIssuer : CN=mscmdlet +TrustedIssuerSki : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +This command retrieves the trusted certificate authorities that are defined in your directory. + +### Example 2: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuer + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaTrustedCertificateAuthority -TrustedIssuer 'CN=mscmdlet' +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example3.crl +DeltaCrlDistributionPoint : https://example3.crl +TrustedCertificate : {48, 130, 3, 0…} +TrustedIssuer : CN=mscmdlet +TrustedIssuerSki : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuer. + +- `-TrustedIssuer` parameter specifies the trusted issuer. + +### Example 3: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraBetaTrustedCertificateAuthority -TrustedIssuerSki '4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD' +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example3.crl +DeltaCrlDistributionPoint : https://example3.crl +TrustedCertificate : {48, 130, 3, 0…} +TrustedIssuer : CN=mscmdlet +TrustedIssuerSki : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki. + +- `-TrustedIssuerSki` parameter specifies the trusted issuer ski. + +## Parameters + +### -TrustedIssuer + +Specifies a trusted issuer. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TrustedIssuerSki + +Specifies a trusted issuer ski. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaTrustedCertificateAuthority](New-EntraBetaTrustedCertificateAuthority.md) + +[Set-EntraBetaTrustedCertificateAuthority](Set-EntraBetaTrustedCertificateAuthority.md) + +[Remove-EntraBetaTrustedCertificateAuthority](Remove-EntraBetaTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationMethod.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationMethod.md similarity index 94% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationMethod.md rename to module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationMethod.md index d17b4bb236..acc2cf6610 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationMethod.md +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationMethod.md @@ -9,9 +9,9 @@ ms.author: eunicewaweru ms.reviewer: stevemutungi manager: CelesteDG author: msewaweru -external help file: Microsoft.Graph.Entra.Beta-Help.xml -Module Name: Microsoft.Graph.Entra.Beta -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationMethod +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserAuthenticationMethod schema: 2.0.0 --- diff --git a/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.md b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.md new file mode 100644 index 0000000000..cba343b64a --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Get-EntraBetaUserAuthenticationRequirement.md @@ -0,0 +1,97 @@ +--- +title: Get-EntraBetaUserAuthenticationRequirement +description: This article provides details on the Get-EntraBetaUserAuthenticationRequirement Command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserAuthenticationRequirement + +schema: 2.0.0 +--- + +# Get-EntraBetaUserAuthenticationRequirement + +## Synopsis + +Retrieve the authentication method status of a user. + +## Syntax + +```powershell +Get-EntraBetaUserAuthenticationRequirement + -UserId + [] +``` + +## Description + +The `Get-EntraBetaUserAuthenticationRequirement` cmdlet retrieves the authentication method status of a user. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles can perform this operation: + +- Global Reader +- Authentication Policy Administrator + +## Examples + +### Example 1: Retrieve a User's MFA Status + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraBetaUserAuthenticationRequirement -UserId 'SawyerM@contoso.com' +``` + +```Output +perUserMfaState @odata.context +--------------- -------------- +disabled https://graph.microsoft.com/beta/$metadata#users(..) +``` + +This example retrieves the authentication method status of a user. + +A user's state shows whether an Authentication Administrator enrolls them in per-user Microsoft Entra multifactor authentication. User accounts have one of three distinct states in Microsoft Entra MFA: + +- `Disabled` - The default state for a user not enrolled in per-user Microsoft Entra multifactor authentication. +- `Enabled` - The user is enrolled in per-user Microsoft Entra multifactor authentication, but can still use their password for legacy authentication. If the user has no registered MFA authentication methods, they receive a prompt to register the next time they sign in using modern authentication (such as when they sign in on a web browser). +- `Enforced` - The user is enrolled per-user in Microsoft Entra multifactor authentication. If the user has no registered authentication methods, they receive a prompt to register the next time they sign in using modern authentication (such as when they sign in on a web browser). Users who complete registration while they're Enabled are automatically moved to the Enforced state. + +## Parameters + +### -UserId + +Specifies the ID (as a UserPrincipalName or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +The most effective way to protect users with Microsoft Entra MFA is by creating a Conditional Access policy. Conditional Access, a feature available in Microsoft Entra ID P1 and P2, allows you to enforce MFA based on specific conditions and scenarios. To learn how to set up Conditional Access, refer to the tutorial: [Secure user sign-in events with Microsoft Entra multifactor authentication](https://learn.microsoft.com/entra/identity/authentication/tutorial-enable-azure-mfa). + +For Microsoft Entra ID Free tenants without Conditional Access, you can [use security defaults](https://learn.microsoft.com/entra/fundamentals/security-defaults) to protect users. MFA prompts are automatic, but you can't customize the rules. + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaConditionalAccessPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaConditionalAccessPolicy.md new file mode 100644 index 0000000000..055c3abd93 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaConditionalAccessPolicy.md @@ -0,0 +1,311 @@ +--- +title: New-EntraBetaConditionalAccessPolicy +description: This article provides details on the New-EntraBetaConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaConditionalAccessPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaConditionalAccessPolicy + +## Synopsis + +Creates a new conditional access policy in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraBetaConditionalAccessPolicy + [-Id ] + [-SessionControls ] + [-ModifiedDateTime ] + [-CreatedDateTime ] + [-State ] + [-GrantControls ] + [-Conditions ] + [-DisplayName ] + [] +``` + +## Description + +This cmdlet allows an admin to create new conditional access policy in Microsoft Entra ID. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Creates a new conditional access policy in Microsoft Entra ID that require MFA to access Exchange Online + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$conditions.Applications.IncludeApplications = '00000002-0000-0ff1-ce00-000000000000' +$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$conditions.Users.IncludeUsers = 'all' +$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$controls._Operator = 'OR' +$controls.BuiltInControls = 'mfa' +$params = @{ + DisplayName = 'MFA policy' + State = 'Enabled' + Conditions = $conditions + GrantControls = $controls + } + +New-EntraBetaConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State +-- --------------- ----------- ----------- ---------------- ----- +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 31-07-2024 07:22:21 MFA policy enabled +``` + +This command creates a new conditional access policy in Microsoft Entra ID that requires MFA to access Exchange Online. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +### Example 2: Creates a new conditional access policy in Microsoft Entra ID that blocks access to Exchange Online from nontrusted regions + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$conditions.Applications.IncludeApplications = '00000002-0000-0ff1-ce00-000000000000' +$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$conditions.Users.IncludeUsers = 'all' +$conditions.Locations = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition +$conditions.Locations.IncludeLocations = '5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9' +$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$controls._Operator = 'OR' +$controls.BuiltInControls = 'block' + +$params = @{ + DisplayName = 'MFA policy' + State = 'Enabled' + Conditions = $conditions + GrantControls = $controls +} + +New-EntraBetaConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State +-- --------------- ----------- ----------- ---------------- ----- +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 31-07-2024 07:22:21 MFA policy enabled +``` + +This command creates a new conditional access policy in Microsoft Entra ID that blocks access to Exchange Online from nontrusted regions. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. + +### Example 3: Use all conditions and controls + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' + +$Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$Condition.clientAppTypes = @("mobileAppsAndDesktopClients","browser") +$Condition.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$Condition.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" +$Condition.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$Condition.Users.IncludeUsers = "all" + +$Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$Controls._Operator = "AND" +$Controls.BuiltInControls = @("mfa") + +$SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls +$ApplicationEnforcedRestrictions = New-Object Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions +$ApplicationEnforcedRestrictions.IsEnabled = $true +$SessionControls.applicationEnforcedRestrictions = $ApplicationEnforcedRestrictions +$params = @{ + DisplayName = "ConditionalAccessPolicy" + Conditions = $conditions + GrantControls = $controls + SessionControls = $SessionControls + } +New-EntraBetaConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State +-- --------------- ----------- ----------- ---------------- ----- +aaaaaaaa-1111-1111-1111-000000000000 16/08/2024 08:09:34 ConditionalAccessPolicy enabled +``` + +This example creates new conditional access policy in Microsoft Entra ID with all the conditions and controls. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +## Parameters + +### -DisplayName + +Specifies the display name of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the enabled or disabled state of the conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Conditions + +Specifies the conditions for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessConditionSet +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GrantControls + +Specifies the controls for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessGrantControls +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreatedDateTime + +The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. Readonly. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ModifiedDateTime + +The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. Readonly. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SessionControls + +Enables limited experiences within specific cloud applications. + +```yaml +Type: ConditionalAccessSessionControls +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaConditionalAccessPolicy](Get-EntraBetaConditionalAccessPolicy.md) + +[Set-EntraBetaConditionalAccessPolicy](Set-EntraBetaConditionalAccessPolicy.md) + +[Remove-EntraBetaConditionalAccessPolicy](Remove-EntraBetaConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaFeatureRolloutPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaFeatureRolloutPolicy.md new file mode 100644 index 0000000000..fdac3f7d84 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaFeatureRolloutPolicy.md @@ -0,0 +1,224 @@ +--- +title: New-EntraBetaFeatureRolloutPolicy +description: This article provides details on the New-EntraBetaFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaFeatureRolloutPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaFeatureRolloutPolicy + +## Synopsis + +Allows an admin to create the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraBetaFeatureRolloutPolicy + -Feature + -IsEnabled + [-Description ] + [-IsAppliedToOrganization ] + [-AppliesTo ] + -DisplayName + [] +``` + +## Description + +The `New-EntraBetaFeatureRolloutPolicy` cmdlet allows an admin to create the policy for cloud authentication roll-out (users moving from federation to cloud auth) in Microsoft Entra ID. + +The policy admin can identify whether the users authenticate using password hashes in Microsoft Entra ID (Password hash-sync) or Microsoft Entra ID on-premises directly (Pass-through authentication). + +## Examples + +### Example 1: Creates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Feature = 'PassthroughAuthentication' + DisplayName = 'Passthrough Authentication Rollout Policy' + IsEnabled = $false +} +New-EntraBetaFeatureRolloutPolicy @params +``` + +```Output + +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee Passthrough Authentication Rollout Policy passthroughAuthentication False False +``` + +This example creates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Feature` specifies a feature assigned to the cloud authentication roll-out policy. +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +- `-DisplayName` specifies the display name of the cloud authentication roll-out policy. + +- `-IsEnabled` specifies the status of cloud authentication roll-out policy. + +### Example 2: Creates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Feature = 'PassthroughAuthentication' + DisplayName = 'FeatureRolloutPolicy' + IsEnabled = $false + IsAppliedToOrganization = $false +} +New-EntraBetaFeatureRolloutPolicy @params +``` + +```Output + +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee FeatureRolloutPolicy passthroughAuthentication False False +``` + +This command creates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Feature` specifies a feature assigned to the cloud authentication roll-out policy. +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +- `-DisplayName` specifies the display name of the cloud authentication roll-out policy. + +- `-IsEnabled` specifies the status of cloud authentication roll-out policy. + +- `-IsAppliedToOrganization` specifies if the cloud authentication roll-out policy applied to the entire organization. + +## Parameters + +### -DisplayName + +Specifies the display name of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Feature + +Specifies a feature assigned to the cloud authentication roll-out policy. + +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +```yaml +Type: FeatureEnum +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies the status of cloud authentication roll-out policy. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppliesTo + +Specifies a list of Microsoft Entra ID objects that is assigned to the feature. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAppliedToOrganization + +Specifies if the cloud authentication roll-out policy applied to the entire organization. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.MsFeatureRolloutPolicy + +## Notes + +## Related Links + +[Get-EntraBetaFeatureRolloutPolicy](Get-EntraBetaFeatureRolloutPolicy.md) + +[Set-EntraBetaFeatureRolloutPolicy](Set-EntraBetaFeatureRolloutPolicy.md) + +[Remove-EntraBetaFeatureRolloutPolicy](Remove-EntraBetaFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaIdentityProvider.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaIdentityProvider.md new file mode 100644 index 0000000000..aea2a52ee1 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaIdentityProvider.md @@ -0,0 +1,165 @@ +--- +title: New-EntraBetaIdentityProvider +description: This article provides details on the New-EntraBetaIdentityProvider command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaIdentityProvider + +schema: 2.0.0 +--- + +# New-EntraBetaIdentityProvider + +## Synopsis + +Configure a new identity provider in the directory. + +## Syntax + +```powershell +New-EntraBetaIdentityProvider + -ClientId + -Type + -ClientSecret + [-Name ] + [] +``` + +## Description + +The `New-EntraBetaIdentityProvider` cmdlet is used to configure an identity provider in the directory. + +Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. + +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be: + +- Microsoft +- Google +- Facebook +- Amazon +- LinkedIn + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add Google identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +New-EntraBetaIdentityProvider -Type 'Google' -Name 'GoogleName' -ClientId 'Google123' -ClientSecret 'GoogleClientSecret' +``` + +```Output +Id DisplayName +-- ----------- +Google-OAUTH GoogleName +``` + +This example adds a Google identity provider. + +- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. +- `-Name` parameter specifies the display name of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaIdentityProvider](Set-EntraBetaIdentityProvider.md) + +[Remove-EntraBetaIdentityProvider](Remove-EntraBetaIdentityProvider.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaInvitation.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaInvitation.md new file mode 100644 index 0000000000..35fc4d871f --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaInvitation.md @@ -0,0 +1,335 @@ +--- +title: New-EntraBetaInvitation +description: This article provides details on the New-EntraBetaInvitation command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaInvitation + +schema: 2.0.0 +--- + +# New-EntraBetaInvitation + +## Synopsis + +This cmdlet is used to invite a new external user to your directory + +## Syntax + +```powershell +New-EntraBetaInvitation + [-InvitedUser ] + [-InvitedUserMessageInfo ] + [-InvitedUserType ] + [-SendInvitationMessage ] + -InvitedUserEmailAddress + [-ResetRedemption ] + [-InvitedUserDisplayName ] + -InviteRedirectUrl + [] +``` + +## Description + +This cmdlet is used to invite a new external user to your directory. + +Invitation adds an external user to the organization. When creating a new invitation, you have several options available: + +- On invitation creation, Microsoft Graph can automatically send an invitation email directly to the invited user, or your app can use the inviteRedeemUrl returned in the response to craft your own invitation (through your communication mechanism of choice) to the invited user. If you decide to have Microsoft Graph send an invitation email automatically, you can specify the content and language of the email by using invitedUserMessageInfo. + +- When the user is invited, a user entity (of userType Guest) is created and can be used to control access to resources. The invited user has to go through the redemption process to access any resources they have been invited to. + +To reset the redemption status for a guest user, the User.ReadWrite.All permission is the minimum required. + +For delegated scenarios, the signed-in user must have at least one of the following roles: Guest Inviter, Directory Writers, or User Administrator. Additionally, to reset the redemption status, the signed-in user must have the Helpdesk Administrator or User Administrator role. + +## Examples + +### Example 1: Invite a new external user to your directory + +```powershell +Connect-Entra -Scopes 'User.Invite.All' +$params = @{ + InvitedUserEmailAddress = 'someexternaluser@externaldomain.com' + SendInvitationMessage = $True + InviteRedirectUrl = 'https://myapps.onmicrosoft.com' +} + +New-EntraBetaInvitation @params +``` + +```Output +Id InviteRedeemUrl +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-cc… +``` + +This example sent an email to the user who's email address is in the `-InvitedUserEmailAddress` parameter. + +When the user accepts the invitation, they're forwarded to the url as specified in the `-InviteRedirectUrl` parameter. + +- `-SendInvitationMessage` Parameter indicates whether or not an invitation message will be sent to the invited user. + +### Example 2: Invite a new external user to your directory with InvitedUserDisplayName parameter + +```powershell +Connect-Entra -Scopes 'User.Invite.All' +$params = @{ + InvitedUserEmailAddress = 'someexternaluser@externaldomain.com' + SendInvitationMessage = $True + InviteRedirectUrl = 'https://myapps.onmicrosoft.com' + InvitedUserDisplayName = 'microsoftuser' +} + +New-EntraBetaInvitation @params +``` + +```Output +Id InviteRedeemUrl +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-cc… +``` + +This example demonstrates how to invite a new external user to your directory with `-InvitedUserDisplayName` parameter. + +- `-InvitedUserEmailAddress`Parameter specifies the Email address to which the invitation is sent. +- `-SendInvitationMessage` Parameter indicates whether or not an invitation message will be sent to the invited user +- `-InviteRedirectUrl` Parameter specifies The URL to which the invited user is forwarded after accepting the invitation. +- `-InvitedUserDisplayName`Parameter specifies the display name of the user. + +### Example 3: Invite a new external user to your directory with InvitedUserMessageInfo parameter + +```powershell +Connect-Entra -Scopes 'User.Invite.All' +$a= New-Object Microsoft.Open.MSGraph.Model.InvitedUserMessageInfo +$a.CustomizedMessageBody = 'Hi there, how are you' +$a.MessageLanguage = 'EN' +$params = @{ + InvitedUserEmailAddress = 'someexternaluser@externaldomain.com' + SendInvitationMessage = $True + InviteRedirectUrl = 'https://myapps.microsoft.com' + InvitedUserMessageInfo = $a +} + +New-EntraBetaInvitation @params +``` + +```Output +Id InviteRedeemUrl +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-cc… +``` + +This example demonstrates how to invite a new external user to your directory with InvitedUserMessageInfo parameter. + +- `-InvitedUserEmailAddress`Parameter specifies the Email address to which the invitation is sent. +- `-SendInvitationMessage` Parameter indicates whether or not an invitation message will be sent to the invited user. +- `-InviteRedirectUrl` Parameter specifies The URL to which the invited user is forwarded after accepting the invitation. +- `-InvitedUserMessageInfo`Parameter specifies addition information to specify how the invitation message is sent. + +### Example 4: Invite a new external user to your directory with InvitedUserType parameter + +```powershell +Connect-Entra -Scopes 'User.Invite.All' +$params = @{ + InvitedUserEmailAddress = 'someexternaluser@externaldomain.com' + SendInvitationMessage = $True + InviteRedirectUrl = 'https://myapps.microsoft.com' + InvitedUserType = 'Guest' +} + +New-EntraBetaInvitation @params +``` + +```Output +Id InviteRedeemUrl +-- --------------- +9e2b9f02-c2cb-4832-920d-81959f44e397 https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-cc… +``` + +This example demonstrates how to invite a new external user to your directory with InvitedUserType parameter. + +### Example 5: Reset a Redemption for an external user + +```powershell +Connect-Entra -Scopes 'User.Invite.All' +$params = @{ + InvitedUserEmailAddress = 'someexternaluser@externaldomain.com' + SendInvitationMessage = $True + InviteRedirectUrl = 'https://myapps.onmicrosoft.com' + InvitedUserDisplayName = 'microsoftuser' + ResetRedemption = $true +} +New-EntraBetaInvitation @params +``` + +```Output +Id InviteRedeemUrl +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-cc… +``` + +In this example, we show how an admin can reset the redemption for an external user in the `-InvitedUser` parameter. +They need to pass the switch `-ResetRedemption` as true. +Once reset, External user has to re-redeem the invitation to continue to access the resources. + +## Parameters + +### -InvitedUserDisplayName + +The display name of the user as it appears in your directory. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InvitedUserEmailAddress + +The Email address to which the invitation is sent. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InvitedUserMessageInfo + +Addition information to specify how the invitation message is sent. + +```yaml +Type: InvitedUserMessageInfo +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InvitedUser + +An existing user object in the directory that you want to add or update the B2B credentials for. + +```yaml +Type: User +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InvitedUserType + +The userType of the user being invited. By default, this is Guest. + +You can invite as Member if you are company administrator. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InviteRedirectUrl + +The URL to which the invited user is forwarded after accepting the invitation. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SendInvitationMessage + +A Boolean parameter that indicates whether or not an invitation message will be sent to the invited user. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResetRedemption + +Indicates whether the invite redemption on an existing external user should be removed so the user can re-redeem the account. + +By default, this is false and should only be set to true when passing in a valid external user to the InvitedUser property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +- See more information - . + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaNamedLocationPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaNamedLocationPolicy.md new file mode 100644 index 0000000000..3b536f9063 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaNamedLocationPolicy.md @@ -0,0 +1,236 @@ +--- +title: New-EntraBetaNamedLocationPolicy +description: This article provides details on the New-EntraBetaNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaNamedLocationPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaNamedLocationPolicy + +## Synopsis + +Creates a new named location policy in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraBetaNamedLocationPolicy + [-IncludeUnknownCountriesAndRegions ] + [-Id ] + [-IsTrusted ] + [-OdataType ] + [-CountriesAndRegions ] + [-IpRanges ] + [-DisplayName ] + [] +``` + +## Description + +This cmdlet allows an admin to create new named location policy in Microsoft Entra ID. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Creates a new Ip named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange +$ipRanges.cidrAddress = '6.5.4.3/32' +$params = @{ + OdataType = '#microsoft.graph.ipNamedLocation' + DisplayName = 'IP named location policy' + IsTrusted = $false + IpRanges = $ipRanges +} + +New-EntraBetaNamedLocationPolicy @params +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +bbbbbbbb-1111-2222-3333-cccccccccccc 31-07-2024 10:45:27 IP named location policy 31-07-2024 10:45:27 +``` + +This command creates a new country named location policy in Microsoft Entra ID. + +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-IsTrusted` parameter specifies the IsTrusted value for the named location policy. +- `-IpRanges` parameter specifies List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. + +### Example 2: Creates a new country named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + OdataType = '#microsoft.graph.countryNamedLocation' + DisplayName = 'Country named location policy' + CountriesAndRegions = 'IN' + IncludeUnknownCountriesAndRegions = $false +} + +New-EntraBetaNamedLocationPolicy @params +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +cccccccc-2222-3333-4444-dddddddddddd 31-07-2024 10:46:16 Country named location policy 31-07-2024 10:46:16 +``` + +This command creates a new country named location policy in Microsoft Entra ID. + +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-CountriesAndRegions` parameter specifies the countries and regions for the named location policy. +- `-IncludeUnknownCountriesAndRegions` parameter specifies the includeUnknownCountriesAndRegions value for the named location policy. + +## Parameters + +### -OdataType + +Specifies the OData type of a named location policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IpRanges + +List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. The @odata.type of the ipRange is also required. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsTrusted + +Specifies the `IsTrusted` value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CountriesAndRegions + +Specifies the countries and regions for the named location policy in Microsoft Entra ID. List of countries and/or regions in the two-letter format specified by ISO 3166-2. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeUnknownCountriesAndRegions + +Specifies the includeUnknownCountriesAndRegions value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [Create namedLocation](/graph/api/conditionalaccessroot-post-namedlocations). + +## Related Links + +[Get-EntraBetaNamedLocationPolicy](Get-EntraBetaNamedLocationPolicy.md) + +[Set-EntraBetaNamedLocationPolicy](Set-EntraBetaNamedLocationPolicy.md) + +[Remove-EntraBetaNamedLocationPolicy](Remove-EntraBetaNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaOauth2PermissionGrant.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaOauth2PermissionGrant.md new file mode 100644 index 0000000000..7a2ea21c0a --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaOauth2PermissionGrant.md @@ -0,0 +1,220 @@ +--- +title: New-EntraBetaOauth2PermissionGrant +description: This article provides details on the New-EntraBetaOauth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/28/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaOauth2PermissionGrant + +schema: 2.0.0 +--- + +# New-EntraBetaOauth2PermissionGrant + +## Synopsis + +Create a delegated permission grant using an oAuth2PermissionGrant object. This grant allows a client service principal to access a resource service principal on behalf of a signed-in user, with access restricted to the specified delegated permissions. + +## Syntax + +```powershell +New-EntraBetaOauth2PermissionGrant + -ClientId + -ConsentType + -ResourceId + -StartTime + -ExpiryTime + [-PrincipalId ] + [-Scope ] + [] +``` + +## Description + +The `New-EntraBetaOauth2PermissionGrant` cmdlet creates a delegated permission grant using an oAuth2PermissionGrant object. This grant authorizes a client service principal to access a resource service principal on behalf of a signed-in user, with access limited to the specified delegated permissions. + +## Examples + +### Example 1: To grant authorization to impersonate all users + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraBetaServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'AllPrincipals' + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraBetaOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... + +``` + +This command Grant authorization to impersonate all users. + +### Example 2: To grant authorization to impersonate a specific user + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraBetaServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'Principal' + PrincipalId = $user.Id + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraBetaOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... +``` + +This command Grant authorization to impersonate a specific user. + +## Parameters + +### -ClientId + +The object ID (not appId) of the client service principal for the application, which is authorized to act on behalf of a signed-in user when accessing an API. Required. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentType + +Indicates whether the client application is authorized to impersonate all users or only a specific user. + +- `AllPrincipals`: Authorizes the application to impersonate all users. +- `Principal`: Authorizes the application to impersonate a specific user. +An administrator can grant consent on behalf of all users. In some cases, non-admin users are authorized to consent on behalf of themselves for certain delegated permissions. This parameter is required and supports the $filter query (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The ID of the resource service principal to which access is authorized. This identifies the API, which the client is authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrincipalId + +The ID of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal, If consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Scope + +A space-separated list of the claim values for delegated permissions, which should be included in access tokens for the resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of the resource service principal. Must not exceed 3,850 characters in length. + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StartTime + +Currently, the start time value is ignored, but a value is required when creating an oAuth2PermissionGrant. Required. + +```yaml +Type: DateTime +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExpiryTime + +Currently, the end time value is ignored, but a value is required when creating an oAuth2PermissionGrant. Required. + +```yaml +Type: DateTime +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## RELATED LINKS + +[Remove-EntraBetaOAuth2PermissionGrant](Remove-EntraBetaOAuth2PermissionGrant.md) +[Get-EntraBetaOAuth2PermissionGrant](Get-EntraBetaOAuth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantConditionSet.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantConditionSet.md new file mode 100644 index 0000000000..94b4720a26 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantConditionSet.md @@ -0,0 +1,372 @@ +--- +title: New-EntraBetaPermissionGrantConditionSet +description: This article provides details on the New-EntraBetaPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# New-EntraBetaPermissionGrantConditionSet + +## Synopsis + +Create a new Microsoft Entra ID permission grant condition set in a given policy. + +## Syntax + +```powershell +New-EntraBetaPermissionGrantConditionSet + -PolicyId + -ConditionSetType + [-Permissions ] + [-ClientApplicationTenantIds ] + [-ClientApplicationsFromVerifiedPublisherOnly ] + [-ClientApplicationIds ] + [-ResourceApplication ] + [-ClientApplicationPublisherIds ] + [-PermissionClassification ] + [-PermissionType ] + [] +``` + +## Description + +Create a new Microsoft Entra ID permission grant condition set object in an existing policy. + +## Examples + +### Example 1: Create a basic permission grant condition set in an existing policy with all build in values + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'includes' +PermissionType = 'delegated' +} + +New-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification +-- ------------------------------- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------- +aaaa0000-bb11-2222-33cc-444444dddddd False {all} {all} {all} False all all delegated {all} +``` + +This command creates a basic permission grant condition set in an existing policy with all build in values. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. + +### Example 2: Create a permission grant condition set in an existing policy that includes specific permissions for a resource application + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$permission = (Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''").AppRoles.Id +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'includes' +PermissionType = 'delegated' +Permissions = @($permission) +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +} + +New-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification +-- ------------------------------- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------- +bbbb1111-cc22-3333-44dd-555555eeeeee False {all} {all} {all} False all all delegated {all} +``` + +This command creates a permission grant condition set in an existing policy that includes specific permissions for a resource application. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. + +### Example 3: Create a permission grant condition set in an existing policy that is excluded + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'excludes' +PermissionType = 'delegated' +Permissions = @('All') +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +PermissionClassification = 'low' +ClientApplicationsFromVerifiedPublisherOnly = $true +ClientApplicationIds = @('All') +ClientApplicationTenantIds = @('All') +ClientApplicationPublisherIds = @('All') +} +New-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification +-- ------------------------------- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------- +dddd3333-ee44-5555-66ff-777777aaaaaa False {all} {all} {all} True low +``` + +This command creates a permission grant condition set in an existing policy that is excluded. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. + +### Example 4: Create a permission grant condition set in an existing policy that is excluded + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$permission = (Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''").AppRoles.Id +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'excludes' +PermissionType = 'delegated' +Permissions = @($permission) +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +PermissionClassification = 'low' +ClientApplicationsFromVerifiedPublisherOnly = $true +ClientApplicationIds = @('00001111-aaaa-2222-bbbb-3333cccc4444', '11112222-bbbb-3333-cccc-4444dddd5555') +ClientApplicationTenantIds = @('aaaabbbb-0000-cccc-1111-dddd2222eeee', 'bbbbcccc-1111-dddd-2222-eeee3333ffff', 'ccccdddd-2222-eeee-3333-ffff4444aaaa') +ClientApplicationPublisherIds = @('33334444-dddd-5555-eeee-6666ffff7777') +} +New-EntraBetaPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +cccccccc-2222-3333-4444-dddddddddddd False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command creates a permission grant condition set in an existing policy that is excluded. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionType + +Specific type of permissions (application, delegated) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionClassification + +Specific classification (all, low, medium, high) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Permissions + +The identifier of the resource application to scope consent operation down to. +It could be @("All") or a list of permission IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationIds + +The set of client application IDs to scope consent operation down to. +It could be @("All") or a list of client application IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationTenantIds + +The set of client application tenant IDs to scope consent operation down to. +It could be @("All") or a list of client application tenant IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationPublisherIds + +The set of client applications publisher IDs to scope consent operation down to. +It could be @("All") or a list of client application publisher IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationsFromVerifiedPublisherOnly + +A value indicates whether to only includes client applications from verified publishers. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceApplication + +The identifier of the resource application to scope consent operation down to. +It could be "Any" or a specific resource application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.PermissionGrantConditionSet + +## Notes + +## Related Links + +[Set-EntraBetaPermissionGrantConditionSet](Set-EntraBetaPermissionGrantConditionSet.md) + +[Get-EntraBetaPermissionGrantConditionSet](Get-EntraBetaPermissionGrantConditionSet.md) + +[Remove-EntraBetaPermissionGrantConditionSet](Remove-EntraBetaPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantPolicy.md new file mode 100644 index 0000000000..8dab1ea3e7 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPermissionGrantPolicy.md @@ -0,0 +1,133 @@ +--- +title: New-EntraBetaPermissionGrantPolicy +description: This article provides details on the New-EntraBetaPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPermissionGrantPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaPermissionGrantPolicy + +## Synopsis + +Creates a permission grant policy. + +## Syntax + +```powershell +New-EntraBetaPermissionGrantPolicy + [-Description ] + [-DisplayName ] + [-Id ] + [] +``` + +## Description + +The `New-EntraBetaPermissionGrantPolicy` cmdlet creates a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Create a permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$params = @{ + Id = 'my_new_permission_grant_policy_id' + DisplayName = 'MyNewPermissionGrantPolicy' + Description = 'My new permission grant policy' +} + +New-EntraBetaPermissionGrantPolicy @params +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + My new permission grant policy MyNewPermissionGrantPolicy my_new_permission_grant_policy_id +``` + +This example creates new permission grant policy in Microsoft Entra ID. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-DisplayName` parameter specifies the display name for the permission grant policy. +- `-Description` parameter specifies the description for the permission grant policy. + +## Parameters + +### -Description + +Specifies the description for the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name for the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaPermissionGrantPolicy](Get-EntraBetaPermissionGrantPolicy.md) + +[Set-EntraBetaPermissionGrantPolicy](Set-EntraBetaPermissionGrantPolicy.md) + +[Remove-EntraBetaPermissionGrantPolicy](Remove-EntraBetaPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPolicy.md new file mode 100644 index 0000000000..915c70c479 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaPolicy.md @@ -0,0 +1,254 @@ +--- +title: New-EntraBetaPolicy +description: This article provides details on the New-EntraBetaPolicy command. + + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaPolicy + +## Synopsis + +Creates a policy. + +## Syntax + +```powershell +New-EntraBetaPolicy + -Definition + -DisplayName + -Type + [-IsOrganizationDefault ] + [] +``` + +## Description + +The `New-EntraBetaPolicy` cmdlet creates a policy in Microsoft Entra ID. Specify `DisplayName`, `Definition` and `Type` parameters for create a new policy. + +## Examples + +### Example 1: Create a new policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') + DisplayName = 'NewPolicy' + Type = 'HomeRealmDiscoveryPolicy' +} +New-EntraBetaPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id IsOrganizationD + efault +---------- --------------- ----------- ----------- -- --------------- +{{"HomeReayPolicy":{"AlternateLoginIDLookup":true, "IncluderIds":["UserID"]}}} NewPolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False +``` + +This command creates a new policy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 2: Create a ClaimsMappingPolicy policy by 'IsOrganizationDefault' parameter + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\"JwtClaimType\":\"upn\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://schemas.microsoft.com/identity/claims/displayname\",\"JwtClaimType\":\"name\"}]}}" ], "displayName": "Custom Claims Issuance Policy", "isOrganizationDefault": false }') + DisplayName ='ClaimstestPolicy' + Type = 'claimsMappingPolicies' + IsOrganizationDefault = $false +} +New-EntraBetaPolicy @params +``` + +```Output +Definition +---------- +{{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLCl… +``` + +This command creates a ClaimsMappingPolicy using 'IsOrganizationDefault' parameter in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` - Parameter specifies the type of policy. In this example, `ClaimsMappingPolicy` + represents the type of policy. + +- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. + +### Example 3: Create a TokenLifetimePolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}') + DisplayName = 'TokenLifetimePolicy' + Type = 'TokenLifetimePolicy' + IsOrganizationDefault = $false +} +New-EntraBetaPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id IsOrganizatio + nDefault +---------- --------------- ----------- ----------- -- ------------- +{{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}} TokenLifetimePolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False +``` + +This command creates a TokenLifetimePolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 4: Create a TokenIssuancePolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly","EmitSAMLNameFormat":"true"}}') + DisplayName = 'tokenIssuance' + Type = 'TokenIssuancePolicy' +} +New-EntraBetaPolicy @params +``` + +```Output +Definition +---------- +{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly… +``` + +This command creates a TokenIssuancePolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 5: Create a ActivityBasedTimeoutPolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') + DisplayName = 'ActivityBasedTimeoutPolicyname' + Type = 'ActivityBasedTimeoutPolicy' +} +New-EntraBetaPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} ActivityBasedTimeoutPolicyname aaaaaaaa-0000-1111-2222... + +``` + +This command creates a ActivityBasedTimeoutPolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +## Parameters + +### -Definition + +Specifies an array of JSON that contains all the rules of the policy, for example: -Definition @("{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}"). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +String of the policy name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsOrganizationDefault + +True if this policy is the organizational default. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of policy. +For token lifetimes, specify "TokenLifetimePolicy." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaPolicy](Get-EntraBetaPolicy.md) + +[Remove-EntraBetaPolicy](Remove-EntraBetaPolicy.md) + +[Set-EntraBetaPolicy](Set-EntraBetaPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..a33ff45fa5 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,191 @@ +--- +title: New-EntraBetaTrustFrameworkPolicy +description: This article provides details on the New-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaTrustFrameworkPolicy + +## Synopsis + +This cmdlet is used to create a trust framework policy (custom policy) in the directory. + +## Syntax + +### Content (Default) + +```powershell +New-EntraBetaTrustFrameworkPolicy + -Content + [-OutputFilePath ] + [] +``` + +### File + +```powershell +New-EntraBetaTrustFrameworkPolicy + -InputFilePath + [-OutputFilePath ] + [] +``` + +## Description + +The `New-EntraBetaTrustFrameworkPolicy` cmdlet is used to create a trust framework policy in the directory. + +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. + +## Examples + +### Example 1: Creates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +New-EntraBetaTrustFrameworkPolicy -Content $policyContent +``` + +The example creates a trust framework policy from the content specified. + +The contents of newly created trust framework policy are displayed on screen. + +- `-Content` Parameter specifies the content of the trust framework policy to be created. + +### Example 2: creates a trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Content = $policyContent + OutputFilePath = 'C:\CreatedPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the content specified. + +The contents of newly created trust framework policy are written to file mentioned in output file path. + +- `-Content` Parameter specifies the content of the trust framework policy to be created. +- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. + +### Example 3: Creates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + InputFilePath = 'C:\InputPolicy.xml' + OutputFilePath = 'C:\CreatedPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the file mentioned in InputFilePath. + +The contents of newly created trust framework policy are written to file mentioned in output file path. + +- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. +- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. + +### Example 4: Creates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + InputFilePath = 'C:\InputPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the file mentioned in InputFilePath. + +The contents of newly created trust framework policy are displayed on screen. + +- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. + +## Parameters + +### -Content + +The content of the trust framework policy to be created. + +```yaml +Type: System.String +Parameter Sets: Content +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -InputFilePath + +Path to the file used for reading the contents of trust framework policy to be created. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for writing the contents of newly created trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustedCertificateAuthority.md b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustedCertificateAuthority.md new file mode 100644 index 0000000000..fb7187c326 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/New-EntraBetaTrustedCertificateAuthority.md @@ -0,0 +1,98 @@ +--- +title: New-EntraBetaTrustedCertificateAuthority +description: This article provides details on the New-EntraBetaTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# New-EntraBetaTrustedCertificateAuthority + +## Synopsis + +Creates a trusted certificate authority. + +## Syntax + +```powershell +New-EntraBetaTrustedCertificateAuthority + -CertificateAuthorityInformation + [] +``` + +## Description + +The `New-EntraBetaTrustedCertificateAuthority` cmdlet creates a trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Creates the trusted certificate authorities in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' + +$new_ca = New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation #Create CertificateAuthorityInformation object +$new_ca.AuthorityType = "RootAuthority" +$new_ca.CrlDistributionPoint = "https://example.crl" +$new_ca.DeltaCrlDistributionPoint = "https://deltaexample.crl" +$new_ca.TrustedCertificate = "Path to .cer file(including cer file name)" +New-EntraBetaTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command creates the trusted certificate authorities in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. +It includes properties like `AuthorityType`, `CrlDistributionPoint`, `DeltaCrlDistributionPoint`, and `TrustedCertificate`. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaTrustedCertificateAuthority](Get-EntraBetaTrustedCertificateAuthority.md) + +[Remove-EntraBetaTrustedCertificateAuthority](Remove-EntraBetaTrustedCertificateAuthority.md) + +[Set-EntraBetaTrustedCertificateAuthority](Set-EntraBetaTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.md new file mode 100644 index 0000000000..f681c03983 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaConditionalAccessPolicy.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraBetaConditionalAccessPolicy +description: This article provides details on the Remove-EntraBetaConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaConditionalAccessPolicy + +## Synopsis + +Deletes a conditional access policy in Microsoft Entra ID by Id. + +## Syntax + +```powershell +Remove-EntraBetaConditionalAccessPolicy + -PolicyId + [] +``` + +## Description + +This cmdlet allows an admin to delete a conditional access policy in Microsoft Entra ID by Id. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Deletes a conditional access policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +$policy = Get-EntraBetaConditionalAccessPolicy | Where-Object {$_.DisplayName -eq 'MFA policy'} +Remove-EntraBetaConditionalAccessPolicy -PolicyId $policy.ObjectId +``` + +This command deletes a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of a conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaConditionalAccessPolicy](Get-EntraBetaConditionalAccessPolicy.md) + +[New-EntraBetaConditionalAccessPolicy](New-EntraBetaConditionalAccessPolicy.md) + +[Set-EntraBetaConditionalAccessPolicy](Set-EntraBetaConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.md new file mode 100644 index 0000000000..7ed0d86189 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraBetaFeatureRolloutPolicy +description: This article provides details on the Remove-EntraBetaFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaFeatureRolloutPolicy + +## Synopsis + +Allows an admin to remove the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraBetaFeatureRolloutPolicy + -Id + [] +``` + +## Description + +An admin uses `Remove-EntraBetaFeatureRolloutPolicy` cmdlet to remove the cloud authentication roll-out policy and have all users where policy applied to be free of the policy. + +Users in groups that were assigned to the policy falls back to the global authentication method (most common case will be federation). Specify `Id` parameter to remove the cloud authentication roll-out policy. + +## Examples + +### Example 1: Removes the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$Policy = Get-EntraBetaFeatureRolloutPolicy -Filter "DisplayName eq 'Feature-Rollout-Policy'" +Remove-EntraBetaFeatureRolloutPolicy -Id $Policy.Id +``` + +This example removes the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` - specifies the unique identifier of the cloud authentication roll-out policy. You can use `Get-EntraBetaFeatureRolloutPolicy` to retrieve policy details. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaFeatureRolloutPolicy](New-EntraBetaFeatureRolloutPolicy.md) + +[Get-EntraBetaFeatureRolloutPolicy](Get-EntraBetaFeatureRolloutPolicy.md) + +[Set-EntraBetaFeatureRolloutPolicy](Set-EntraBetaFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md new file mode 100644 index 0000000000..082fa57c74 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md @@ -0,0 +1,107 @@ +--- +title: Remove-EntraBetaFeatureRolloutPolicyDirectoryObject +description: This article provides details on the Remove-EntraBetaFeatureRolloutPolicyDirectoryObject command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraBetaFeatureRolloutPolicyDirectoryObject + +## Synopsis + +Allows an admin to remove a group from the cloud authentication rollout policy in Microsoft Entra ID. +Users in this group revert back to the authenticating using the global policy (in most cases this will be federation). + +## Syntax + +```powershell +Remove-EntraBetaFeatureRolloutPolicyDirectoryObject + -ObjectId + -Id + [] +``` + +## Description + +An admin uses the `Remove-EntraBetaFeatureRolloutPolicyDirectoryObject` cmdlet to remove groups from the cloud authentication roll-out policy. + +Users in these groups start authenticating against the global authentication policy (for example, +federation). Specify `ObjectId` and `Id` parameter to remove groups from the cloud authentication roll-out policy. + +## Examples + +### Example 1: Removes a group from the cloud authentication roll-out policy from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + ObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Remove-EntraBetaFeatureRolloutPolicyDirectoryObject @params +``` + +This command removes a group from the cloud authentication roll-out policy from Microsoft Entra ID. + +- `-Id` Parameter specifies the ID of the cloud authentication roll-out policy. +- `-ObjectId` parameter specifies the ID of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy. + +## Parameters + +### -ID + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaFeatureRolloutPolicyDirectoryObject](Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaIdentityProvider.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaIdentityProvider.md new file mode 100644 index 0000000000..e606396c78 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaIdentityProvider.md @@ -0,0 +1,91 @@ +--- +title: Remove-EntraBetaIdentityProvider +description: This article provides details on the Remove-EntraBetaIdentityProvider command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaIdentityProvider + +schema: 2.0.0 +--- + +# Remove-EntraBetaIdentityProvider + +## Synopsis + +This cmdlet is used to delete an identity provider in the directory. + +## Syntax + +```powershell +Remove-EntraBetaIdentityProvider + -IdentityProviderBaseId + [] +``` + +## Description + +This cmdlet is used to delete an identity provider that has been configured in the directory. + +The identity provider is permanently deleted. + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Remove the identity provider in the directory + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +Remove-EntraBetaIdentityProvider -IdentityProviderBaseId 'LinkedIn-OAUTH' +``` + +This command demonstrates how to remove the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. + +## Parameters + +### -IdentityProviderBaseId + +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaIdentityProvider](New-EntraBetaIdentityProvider.md) + +[Set-EntraBetaIdentityProvider](Set-EntraBetaIdentityProvider.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaNamedLocationPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaNamedLocationPolicy.md new file mode 100644 index 0000000000..800d3c50e5 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaNamedLocationPolicy.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraBetaNamedLocationPolicy +description: This article provides details on the Remove-EntraBetaNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaNamedLocationPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaNamedLocationPolicy + +## Synopsis + +Deletes a Microsoft Entra ID named location policy by PolicyId. + +## Syntax + +```powershell +Remove-EntraBetaNamedLocationPolicy + -PolicyId + [] +``` + +## Description + +This cmdlet allows an admin to delete the Microsoft Entra ID named location policy. + +Named locations are custom rules that define network locations, which can then be used in a Conditional Access policy. + +## Examples + +### Example 1: Deletes a named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraBetaNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +Remove-EntraBetaNamedLocationPolicy -PolicyId $policy.Id +``` + +This command demonstrates how to delete the named location policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaNamedLocationPolicy](New-EntraBetaNamedLocationPolicy.md) + +[Set-EntraBetaNamedLocationPolicy](Set-EntraBetaNamedLocationPolicy.md) + +[Get-EntraBetaNamedLocationPolicy](Get-EntraBetaNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.md new file mode 100644 index 0000000000..a192806f6c --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaOAuth2PermissionGrant.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraBetaOAuth2PermissionGrant +description: This article provides details on the Remove-EntraBetaOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 08/09/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Remove-EntraBetaOAuth2PermissionGrant + +## Synopsis + +Removes an OAuth2PermissionGrant. + +## Syntax + +```powershell +Remove-EntraBetaOAuth2PermissionGrant + -ObjectId + [] +``` + +## Description + +The `Remove-EntraBetaOAuth2PermissionGrant` cmdlet removes an OAuth2PermissionGrant object in Microsoft Entra ID. + +When a delegated permission grant is deleted, the access it granted is revoked. Existing access tokens will continue to be valid for their lifetime, but new access tokens will not be granted for the delegated permissions identified in the deleted OAuth2PermissionGrant. + +## Examples + +### Example 1: Remove an OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$SharePointSP = Get-EntraBetaServicePrincipal | Where-Object {$_.DisplayName -eq 'Microsoft.SharePoint'} +$SharePointOA2AllSitesRead = Get-EntraBetaOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $SharePointSP.ObjectId} | Where-Object {$_.Scope -eq 'AllSites.Read'} +Remove-EntraBetaOAuth2PermissionGrant -ObjectId $SharePointOA2AllSitesRead.ObjectId +``` + +This example shows how to remove an OAuth2PermissionGrant object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies the ID of an OAuth2PermissionGrant object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaOAuth2PermissionGrant](Get-EntraBetaOAuth2PermissionGrant.md) + +[Get-EntraBetaServicePrincipal](../Applications/Get-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.md new file mode 100644 index 0000000000..5ab50b7a18 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantConditionSet.md @@ -0,0 +1,130 @@ +--- +title: Remove-EntraBetaPermissionGrantConditionSet +description: This article provides details on the Remove-EntraBetaPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Remove-EntraBetaPermissionGrantConditionSet + +## Synopsis + +Delete a Microsoft Entra ID permission grant condition set by ID. + +## Syntax + +```powershell +Remove-EntraBetaPermissionGrantConditionSet + -Id + -ConditionSetType + -PolicyId + [] +``` + +## Description + +Delete a Microsoft Entra ID permission grant condition set object by ID. + +## Examples + +### Example 1: Delete a permission grant condition set from a policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$PermissionGrantConditionSetId = '2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'excludes' + Id = $PermissionGrantConditionSetId +} +Remove-EntraBetaPermissionGrantConditionSet @params +``` + +This example demonstrates how to remove the Microsoft Entra ID permission grant condition set by ID. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantConditionSet](New-EntraBetaPermissionGrantConditionSet.md) + +[Get-EntraBetaPermissionGrantConditionSet](Get-EntraBetaPermissionGrantConditionSet.md) + +[Set-EntraBetaPermissionGrantConditionSet](Set-EntraBetaPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.md new file mode 100644 index 0000000000..07ec4fdedb --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPermissionGrantPolicy.md @@ -0,0 +1,85 @@ +--- +title: Remove-EntraBetaPermissionGrantPolicy +description: This article provides details on the Remove-EntraBetaPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaPermissionGrantPolicy + +## Synopsis + +Removes a permission grant policy. + +## Syntax + +```powershell +Remove-EntraBetaPermissionGrantPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraBetaPermissionGrantPolicy` cmdlet removes a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Remove a permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +Remove-EntraBetaPermissionGrantPolicy -Id 'my_permission_grant_policy_id' +``` + +This command removes the specified permission grant policy in Microsoft Entra ID. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. + +## Parameters + +### -Id + +The unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantPolicy](New-EntraBetaPermissionGrantPolicy.md) + +[Set-EntraBetaPermissionGrantPolicy](Set-EntraBetaPermissionGrantPolicy.md) + +[Get-EntraBetaPermissionGrantPolicy](Get-EntraBetaPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPolicy.md new file mode 100644 index 0000000000..bb798b568d --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaPolicy.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraBetaPolicy +description: This article provides details on the Remove-EntraBetaPolicy command. + +ms.topic: reference +ms.date: 07/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaPolicy + +## Synopsis + +Removes a policy. + +## Syntax + +```powershell +Remove-EntraBetaPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraBetaPolicy` cmdlet removes a policy from Microsoft Entra ID. Specify `Id` parameter to remove a specific policy. + +## Examples + +### Example 1: Remove a policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.ApplicationConfiguration' +Remove-EntraBetaPolicy -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This command removes the specified policy from Microsoft Entra ID. + +- `-Id` - specifies the ID of the policy you want to remove. + +## Parameters + +### -Id + +The Id of the policy you want to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaPolicy](Get-EntraBetaPolicy.md) + +[New-EntraBetaPolicy](New-EntraBetaPolicy.md) + +[Set-EntraBetaPolicy](Set-EntraBetaPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.md new file mode 100644 index 0000000000..6d12056154 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaServicePrincipalPolicy.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraBetaServicePrincipalPolicy +description: This article provides details on the Remove-EntraBetaServicePrincipalPolicy command. + + +ms.topic: reference +ms.date: 07/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaServicePrincipalPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalPolicy + +## Synopsis + +Delete a servicePrincipal policy. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalPolicy + -Id + -PolicyId + [] +``` + +## Description + +Delete a servicePrincipal policy. Specify the `Id` and `PolicyId` parameter to remove a specific servicePrincipal policy. + +## Examples + +### Example 1: Remove a service principal policy + +```powershell +Connect-Entra -Scopes Policy.Read.All, Application.ReadWrite.All +$params = @{ + Id = 'bbbbbbbb-1111-1111-1111-cccccccccccc' + PolicyId = 'ffffffff-5555-6666-7777-aaaaaaaaaaaa' +} +Remove-EntraBetaServicePrincipalPolicy @params +``` + +This command removes a specific servicePrincipal policy in Microsoft Entra ID. + +## Parameters + +### -PolicyId + +Specifies the object ID of a policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +Specifies the object Id of the Service Principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalPolicy](Add-EntraBetaServicePrincipalPolicy.md) + +[Get-EntraBetaServicePrincipalPolicy](Get-EntraBetaServicePrincipalPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..c37cbe8d3f --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,91 @@ +--- +title: Remove-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Remove-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaTrustFrameworkPolicy + +## Synopsis + +Deletes a trust framework policy (custom policy) in the Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraBetaTrustFrameworkPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraBetaTrustFrameworkPolicy` cmdlet deletes a trust framework policy in the Microsoft Entra ID. The trust framework policy is permanently deleted. + +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. + +## Examples + +### Example 1: Removes the specified trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +Remove-EntraBetaTrustFrameworkPolicy -Id 'B2C_1A_signup_signin' +``` + +This example removes the specified trust framework policy. + +- `-Id` parameter specifies unique identifier for a trust framework policy. + +## Parameters + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.md b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.md new file mode 100644 index 0000000000..0756e09df0 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Remove-EntraBetaTrustedCertificateAuthority.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraBetaTrustedCertificateAuthority +description: This article provides details on the Remove-EntraBetaTrustedCertificateAuthority command. + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Remove-EntraBetaTrustedCertificateAuthority + +## Synopsis + +Removes a trusted certificate authority. + +## Syntax + +```powershell +Remove-EntraBetaTrustedCertificateAuthority + -CertificateAuthorityInformation + [] +``` + +## Description + +The `Remove-EntraBetaTrustedCertificateAuthority` cmdlet removes a trusted certificate authority from Microsoft Entra ID. + +## Examples + +### Example 1: Remove the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$cer = Get-EntraBetaTrustedCertificateAuthority #Get the CertificateAuthorityInformation object +Remove-EntraBetaTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command deletes the trusted certificate authorities that are defined in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. +It includes properties like `AuthorityType`, `CrlDistributionPoint`, `DeltaCrlDistributionPoint`, and `TrustedCertificate`. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaTrustedCertificateAuthority](Get-EntraBetaTrustedCertificateAuthority.md) + +[New-EntraBetaTrustedCertificateAuthority](New-EntraBetaTrustedCertificateAuthority.md) + +[Set-EntraBetaTrustedCertificateAuthority](Set-EntraBetaTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Reset-EntraBetaStrongAuthenticationMethodByUpn.md b/module/docs/entra-powershell-beta/SignIns/Reset-EntraBetaStrongAuthenticationMethodByUpn.md new file mode 100644 index 0000000000..929c2c8db1 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Reset-EntraBetaStrongAuthenticationMethodByUpn.md @@ -0,0 +1,79 @@ +--- +title: Reset-EntraBetaStrongAuthenticationMethodByUpn +description: This article provides details on the Reset-EntraBetaStrongAuthenticationMethodByUpn command. + + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Reset-EntraBetaStrongAuthenticationMethodByUpn + +schema: 2.0.0 +--- + +# Reset-EntraBetaStrongAuthenticationMethodByUpn + +## Synopsis + +Resets the strong authentication method using the User Principal Name (UPN). + +## Syntax + +```powershell +Reset-EntraBetaStrongAuthenticationMethodByUpn + -UserPrincipalName + [] +``` + +## Description + +The `Reset-EntraBetaStrongAuthenticationMethodByUpn` cmdlet resets the strong authentication method by using the User Principal Name (UPN). + +## Examples + +### Example 1: Resets the strong authentication method by using the User Principal Name + +```powershell +Connect-Entra -Scopes 'UserAuthenticationMethod.ReadWrite', 'UserAuthenticationMethod.ReadWrite.All' +Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName 'SawyerM@contoso.com' +``` + +This example demonstrates how to reset the strong authentication method by using the User Principal Name (UPN). + +- `-UserPrincipalName` parameter specifies the User Principal Name (UPN) of the user whose strong authentication method is being reset. + +## Parameters + +### -UserPrincipalName + +Specifies the User Principal Name (UPN) of the user whose strong authentication method is being reset. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaAuthorizationPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaAuthorizationPolicy.md new file mode 100644 index 0000000000..8a934f84ec --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaAuthorizationPolicy.md @@ -0,0 +1,288 @@ +--- +title: Set-EntraBetaAuthorizationPolicy +description: This article provides details on the Set-EntraBetaAuthorizationPolicy command. + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaAuthorizationPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaAuthorizationPolicy + +## Synopsis + +Updates an authorization policy. + +## Syntax + +```powershell +Set-EntraBetaAuthorizationPolicy + -Id + [-DisplayName ] + [-EnabledPreviewFeatures ] + [-DefaultUserRolePermissions ] + [-AllowedToSignUpEmailBasedSubscriptions ] + [-AllowedToUseSSPR ] + [-PermissionGrantPolicyIdsAssignedToDefaultUserRole ] + [-AllowEmailVerifiedUsersToJoinOrganization ] + [-Description ] + [-BlockMsolPowerShell ] + [-GuestUserRoleId ] + [] +``` + +## Description + +The `Set-EntraBetaAuthorizationPolicy` cmdlet updates a Microsoft Entra ID authorization policy. + +For delegated scenarios, the user needs to have the `Privileged Role Administrator` Microsoft Entra role. + +## Examples + +### Example 1: Update an authorization policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.Authorization' +$Params = @{ + Id = 'authorizationPolicy' + DisplayName = 'updated displayname' + Description = 'updated description' + GuestUserRoleId = '10dae51f-b6af-4016-8d66-8c2a99b929b3' + EnabledPreviewFeatures = @('EnableGranularConsent') +} +Set-EntraBetaAuthorizationPolicy @Params +``` + +This example demonstrates how to update a Microsoft Entra ID authorization policy. + +- `-Id` parameter specifies the authorization policy ID. +- `-DisplayName` parameter specifies display name of the authorization policy. +- `-Description` parameter specifies the description of a authorization policy. +- `-GuestUserRoleId` parameter specifies the roletemplateId for the role that should be granted to guest user. +- `-EnabledPreviewFeatures` parameter specifies the preview features enabled for private preview on the tenant. + +### Example 2: Update DefaultUserRolePermissions of authorization policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.Authorization' +$DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions +$DefaultUserRolePermissions.AllowedToCreateApps = $false +$DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $false +$DefaultUserRolePermissions.AllowedToReadOtherUsers = $false +$Params = @{ + Id = 'authorizationPolicy' + DefaultUserRolePermissions = $DefaultUserRolePermissions +} +Set-EntraBetaAuthorizationPolicy @Params +``` + +This example demonstrates how to update a DefaultUserRolePermissions of authorization policy in Microsoft Entra ID. + +- `-Id` parameter specifies the authorization policy ID. +- `-DefaultUserRolePermissions` parameter specifies the customizable default user role permissions. + +## Parameters + +### -AllowedToSignUpEmailBasedSubscriptions + +Specifies whether users can sign up for email based subscriptions. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowedToUseSSPR + +Specifies whether the Self-Serve Password Reset feature can be used by users on the tenant. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowEmailVerifiedUsersToJoinOrganization + +Specifies whether a user can join the tenant by email validation. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -BlockMsolPowerShell + +Specifies whether the user-based access to the legacy service endpoint used by MSOL PowerShell is blocked or not. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DefaultUserRolePermissions + +Contains various customizable default user role permissions. + +```yaml +Type: DefaultUserRolePermissions +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EnabledPreviewFeatures + +Specifies the preview features enabled for private preview on the tenant. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GuestUserRoleId + +Specifies the roletemplateId for the role that should be granted to guest user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the unique identifier of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionGrantPolicyIdsAssignedToDefaultUserRole + +Specifies the policy Ids of permission grant policies assgined to the default user role. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAuthorizationPolicy](Get-EntraBetaAuthorizationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaConditionalAccessPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaConditionalAccessPolicy.md new file mode 100644 index 0000000000..395fab1c7c --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaConditionalAccessPolicy.md @@ -0,0 +1,274 @@ +--- +title: Set-EntraBetaConditionalAccessPolicy +description: This article provides details on the Set-EntraBetaConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaConditionalAccessPolicy + +## Synopsis + +Updates a conditional access policy in Microsoft Entra ID by ID. + +## Syntax + +```powershell +Set-EntraBetaConditionalAccessPolicy + -PolicyId + [-Id ] + [-SessionControls ] + [-ModifiedDateTime ] + [-CreatedDateTime ] + [-State ] + [-GrantControls ] + [-Conditions ] + [-DisplayName ] + [] +``` + +## Description + +This cmdlet allows an admin to update a conditional access policy in Microsoft Entra ID by ID. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Update a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$cond = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$control = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$session = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + DisplayName = 'MFA policy updated' + State = 'Enabled' + Conditions = $cond + GrantControls = $control + SessionControls = $session +} + +Set-EntraBetaConditionalAccessPolicy @params +``` + +The example shows how to update a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the ID of conditional access policy. +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +### Example 2: Update display name for a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + DisplayName = 'MFA policy updated' +} + +Set-EntraBetaConditionalAccessPolicy @params +``` + +This command updates a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the ID of conditional access policy. +- `-DisplayName` parameter specifies the display name of a conditional access policy. + +### Example 3: Update the state for a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + State = 'Enabled' +} + +Set-EntraBetaConditionalAccessPolicy @params +``` + +This command updates a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the ID of conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the policy ID of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the enabled or disabled state of the conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Conditions + +Specifies the conditions for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessConditionSet +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GrantControls + +Specifies the controls for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessGrantControls +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreatedDateTime + +The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2024 is 2024-01-01T00:00:00Z. Readonly. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the policy ID of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ModifiedDateTime + +The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2024 is 2024-01-01T00:00:00Z. Readonly. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SessionControls + +Enables limited experiences within specific cloud applications. + +```yaml +Type: ConditionalAccessSessionControls +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaConditionalAccessPolicy](Get-EntraBetaConditionalAccessPolicy.md) + +[New-EntraBetaConditionalAccessPolicy](New-EntraBetaConditionalAccessPolicy.md) + +[Remove-EntraBetaConditionalAccessPolicy](Remove-EntraBetaConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.md new file mode 100644 index 0000000000..8782db9b6d --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaFeatureRolloutPolicy.md @@ -0,0 +1,231 @@ +--- +title: Set-EntraBetaFeatureRolloutPolicy +description: This article provides details on the Set-EntraBetaFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaFeatureRolloutPolicy +schema: 2.0.0 +--- + +# Set-EntraBetaFeatureRolloutPolicy + +## Synopsis + +Allows an admin to modify the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraBetaFeatureRolloutPolicy + [-Feature ] + [-IsEnabled ] + -Id + [-IsAppliedToOrganization ] + [-AppliesTo ] + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +An admin uses the `Set-EntraBetaFeatureRolloutPolicy` cmdlet to modify the cloud authentication rollout policy. + +This includes specifying whether the method for cloud authentication is Pass-through Authentication or Password Hash Synchronization, and whether Seamless Single Sign-On (SSO) is enabled. + +Users in groups assigned to the policy will start authenticating using the new method and Seamless SSO, if it is specified. + +## Examples + +### Example 1: Updates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + DisplayName = 'Feature-Rollout-Policytest' + IsEnabled = $false +} +Set-EntraBetaFeatureRolloutPolicy @params +``` + +This command updates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` - specifies the ID of cloud authentication roll-out policy. +- `-DisplayName` - specifies the display name of the cloud authentication roll-out policy. +- `-IsEnabled` - specifies the status of cloud authentication roll-out policy. + +### Example 2: Updates the Description + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + Description = 'Feature-Rollout-test' +} +Set-EntraBetaFeatureRolloutPolicy @params +``` + +This command updates the `-Description` of policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` Specify the ID of cloud authentication roll-out policy. +- `-Description` Specifies the description of the cloud authentication roll-out policy. + +### Example 3: Updates the IsAppliedToOrganization + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + IsAppliedToOrganization = $false +} +Set-EntraBetaFeatureRolloutPolicy @params +``` + +This command updates the `-IsAppliedToOrganization` parameter of policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` Specify the ID of cloud authentication roll-out policy. +- `-IsAppliedToOrganization` Parameter determines whether a particular feature rollout policy should be applied to the entire organization or not. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Feature + +Specifies a feature assigned to the cloud authentication roll-out policy. + +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +```yaml +Type: FeatureEnum +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies the status of cloud authentication roll-out policy. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppliesTo + +Specifies a list of Microsoft Entra ID objects that is assigned to the feature. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAppliedToOrganization + +Specifies if the cloud authentication roll-out policy applied to the entire organization. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaFeatureRolloutPolicy](New-EntraBetaFeatureRolloutPolicy.md) + +[Get-EntraBetaFeatureRolloutPolicy](Get-EntraBetaFeatureRolloutPolicy.md) + +[Remove-EntraBetaFeatureRolloutPolicy](Remove-EntraBetaFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaIdentityProvider.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaIdentityProvider.md new file mode 100644 index 0000000000..4f6c1677d1 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaIdentityProvider.md @@ -0,0 +1,196 @@ +--- +title: Set-EntraBetaIdentityProvider +description: This article provides details on the Set-EntraBetaIdentityProvider command. + + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaIdentityProvider + +schema: 2.0.0 +--- + +# Set-EntraBetaIdentityProvider + +## Synopsis + +Update the properties of an existing identity provider configured in the directory. + +## Syntax + +```powershell +Set-EntraBetaIdentityProvider + -IdentityProviderBaseId + [-Type ] + [-Name ] + [-ClientId ] + [-ClientSecret ] + [] +``` + +## Description + +The `Set-EntraBetaIdentityProvider` cmdlet is used to update the properties of an existing identity provider. + +The type of the identity provider can't be modified. + +## Examples + +### Example 1: Update client id of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + ClientId = 'NewClientID' +} +Set-EntraBetaIdentityProvider @params +``` + +This example updates the client ID for the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. + +### Example 2: Update client secret of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + ClientSecret = 'NewClientSecret' +} +Set-EntraBetaIdentityProvider @params +``` + +This example updates the client secret for the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +### Example 3: Update display name of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + Name = 'NewGoogleName' +} +Set-EntraBetaIdentityProvider @params +``` + +This example updates the display name for the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. +- `-Name` parameter specifies the display name of the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentityProviderBaseId + +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaIdentityProvider](New-EntraBetaIdentityProvider.md) + +[Remove-EntraBetaIdentityProvider](Remove-EntraBetaIdentityProvider.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaNamedLocationPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaNamedLocationPolicy.md new file mode 100644 index 0000000000..81f364e84d --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaNamedLocationPolicy.md @@ -0,0 +1,258 @@ +--- +title: Set-EntraBetaNamedLocationPolicy +description: This article provides details on the Set-EntraBetaNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaNamedLocationPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaNamedLocationPolicy + +## Synopsis + +Updates a named location policy in Microsoft Entra ID by PolicyId. + +## Syntax + +```powershell +Set-EntraBetaNamedLocationPolicy + -PolicyId + [-IncludeUnknownCountriesAndRegions ] + [-Id ] + [-IsTrusted ] + [-OdataType ] + [-CountriesAndRegions ] + [-IpRanges ] + [-DisplayName ] + [] +``` + +## Description + +This cmdlet allows an admin to update a named location policy in Microsoft Entra ID by PolicyId. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Update an IP named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraBetaNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange +$ipRanges.cidrAddress = '6.5.4.3/32' +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.ipNamedLocation' + IsTrusted = $false + IncludeUnknownCountriesAndRegions = $false + IpRanges = $ipRanges +} +Set-EntraBetaNamedLocationPolicy @params +``` + +This example shows how to update an IP named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-IsTrusted` parameter specifies the IsTrusted value for the named location policy. +- `-IpRanges` parameter specifies List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. + +### Example 2: Update a country named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraBetaNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.countryNamedLocation' + IncludeUnknownCountriesAndRegions = $true +} +Set-EntraBetaNamedLocationPolicy @params +``` + +This command updates a country named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-IncludeUnknownCountriesAndRegions` parameter specifies the includeUnknownCountriesAndRegions value for the named location policy. + +### Example 3: Update display name of a named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraBetaNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.ipNamedLocation' + DisplayName = 'NewName' +} +Set-EntraBetaNamedLocationPolicy @params +``` + +This command updates display name of named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OdataType + +Specifies the OData type of a named location policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IpRanges + +List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. The @odata.type of the ipRange is also required. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsTrusted + +Specifies the `IsTrusted` value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CountriesAndRegions + +Specifies the countries and regions for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeUnknownCountriesAndRegions + +Specifies the includeUnknownCountriesAndRegions value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the Id of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaNamedLocationPolicy](New-EntraBetaNamedLocationPolicy.md) + +[Get-EntraBetaNamedLocationPolicy](Get-EntraBetaNamedLocationPolicy.md) + +[Remove-EntraBetaNamedLocationPolicy](Remove-EntraBetaNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.md new file mode 100644 index 0000000000..0c73c39791 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantConditionSet.md @@ -0,0 +1,309 @@ +--- +title: Set-EntraBetaPermissionGrantConditionSet +description: This article provides details on the Set-EntraBetaPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Set-EntraBetaPermissionGrantConditionSet + +## Synopsis + +Update an existing Microsoft Entra ID permission grant condition set. + +## Syntax + +```powershell +Set-EntraBetaPermissionGrantConditionSet + -Id + -PolicyId + -ConditionSetType + [-Permissions ] + [-ClientApplicationTenantIds ] + [-ClientApplicationsFromVerifiedPublisherOnly ] + [-ClientApplicationIds ] + [-ResourceApplication ] + [-ClientApplicationPublisherIds ] + [-PermissionClassification ] + [-PermissionType ] + [] +``` + +## Description + +Updates a Microsoft Entra ID permission grant condition set object identified by Id. + +## Examples + +### Example 1: Update a permission grant condition set to includes permissions that is classified as low + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' + PermissionClassification = 'low' +} + +Set-EntraBetaPermissionGrantConditionSet @params +``` + +This command updates sets the specified permission grant set to classify as low. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. + +### Example 2: Update a permission grant condition set + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' + PermissionType = 'delegated' + PermissionClassification = 'low' + ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + Permissions = @('All') + ClientApplicationIds = @('All') + ClientApplicationTenantIds = @('All') + ClientApplicationPublisherIds = @('All') + ClientApplicationsFromVerifiedPublisherOnly = $true +} + +Set-EntraBetaPermissionGrantConditionSet @params +``` + +This command updates sets the specified permission grant set. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionType + +Specific type of permissions (application, delegated) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionClassification + +Specific classification (all, low, medium, high) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Permissions + +The identifier of the resource application to scope consent operation down to. +It could be @("All") or a list of permission IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationIds + +The set of client application IDs to scope consent operation down to. +It could be @("All") or a list of client application IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationTenantIds + +The set of client application tenant IDs to scope consent operation down to. +It could be @("All") or a list of client application tenant IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationPublisherIds + +The set of client applications publisher IDs to scope consent operation down to. +It could be @("All") or a list of client application publisher IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationsFromVerifiedPublisherOnly + +A value indicates whether to only includes client applications from verified publishers. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceApplication + +The identifier of the resource application to scope consent operation down to. +It could be "Any" or a specific resource application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantConditionSet](New-EntraBetaPermissionGrantConditionSet.md) + +[Get-EntraBetaPermissionGrantConditionSet](Get-EntraBetaPermissionGrantConditionSet.md) + +[Remove-EntraBetaPermissionGrantConditionSet](Remove-EntraBetaPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantPolicy.md new file mode 100644 index 0000000000..fcc2fc32d4 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPermissionGrantPolicy.md @@ -0,0 +1,143 @@ +--- +title: Set-EntraBetaPermissionGrantPolicy +description: This article provides details on the Set-EntraBetaPermissionGrantPolicy command. + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaPermissionGrantPolicy + +## Synopsis + +Updates a permission grant policy. + +## Syntax + +```powershell +Set-EntraBetaPermissionGrantPolicy + -Id + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +The `Set-EntraBetaPermissionGrantPolicy` command updates a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Update description of permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$policy = Get-EntraBetaPermissionGrantPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +$params = @{ + Id = $policy.Id + Description = 'Updated description' +} + +Set-EntraBetaPermissionGrantPolicy @params +``` + +This command updates the description of the specified permission grant policy. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-Description` parameter specifies the description for the permission grant policy. + +### Example 2: Update display name of permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$policy = Get-EntraBetaPermissionGrantPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +$params = @{ + Id = $policy.Id + DisplayName = 'Updated DisplayName' +} + +Set-EntraBetaPermissionGrantPolicy @params +``` + +This command updates the display name of the specified permission grant policy. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-DisplayName` parameter specifies the display name for the permission grant policy. + +## Parameters + +### -Description + +Specifies the description of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaPermissionGrantPolicy](New-EntraBetaPermissionGrantPolicy.md) + +[Get-EntraBetaPermissionGrantPolicy](Get-EntraBetaPermissionGrantPolicy.md) + +[Remove-EntraBetaPermissionGrantPolicy](Remove-EntraBetaPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPolicy.md new file mode 100644 index 0000000000..0d16a969b5 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaPolicy.md @@ -0,0 +1,212 @@ +--- +title: Set-EntraBetaPolicy +description: This article provides details on the Set-EntraBetaPolicy command. + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaPolicy + +## Synopsis + +Updates a policy. + +## Syntax + +```powershell +Set-EntraBetaPolicy + -Id + [-Definition ] + [-DisplayName ] + [-Type ] + [-IsOrganizationDefault ] + [] +``` + +## Description + +The `Set-EntraBetaPolicy` cmdlet sets a policy in Microsoft Entra ID. Specify `Id` parameter to updates specific policy. + +## Examples + +### Example 1: Update a policy display name + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DisplayName = 'NewUpdated' +} +Set-EntraBetaPolicy @params +``` + +This command updates display name of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `DisplayName` specifies the display name. + +### Example 2: Update a policy definition + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') +} +Set-EntraBetaPolicy @params +``` + +This command updates definition of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `Definition` specifies the array of stringified JSON that contains all the rules of the policy. +In this example, `@('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')` represents definition of the activityBasedTimeoutPolicy. + +### Example 3: Update a policy organization default + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + IsOrganizationDefault = $false +} +Set-EntraBetaPolicy @params +``` + +This command updates organization default of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. + +### Example 4: Update policy type + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Type = 'ActivityBasedTimeoutPolicy' +} +Set-EntraBetaPolicy @params +``` + +This example demonstrates how to update the `type` property of a specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-Type` specifies the type of policy. In this example, `ActivityBasedTimeoutPolicy` represents the type of policy. + +## Parameters + +### -Definition + +Specifies the array of stringified JSON that contains all the rules of the policy. +For example -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}'). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsOrganizationDefault + +True if this policy is the organizational default. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of policy. +For token lifetimes, use "TokenLifetimePolicy." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The ID of the policy for which you want to set values. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaPolicy](Get-EntraBetaPolicy.md) + +[New-EntraBetaPolicy](New-EntraBetaPolicy.md) + +[Remove-EntraBetaPolicy](Remove-EntraBetaPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..d21efaf820 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,220 @@ +--- +title: Set-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Set-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaTrustFrameworkPolicy + +## Synopsis + +This cmdlet is used to update a trust framework policy (custom policy) in the directory. + +## Syntax + +### Content (Default) + +```powershell +Set-EntraBetaTrustFrameworkPolicy + [-Id ] + -Content + [-OutputFilePath ] + [] +``` + +### File + +```powershell +Set-EntraBetaTrustFrameworkPolicy + [-Id ] + -InputFilePath + [-OutputFilePath ] + [] +``` + +## Description + +The `Set-EntraBetaTrustFrameworkPolicy` cmdlet is used to update a trust framework policy in the directory. + +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. + +## Examples + +### Example 1: Updates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Id = 'B2C_1A_signup_signin' + Content = $policyContent +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the content specified. + +The contents of updated trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-Content` Parameter specifies the content of the trust framework policy to be updated. + +### Example 2: Updates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Id = 'B2C_1A_signup_signin' + Content = $policyContent + OutputFilePath = 'C:\UpdatedPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the content specified. + +The contents of updated trust framework policy are written to file mentioned in output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-Content` Parameter specifies the content of the trust framework policy to be updated. +- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. + +### Example 3: Updates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_signup_signin' + InputFilePath = 'C:\InputPolicy.xml' + OutputFilePath = 'C:\UpdatedPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the file mentioned in InputFilePath. + +The contents of updated trust framework policy are written to file mentioned in output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. +- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. + +### Example 4: Updates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_signup_signin' + InputFilePath = 'C:\InputPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the file mentioned in InputFilePath. + +The contents of updated created trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. + +## Parameters + +### -Content + +The content of the trust framework policy to be updated. + +```yaml +Type: System.String +Parameter Sets: Content +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InputFilePath + +Path to the file used for reading the contents of trust framework policy to be updated. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for writing the contents of updated trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.md b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.md new file mode 100644 index 0000000000..a45e37dc0d --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Set-EntraBetaTrustedCertificateAuthority.md @@ -0,0 +1,93 @@ +--- +title: Set-EntraBetaTrustedCertificateAuthority +description: This article provides details on the Set-EntraBetaTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Set-EntraBetaTrustedCertificateAuthority + +## Synopsis + +Updates a trusted certificate authority. + +## Syntax + +```powershell +Set-EntraBetaTrustedCertificateAuthority + -CertificateAuthorityInformation + [] +``` + +## Description + +The `Set-EntraBetaTrustedCertificateAuthority` cmdlet updates a trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Updates the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$cer = Get-EntraBetaTrustedCertificateAuthority #Get the CertificateAuthorityInformation object +$cer[0].CrlDistributionPoint = "https://example.crl" +Set-EntraBetaTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command updates the trusted certificate authorities that are defined in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaTrustedCertificateAuthority](Get-EntraBetaTrustedCertificateAuthority.md) + +[New-EntraBetaTrustedCertificateAuthority](New-EntraBetaTrustedCertificateAuthority.md) + +[Remove-EntraBetaTrustedCertificateAuthority](Remove-EntraBetaTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaOauth2PermissionGrant.md b/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaOauth2PermissionGrant.md new file mode 100644 index 0000000000..f9b0e8620a --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaOauth2PermissionGrant.md @@ -0,0 +1,128 @@ +--- +title: Update-EntraBetaOauth2PermissionGrant +description: This article provides details on the Update-EntraBetaOauth2PermissionGrant command. + +ms.topic: reference +ms.date: 11/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Update-EntraBetaOauth2PermissionGrant + +schema: 2.0.0 +--- + +# Update-EntraBetaOauth2PermissionGrant + +## Synopsis + +Update the properties of a delegated permission grant (oAuth2PermissionGrant object). + +## Syntax + +```powershell +Update-EntraBetaOauth2PermissionGrant + -OAuth2PermissionGrantId + [-Scope ] + [] +``` + +## Description + +The `Update-EntraBetaOauth2PermissionGrant` cmdlet is used to update the properties of a delegated permission grant (oAuth2PermissionGrant object) by adding or removing items in the scopes list. + +To add new scopes, include both existing and new scopes in this parameter; otherwise, existing scopes will be overwritten. + +In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the required permissions. The least privileged roles that support this operation are: + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator + +## Examples + +### Example 1: Update delegated permission grant scope + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'My application'" +$permissionGrant = Get-EntraBetaOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $clientServicePrincipal.Id -and $_.Scope -eq 'Directory.Read.All'} +Update-EntraBetaOauth2PermissionGrant -OAuth2PermissionGrantId $permissionGrant.Id -Scope 'Directory.Read.All User.Read.All' +``` + +This command updates a delegated permission grant. + +- `-OAuth2PermissionGrantId` parameter specifies the Unique identifier for the oAuth2PermissionGrant. +- `-Scope` parameter is a space-separated list of claim values for delegated permissions to include in access tokens for the resource application (API), such as `openid User.Read GroupMember.Read.All`. + +### Example 2: Clear all scopes in the delegated permission grant + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$clientServicePrincipal = Get-EntraBetaServicePrincipal -Filter "displayName eq 'My application'" +$permissionGrant = Get-EntraBetaOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $clientServicePrincipal.Id -and $_.Scope -eq 'Directory.Read.All'} +Update-EntraBetaOAuth2PermissionGrant -OAuth2PermissionGrantId $permissionGrant.Id -Scope '' +``` + +This command updates a delegated permission grant. + +- `-OAuth2PermissionGrantId` parameter specifies the Unique identifier for the oAuth2PermissionGrant. + +## Parameters + +### -OAuth2PermissionGrantId + +The Unique identifier for the oAuth2PermissionGrant. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Scope + +A space-separated list of claim values for delegated permissions to include in access tokens for the resource application (API), such as `openid User.Read GroupMember.Read.All`. Each claim must match a value in the API's publishedPermissionScopes property. The total length must not exceed 3850 characters. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaOauth2PermissionGrant](Get-EntraBetaOAuth2PermissionGrant.md) + +[New-EntraBetaOauth2PermissionGrant](New-EntraBetaOauth2PermissionGrant.md) + +[Remove-EntraBetaOauth2PermissionGrant](Remove-EntraBetaOAuth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.md b/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.md new file mode 100644 index 0000000000..76ea680487 --- /dev/null +++ b/module/docs/entra-powershell-beta/SignIns/Update-EntraBetaUserAuthenticationRequirement.md @@ -0,0 +1,111 @@ +--- +title: Update-EntraBetaUserAuthenticationRequirement +description: This article provides details on the Update-EntraBetaUserAuthenticationRequirement command. + +ms.topic: reference +ms.date: 11/11/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.SignIns-help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Update-EntraBetaUserAuthenticationRequirement + +schema: 2.0.0 +--- + +# Update-EntraBetaUserAuthenticationRequirement + +## Synopsis + +Update the MFA Status of a user. + +## Syntax + +```powershell +Update-EntraBetaUserAuthenticationRequirement + -UserId + -PerUserMfaState + [] +``` + +## Description + +The `Update-EntraBetaUserAuthenticationRequirement` cmdlet is used to update the MFA status of a user. + +**Note:** Enabled users automatically switch to Enforced once they register for Microsoft Entra MFA. Avoid manually setting a user to Enforced unless they're already registered or it’s acceptable for them to experience interruptions with legacy authentication protocols. + +In delegated scenarios with work or school accounts, where the signed-in user acts on behalf of another user, they must have a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported: + +- Authentication Administrator +- Privileged Authentication Administrator + +## Examples + +### Example 1: Update delegated permission grant scope + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.AuthenticationMethod' +Update-EntraBetaUserAuthenticationRequirement -UserId 'SawyerM@Contoso.com' -PerUserMfaState 'enabled' +``` + +This command updates the MFA status of a user. + +- `-UserId` parameter specifies the ID (as a User Principle Name or ObjectId) of a user in Microsoft Entra ID. +- `-PerUserMfaState` parameter specifies the user's status for per-user multifactor authentication, with possible values: `enforced`, `enabled`, or `disabled`. + +## Parameters + +### -UserId + +Specifies the ID (as a User Principle Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PerUserMfaState + +The user's status for per-user multifactor authentication, with possible values: `enforced`, `enabled`, or `disabled`. + +`Disabled` - The default state for a user not enrolled in per-user Microsoft Entra multifactor authentication. + +`Enabled` - The user is enrolled in per-user Microsoft Entra multifactor authentication, but can still use their password for legacy authentication. If the user has no registered MFA authentication methods, they receive a prompt to register the next time they sign in using modern authentication (such as when they sign in on a web browser). + +`Enforced` - The user is enrolled per-user in Microsoft Entra multifactor authentication. If the user has no registered authentication methods, they receive a prompt to register the next time they sign in using modern authentication (such as when they sign in on a web browser). Users who complete registration while they're Enabled are automatically moved to the Enforced state. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +Enabled users are automatically switched to Enforced when they register for Microsoft Entra multifactor authentication. Don't manually change the user state to Enforced unless the user is already registered or if it's acceptable for the user to experience interruption in connections to legacy authentication protocols. + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUser.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUser.md new file mode 100644 index 0000000000..7663d99102 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUser.md @@ -0,0 +1,427 @@ +--- +title: Get-EntraBetaUser +description: This article provides details on the Get-EntraBetaUser command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUser + +schema: 2.0.0 +--- + +# Get-EntraBetaUser + +## Synopsis + +Gets a user. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaUser + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraBetaUser + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaUser + -UserId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUser` cmdlet gets a user from Microsoft Entra ID. + +## Examples + +### Example 1: Get top three users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -Top 3 +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Angel Brown cccccccc-2222-3333-4444-dddddddddddd AngelB@contoso.com AngelB@contoso.com +Avery Smith dddddddd-3333-4444-5555-eeeeeeeeeeee AveryS@contoso.com AveryS@contoso.com +Sawyer Miller eeeeeeee-4444-5555-6666-ffffffffffff SawyerM@contoso.com SawyerM@contoso.com +``` + +This example demonstrates how to get top three users from Microsoft Entra ID. + +### Example 2: Get a user by ID + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc sawyerm@tenant.com sawyerm@tenant.com +``` + +This command gets the specified user. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. + +### Example 3: Search among retrieved users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -SearchString 'New' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User88 bbbbbbbb-1111-2222-3333-cccccccccccc demo99@tenant.com +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This cmdlet gets all users that match the value of SearchString against the first characters in DisplayName or UserPrincipalName. + +### Example 4: Get a user by userPrincipalName + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -Filter "userPrincipalName eq 'SawyerM@contoso.com'" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller cccccccc-2222-3333-4444-dddddddddddd SawyerM@contoso.com +``` + +This command gets the specified user. + +### Example 5: Get a user by MailNickname + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -Filter "startswith(MailNickname,'Ada')" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Mark Adams bbbbbbbb-1111-2222-3333-cccccccccccc Adams@contoso.com Adams@contoso.com +``` + +In this example, we retrieve all users whose MailNickname starts with Ada. + +### Example 6: Get SignInActivity of a User + +```powershell +Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' +Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -ExpandProperty 'SignInActivity' +``` + +```Output +lastNonInteractiveSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInRequestId : cccccccc-2222-3333-4444-dddddddddddd +lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM +lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM +lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInDateTime : 9/7/2024 9:15:41 AM +``` + +This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. + +### Example 7: List users with disabled accounts + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUser -Filter "accountEnabled eq false" | Select-Object DisplayName, Id, Mail, UserPrincipalName +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This example demonstrates how to retrieve all users with disabled accounts. + +### Example 8: List users based in a specific country + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$usersInCanada = Get-EntraBetaUser -Filter "Country eq 'Canada'" +$usersInCanada | Select-Object Id, DisplayName, UserPrincipalName, OfficeLocation, Country | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName OfficeLocation Country +-- ----------- ----------------- -------------- ------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com 23/2102 Canada +``` + +This example demonstrates how to retrieve all users based in Canada. + +### Example 9: List user count per department + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$departmentCounts = Get-EntraBetaUser -All | Group-Object -Property Department | Select-Object Name, @{Name="MemberCount"; Expression={$_.Count}} +$departmentCounts | Format-Table Name, MemberCount -AutoSize +``` + +```Output +Name MemberCount +---- ----------- + 7 +Engineering 2 +Executive Management 1 +Finance 1 +HR 1 +``` + +This example demonstrates how to retrieve user count in each department. + +### Example 10: List disabled users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$disabledUsersWithLicenses = Get-EntraBetaUser -Filter "accountEnabled eq false" -All | Where-Object { + $_.AssignedLicenses -ne $null -and $_.AssignedLicenses.Count -gt 0 +} +$disabledUsersWithLicenses | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AccountEnabled +-- ----------- ----------------- -------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com False +``` + +This example demonstrates how to retrieve disabled users with active licenses. + +### Example 11: Retrieve guest users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraBetaUser -Filter "userType eq 'Guest'" -All +$guestUsersWithLicenses = foreach ($guest in $guestUsers) { + if ($guest.AssignedLicenses.Count -gt 0) { + [pscustomobject]@{ + Id = $guest.Id + DisplayName = $guest.DisplayName + UserPrincipalName = $guest.UserPrincipalName + AssignedLicenses = ($guest.AssignedLicenses | ForEach-Object { $_.SkuId }) -join ", " + } + } +} +$guestUsersWithLicenses | Format-Table Id, DisplayName, UserPrincipalName, AssignedLicenses -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AssignedLicenses +-- ----------- ----------------- ---------------- +cccccccc-2222-3333-4444-dddddddddddd Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com c42b9cae-ea4f-4ab7-9717-81576235ccac +``` + +This example demonstrates how to retrieve guest users with active licenses. + +### Example 12: Retrieve users without managers + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$allUsers = Get-EntraBetaUser -All +$usersWithoutManagers = foreach ($user in $allUsers) { + $manager = Get-EntraBetaUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue + if (-not $manager) { + [pscustomobject]@{ + Id = $user.Id + DisplayName = $user.DisplayName + UserPrincipalName = $user.UserPrincipalName + } + } +} +$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName +-- ----------- ----------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com +bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com +``` + +This example demonstrates how to retrieve users without managers. + +### Example 13: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraBetaAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +### Example 14: List all guest users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraBetaUser -Filter "userType eq 'Guest'" -All +$guestUsers | Select-Object DisplayName, UserPrincipalName, Id, createdDateTime, creationType, accountEnabled, UserState | Format-Table -AutoSize +``` + +```Output +DisplayName UserPrincipalName Id CreatedDateTime CreationType AccountEnabled UserState +----------- ----------------- -- --------------- ------------ -------------- --------- +Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com bbbbbbbb-1111-2222-3333-cccccccccccc 9/13/2024 6:37:33 PM Invitation True Accepted +``` + +This example demonstrates how to retrieve list all guest users. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. +Details on querying with OData can be [found here](https://learn.microsoft.com/graph/aad-advanced-queries?tabs=powershell). + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name (UPN) or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaUser](New-EntraBetaUser.md) + +[Remove-EntraBetaUser](Remove-EntraBetaUser.md) + +[Set-EntraBetaUser](Set-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserAppRoleAssignment.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserAppRoleAssignment.md new file mode 100644 index 0000000000..c066f16441 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserAppRoleAssignment.md @@ -0,0 +1,184 @@ +--- +title: Get-EntraBetaUserAppRoleAssignment +description: This article provides details on the Get-EntraBetaUserAppRoleAssignment command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraBetaUserAppRoleAssignment + +## Synopsis + +Get a user application role assignment. + +## Syntax + +```powershell +Get-EntraBetaUserAppRoleAssignment + -ObjectId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserAppRoleAssignment` cmdlet gets a user application role assignment. + +## Examples + +### Example 1: Get a user application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +$UserId = (Get-EntraBetaUser -Top 1).ObjectId +Get-EntraBetaUserAppRoleAssignment -ObjectId $UserId +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 + 0ekrQWAUYUCO7cyiA_H4iJ5kL6mN7o 22223333-cccc-4444-dddd-5555eeee6666 13-09-2023 16:41:53 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-5 + 0ekrQWAUYUCO7cyiA_J5kL6mN7oP8q 33334444-dddd-5555-eeee-6666ffff7777 13-09-2023 17:28:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-7 + +``` + +This example retrieves a user application role assignment for the user in $UserId. You can use the comand `Get-EntraBetaUser` to get Service principal Object ID. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). + +### Example 2: Get all application role assignments + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +Get-EntraBetaUserAppRoleAssignment -ObjectId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -All +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 + 0ekrQWAUYUCO7cyiA_H4iJ5kL6mN7o 22223333-cccc-4444-dddd-5555eeee6666 13-09-2023 16:41:53 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-5 + 0ekrQWAUYUCO7cyiA_J5kL6mN7oP8q 33334444-dddd-5555-eeee-6666ffff7777 13-09-2023 17:28:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-7 +``` + +This example demonstrates how to retrieve all application role assignment for the specified user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). + +### Example 3: Get top two application role assignments + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +Get-EntraBetaUserAppRoleAssignment -ObjectId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -Top 2 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 +``` + +This example demonstrates how to retrieve top two application role assignment for the specified user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[New-EntraBetaUserAppRoleAssignment](New-EntraBetaUserAppRoleAssignment.md) + +[Remove-EntraBetaUserAppRoleAssignment](Remove-EntraBetaUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserCreatedObject.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserCreatedObject.md new file mode 100644 index 0000000000..2138c96035 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserCreatedObject.md @@ -0,0 +1,174 @@ +--- +title: Get-EntraBetaUserCreatedObject +description: This article provides details on the Get-EntraBetaUserCreatedObject Command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaUserCreatedObject + +## Synopsis + +Get objects created by the user. + +## Syntax + +```powershell +Get-EntraBetaUserCreatedObject + -UserId + [-All] + [-Top ] + [] +``` + +## Description + +The `Get-EntraBetaUserCreatedObject` cmdlet gets objects created by a user in Microsoft Entra ID. + +## Examples + +### Example 1: Get a user-created object + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserCreatedObject -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example retrieves an object created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +### Example 2: Get all user-created objects + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserCreatedObject -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example retrieves all objects created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +### Example 3: Get a top one user-created object + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserCreatedObject -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves top one object created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a UserPrincipalName or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserDirectReport.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserDirectReport.md new file mode 100644 index 0000000000..6cb7ec5a3e --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserDirectReport.md @@ -0,0 +1,171 @@ +--- +title: Get-EntraBetaUserDirectReport +description: This article provides details on the Get-EntraBetaUserDirectReport command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserDirectReport + +schema: 2.0.0 +--- + +# Get-EntraBetaUserDirectReport + +## Synopsis + +Get the user's direct reports. + +## Syntax + +```powershell +Get-EntraBetaUserDirectReport + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserDirectReport` cmdlet gets the direct reports for a user in Microsoft Entra ID. + +## Examples + +### Example 1: Get a user's direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserDirectReport -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve direct reports for a user in Microsoft Entra ID. + +- `-UserId` Parameter specifies the ID of a user (UserPrincipalName or UserId). + +### Example 2: Get all direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserDirectReport -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to retrieve all direct reports for a user in Microsoft Entra ID. + +- `-UserId` parameter specifies the ID of a user (UserPrincipalName or UserId). + +### Example 3: Get a top two direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserDirectReport -UserId 'SawyerM@contoso.com' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to retrieve top five direct reports for a user in Microsoft Entra ID. + +- `-UserId` parameter specifies the ID of a user (UserPrincipalName or UserId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user's UserPrincipalName or UserId in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserExtension.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserExtension.md new file mode 100644 index 0000000000..661d5f0c43 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserExtension.md @@ -0,0 +1,112 @@ +--- +title: Get-EntraBetaUserExtension +description: This article provides details on the Get-EntraBetaUserExtension command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserExtension + +schema: 2.0.0 +--- + +# Get-EntraBetaUserExtension + +## Synopsis + +Gets a user extension. + +## Syntax + +```powershell +Get-EntraBetaUserExtension + -UserId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserExtension` cmdlet gets a user extension in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve extension attributes for a user + +```powershell +Connect-Entra -Scopes 'User.Read' +$UserId = (Get-EntraBetaUser -ObjectId 'SawyerM@contoso.com').ObjectId +Get-EntraBetaUserExtension -UserId $UserId +``` + +```Output +onPremisesDistinguishedName : +@odata.context : https://graph.microsoft.com/beta/$metadata#users(identities,onPremisesDistinguishedName,employeeId,createdDateTime)/$entity +identities : {@{issuer=SawyerM@contoso.com; signInType=userPrincipalName; issuerAssignedId=SawyerM@contoso.com}} +employeeId : +id : 00aa00aa-bb11-cc22-dd33-44ee44ee44ee +createdDateTime : 18/07/2024 05:13:40 +userIdentities : {@{issuer=SawyerM@contoso.com; signInType=userPrincipalName; issuerAssignedId=SawyerM@contoso.com}} +``` + +This example shows how to retrieve the extension attributes for a specified user. You can use the command `Get-EntraBetaUser` to get user object Id. + +- `-UserId` parameter specifies the user object Id. + +## Parameters + +### -UserId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[Remove-EntraBetaUserExtension](Remove-EntraBetaUserExtension.md) + +[Set-EntraBetaUserExtension](Set-EntraBetaUserExtension.md) diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserLicenseDetail.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserLicenseDetail.md new file mode 100644 index 0000000000..8de7f2141c --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserLicenseDetail.md @@ -0,0 +1,105 @@ +--- +title: Get-EntraBetaUserLicenseDetail +description: This article provides details on the Get-EntraBetaUserLicenseDetail command. + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserLicenseDetail + +schema: 2.0.0 +--- + +# Get-EntraBetaUserLicenseDetail + +## Synopsis + +Retrieves license details for a user. + +## Syntax + +```powershell +Get-EntraBetaUserLicenseDetail + -UserId + [-Property ] + [] +``` + +## Description + +This cmdlet retrieves license details for a user. + +## Examples + +### Example 1: Retrieve user license details + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserLicenseDetail -UserId 'SawyerM@contoso.com' +``` + +```Output +Id SkuId SkuPartNumber +-- ----- ------------- +X8Wu1RItQkSNL8zKldQ5DiH6ThjDmF1OlavQcFOpbmc aaaaaaaa-0b0b-1c1c-2d2d-333333333333 INFORMATION_PROTECTION_COMPLIANCE +X8Wu1RItQkSNL8zKldQ5Dk8SXrDMx6BFpqqM94yUaWg bbbbbbbb-1c1c-2d2d-3e3e-444444444444 EMSPREMIUM +X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERPRISEPREMIUM +``` + +This example demonstrates how to retrieve license details for a user from Microsoft Entra ID. + +## Parameters + +### -UserId + +The object ID of the user for which the license details are retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserManager.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserManager.md new file mode 100644 index 0000000000..d701521503 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserManager.md @@ -0,0 +1,142 @@ +--- +title: Get-EntraBetaUserManager +description: This article provides details on the Get-EntraBetaUserManager command. + + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserManager + +schema: 2.0.0 +--- + +# Get-EntraBetaUserManager + +## Synopsis + +Gets the manager of a user. + +## Syntax + +```powershell +Get-EntraBetaUserManager + -UserId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserManager` cmdlet gets the manager of a user in Microsoft Entra ID. Specify +`UserId` parameter to get the specific manager of user. + +## Examples + +### Example 1: Get the manager of a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserManager -UserId 'SawyerM@contoso.com' +``` + +```Output +DeletedDateTime : +Id : 00aa00aa-bb11-cc22-dd33-44ee44ee44ee +@odata.context : https://graph.microsoft.com/beta/$metadata#directoryObjects/$entity +@odata.type : #microsoft.graph.user +accountEnabled : True +businessPhones : {+1 858 555 0109} +city : San Diego +createdDateTime : 2023-07-07T14:18:05Z +country : United States +department : Sales & Marketing +displayName : Sawyer Miller +``` + +This example demonstrates how to retrieve the manager of a specific user. + +- `-UserId` Parameter specifies UserId or User Principal Name of User. + +### Example 2: Retrieve users without managers + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$allUsers = Get-EntraBetaUser -All +$usersWithoutManagers = foreach ($user in $allUsers) { + $manager = Get-EntraBetaUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue + if (-not $manager) { + [pscustomobject]@{ + Id = $user.Id + DisplayName = $user.DisplayName + UserPrincipalName = $user.UserPrincipalName + } + } +} +$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName +-- ----------- ----------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com +bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com +``` + +This example demonstrates how to retrieve users without managers. + +## Parameters + +### -UserId + +The unique identifier of a user in Microsoft Entra ID (User Principal Name or UserId). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaUserManager](Remove-EntraBetaUserManager.md) + +[Set-EntraBetaUserManager](Set-EntraBetaUserManager.md) diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserMembership.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserMembership.md new file mode 100644 index 0000000000..671ac692df --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserMembership.md @@ -0,0 +1,218 @@ +--- +title: Get-EntraBetaUserMembership +description: This article provides details on the Get-EntraBetaUserMembership command. + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaUserMembership + +## Synopsis + +Get user memberships. + +## Syntax + +```powershell +Get-EntraBetaUserMembership + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserMembership` cmdlet gets user memberships in Microsoft Entra ID. + +## Examples + +### Example 1: Get user memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserMembership -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +33dd33dd-ee44-ff55-aa66-77bb77bb77bb +44ee44ee-ff55-aa66-bb77-88cc88cc88cc +55ff55ff-aa66-bb77-cc88-99dd99dd99dd +``` + +This example demonstrates how to retrieve user memberships in Microsoft Entra ID. + +### Example 2: Get user memberships with additional details + +```powershell +Connect-Entra -Scopes 'User.Read' +$userMemberships = Get-EntraBetaUserMembership -ObjectId 'SawyerM@contoso.com' +$membershipDetails = $userMemberships | ForEach-Object { + $membershipDetail = Get-EntraBetaObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + odataType = $membershipDetail.'@odata.type' + displayName = $membershipDetail.displayName + Id = $membershipDetail.Id + } +} +$membershipDetails | Select-Object odataType, displayName, Id +``` + +```Output +odataType displayName Id +--------- ----------- -- +#microsoft.graph.group Contoso Group 33dd33dd-ee44-ff55-aa66-77bb77bb77bb +#microsoft.graph.group Helpdesk Group 55ff55ff-aa66-bb77-cc88-99dd99dd99dd +#microsoft.graph.directoryRole Attribute Assignment Reader 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +#microsoft.graph.directoryRole Attribute Definition Reader 11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This example demonstrates how to retrieve user memberships in Microsoft Entra ID with more lookup details. + +### Example 3: Get All memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserMembership -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +33dd33dd-ee44-ff55-aa66-77bb77bb77bb +44ee44ee-ff55-aa66-bb77-88cc88cc88cc +55ff55ff-aa66-bb77-cc88-99dd99dd99dd +``` + +This example demonstrates how to retrieve users all memberships in Microsoft Entra ID. + +### Example 4: Get top three memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserMembership -UserId 'SawyerM@contoso.com' -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This example demonstrates how to retrieve users top three memberships in Microsoft Entra ID. + +### Example 5: List groups that Sawyer Miller is a member of + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$groups = Get-EntraBetaUserMembership -ObjectId 'SawyerM@contoso.com' +$groups | Select-Object DisplayName, Id, GroupTypes, Visibility | Format-Table -AutoSize +``` + +```Output +DisplayName Id GroupTypes Visibility +----------- -- ---------- ---------- +Contoso Group bbbbbbbb-1111-2222-3333-cccccccccccc {Unified} Public +``` + +This example demonstrates how to retrieve the groups that a user is a member of. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.md new file mode 100644 index 0000000000..b6cd725fb3 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOAuth2PermissionGrant.md @@ -0,0 +1,202 @@ +--- +title: Get-EntraBetaUserOAuth2PermissionGrant +description: This article provides details on the Get-EntraBetaUserOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraBetaUserOAuth2PermissionGrant + +## Synopsis + +Gets an oAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraBetaUserOAuth2PermissionGrant + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for the specified user in Microsoft Entra ID. Specify `UserId` parameter to retrieve an oAuth2PermissionGrant object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation. + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader +- Guest Inviter + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants for a user + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using the ObjectId parameter. Use the `Get-EntraBetaUser` cmdlet to obtain the `UserId` value. + +### Example 2: Retrieve the OAuth2 permission grants for a user using object ID parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using object ID parameter. + +- `-UserId` parameter specifies the user ID. + +### Example 3: Retrieve the OAuth2 permission grants for a user using All parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using All parameter. + +- `-UserId` parameter specifies the user ID. + +### Example 4: Retrieve top one OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +``` + +This Example Retrieve top one the OAuth2 permission grant in Microsoft Entra ID. + +- `-UserId` parameter specifies the user ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedDevice.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedDevice.md new file mode 100644 index 0000000000..de5cc02690 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedDevice.md @@ -0,0 +1,165 @@ +--- +title: Get-EntraBetaUserOwnedDevice +description: This article provides details on the Get-EntraBetaUserOwnedDevice command. + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserOwnedDevice + +schema: 2.0.0 +--- + +# Get-EntraBetaUserOwnedDevice + +## Synopsis + +Get registered devices owned by a user. + +## Syntax + +```powershell +Get-EntraBetaUserOwnedDevice + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserOwnedDevice` cmdlet gets registered devices owned by the specified user in Microsoft Entra ID. + +## Examples + +### Example 1: Get devices owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserOwnedDevice -UserId 'SawyerM@contoso.com' +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +cccccccc-2222-3333-4444-dddddddddddd bbbb1111-cc22-3333-44dd-555555eeeeee Device2 +``` + +This command gets the registered devices owned by the specified user. + +### Example 2: Get all devices owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserOwnedDevice -UserId 'SawyerM@contoso.com' -All +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +cccccccc-2222-3333-4444-dddddddddddd bbbb1111-cc22-3333-44dd-555555eeeeee Device2 +``` + +This command gets all the registered devices owned by the specified user. + +### Example 3: Get top one device owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserOwnedDevice -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +``` + +This command gets top one registered device owned by the specified user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedObject.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedObject.md new file mode 100644 index 0000000000..d7b8a13dc8 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserOwnedObject.md @@ -0,0 +1,200 @@ +--- +title: Get-EntraBetaUserOwnedObject +description: This article provides details on the Get-EntraBetaUserOwnedObject command. + + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaUserOwnedObject + +## Synopsis + +Get objects owned by a user. + +## Syntax + +```powershell +Get-EntraBetaUserOwnedObject + -UserId + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserOwnedObject` cmdlet gets objects owned by a user in Microsoft Entra ID. Specify `UserId` parameter to get objects owned by user. + +## Examples + +### Example 1: Get objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserOwnedObject -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves objects owned by the specified user. + +- `-UserId` Parameter specifies the ID of a user as a UserPrincipalName or UserId. + +### Example 2: Get objects owned by a user with additional details + +```powershell +Connect-Entra -Scopes 'User.Read' +$ownedObjects = Get-EntraBetaUserOwnedObject -ObjectId 'SawyerM@contoso.com' + +$objectDetails = $ownedObjects | ForEach-Object { + $objectDetail = Get-EntraBetaObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + odataType = $objectDetail.'@odata.type' + displayName = $objectDetail.displayName + Id = $objectDetail.Id + } +} +$objectDetails | Format-Table -Property odataType, displayName, Id -AutoSize +``` + +```Output +odataType displayName Id +--------- ----------- -- +#microsoft.graph.group Contoso FTE Group bbbbbbbb-1111-2222-3333-cccccccccccc +#microsoft.graph.group Digital Engineering Group aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example retrieves objects owned by the specified user with more lookup details. + +### Example 3: Get all objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserOwnedObject -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-1111-1111-1111-000000000000 +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves all the objects owned by the specified user. + +- `-UserId` parameter specifies the ID of a user as a UserPrincipalName or UserId. + +### Example 4: Get top three objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraBetaUserOwnedObject -UserId 'SawyerM@contoso.com' -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-1111-1111-1111-000000000000 +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves the top three objects owned by the specified user. + +- `-UserId` parameter specifies the ID of a user as a UserPrincipalName or UserId. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserRegisteredDevice.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserRegisteredDevice.md new file mode 100644 index 0000000000..c43569a4f0 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserRegisteredDevice.md @@ -0,0 +1,166 @@ +--- +title: Get-EntraBetaUserRegisteredDevice +description: This article provides details on the Get-EntraBetaUserRegisteredDevice command. + + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserRegisteredDevice + +schema: 2.0.0 +--- + +# Get-EntraBetaUserRegisteredDevice + +## Synopsis + +Get devices registered by a user. + +## Syntax + +```powershell +Get-EntraBetaUserRegisteredDevice + -UserId + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaUserRegisteredDevice` cmdlet gets devices registered by a user in Microsoft Entra ID. + +## Examples + +### Example 1: Get registered devices + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserRegisteredDevice -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This command gets the devices that are registered to the specified user. + +### Example 2: Get all registered devices + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserRegisteredDevice -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This command gets all the devices that are registered to the specified user. + +### Example 3: Get one registered device + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraBetaUserRegisteredDevice -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +``` + +This command gets the top one device that are registered to the specified user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserThumbnailPhoto.md b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserThumbnailPhoto.md new file mode 100644 index 0000000000..8c777ba563 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Get-EntraBetaUserThumbnailPhoto.md @@ -0,0 +1,109 @@ +--- +title: Get-EntraBetaUserThumbnailPhoto +description: This article provides details on the Get-EntraBetaUserThumbnailPhoto command. + + +ms.topic: reference +ms.date: 07/23/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Get-EntraBetaUserThumbnailPhoto + +schema: 2.0.0 +--- + +# Get-EntraBetaUserThumbnailPhoto + +## Synopsis + +Retrieve the thumbnail photo of a user. + +## Syntax + +```powershell +Get-EntraBetaUserThumbnailPhoto + -UserId + [-Property ] + [] +``` + +## Description + +Retrieve the thumbnail photo of a user. + +## Examples + +### Example 1: Retrieve thumbnail photo by Id + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraBetaUserThumbnailPhoto -UserId 'SawyerM@contoso.com' +``` + +```Output +Id Height Width +-- ------ ----- +default 292 278 +``` + +This example shows how to retrieve the thumbnail photo of a user that is specified through the value of the UserId parameter. + +- `-UserId` parameter specifies the user for which the thumbnail photo is retrieved. + +## Parameters + +### -UserId + +The object ID of the user for which the thumbnail photo is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaUserThumbnailPhoto](Set-EntraBetaUserThumbnailPhoto.md) diff --git a/module/docs/entra-powershell-beta/Users/New-EntraBetaUser.md b/module/docs/entra-powershell-beta/Users/New-EntraBetaUser.md new file mode 100644 index 0000000000..ba5150bcb1 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/New-EntraBetaUser.md @@ -0,0 +1,812 @@ +--- +title: New-EntraBetaUser +description: This article provides details on the New-EntraBetaUser command. + +ms.topic: reference +ms.date: 06/21/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaUser + +schema: 2.0.0 +--- + +# New-EntraBetaUser + +## Synopsis + +Creates a Microsoft Entra ID user. + +## Syntax + +```powershell +New-EntraBetaUser + -DisplayName + -AccountEnabled + -PasswordProfile + [-PostalCode ] + [-MailNickName ] + [-ShowInAddressList ] + [-Department ] + [-TelephoneNumber ] + [-PreferredLanguage ] + [-Mobile ] + [-JobTitle ] + [-ConsentProvidedForMinor ] + [-PhysicalDeliveryOfficeName ] + [-PasswordPolicies ] + [-IsCompromised ] + [-SignInNames ] + [-OtherMails ] + [-UserState ] + [-ImmutableId ] + [-City ] + [-AgeGroup ] + [-ExtensionProperty ] + [-UsageLocation ] + [-UserStateChangedOn ] + [-Country ] + [-UserPrincipalName ] + [-GivenName ] + [-UserType ] + [-StreetAddress ] + [-State ] + [-CompanyName ] + [-FacsimileTelephoneNumber ] + [-Surname ] + [-CreationType ] + [] +``` + +## Description + +The `New-EntraBetaUser` cmdlet creates a user in Microsoft Entra ID. Specify the `DisplayName`,`AccountEnabled`, and `PasswordProfile` parameter to create a user. + +## Examples + +### Example 1: Create a user using MailNickName parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$params = @{ + DisplayName = 'New User' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'NewUser@contoso.com' + AccountEnabled = $true + MailNickName = 'Newuser' +} + +New-EntraBetaUser @params +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee NewUser@contoso.com +``` + +This command creates a new user. + +### Example 2: Create a user using AgeGroup parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$params = @{ + DisplayName = 'New User' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'NewUser@contoso.com' + AccountEnabled = $true + MailNickName = 'Newuser' + AgeGroup = 'adult' +} + +New-EntraBetaUser @params +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee NewUser@contoso.com +``` + +This command creates a new user. + +### Example 3: Create a user using City parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$params = @{ + DisplayName = 'New User' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'NewUser@contoso.com' + AccountEnabled = $true + MailNickName = 'Newuser' + City = 'New York' +} + +New-EntraBetaUser @params +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee NewUser@contoso.com +``` + +This command creates a new user. + +### Example 4: Create a user using Department parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$params = @{ + DisplayName = 'New User' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'NewUser@contoso.com' + AccountEnabled = $true + MailNickName = 'Newuser' + Department = 'IT' +} + +New-EntraBetaUser @params +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee NewUser@contoso.com +``` + +This command creates a new user. + +### Example 5: Create a user using Mobile parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$params = @{ + DisplayName = 'New User' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'NewUser@contoso.com' + AccountEnabled = $true + MailNickName = 'Newuser' + Mobile = '02883655253' +} + +New-EntraBetaUser @params +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee NewUser@contoso.com +``` + +This command creates a new user. + +## Parameters + +### -AccountEnabled + +Indicates whether the user's account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -City + +Specifies the user's city. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Country + +Specifies the user's country. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreationType + +Indicates whether the user account is a local account for a Microsoft Entra ID B2C tenant. +Possible values are "LocalAccount" and null. + +- When user creating a local account, the property is required and you must set it to "LocalAccount". +- When user creating a work or school account, don't specify the property or set it to null. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Department + +Specifies the user's department. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the user's display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExtensionProperty + +Add data to custom user properties as the basic **open extensions** or the more versatile **schema extensions**. + +```yaml +Type: System.Collections.Generic.Dictionary`2[System.String,System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GivenName + +Specifies the user's given name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ImmutableId + +This property is used to associate an on-premises user account to their Microsoft Entra ID user object. +This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. + +Important: The $ and _ characters can't be used when specifying this property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompromised + +Indicates whether this user is compromised. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -JobTitle + +Specifies the user's job title. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickName + +Specifies the user's mail nickname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Mobile + +Specifies the user's mobile phone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OtherMails + +A list of other email addresses for the user; for example: "", "". + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordPolicies + +Specifies password policies for the user. +This value is an enumeration with one possible value being "DisableStrongPassword", which allows weaker passwords than the default policy to be specified. +"DisablePasswordExpiration" can also be specified. +The two might be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordProfile + +Specifies the user's password profile. + +The parameter type for this parameter is "PasswordProfile". + +In order to pass a parameter of this type, you first need to create a variable in PowerShell with that type: + +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + +Then you can proceed to set the value of the password in this variable: + +$PasswordProfile.Password = "\" + +And finally you can pass this variable to the cmdlet: + +New-EntraBetaUser -PasswordProfile $PasswordProfile ... + +Other attributes that can be set in the PasswordProfile are + +- $PasswordProfile.EnforceChangePasswordPolicy - a boolean indicating that the change password policy is enababled or disabled for this user $PasswordProfile. + +- ForceChangePasswordNextLogin - a boolean indicating that the user must change the password at the next sign in. + +```yaml +Type: PasswordProfile +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PhysicalDeliveryOfficeName + +Specifies the user's physical delivery office name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PostalCode + +Specifies the user's postal code. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredLanguage + +Specifies the user's preferred language. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ShowInAddressList + +If True, show this user in the address list. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInNames + +Specifies the collection of sign-in names for a local account in a Microsoft Entra ID B2C tenant. + +Each sign-in name must be unique across the company/tenant. + +The property must be specified when you create a local account user; don't specify it when you create a work or school account. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the user's state. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StreetAddress + +Specifies the user's street address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Surname + +Specifies the user's surname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TelephoneNumber + +Specifies a telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsageLocation + +A two letter country code (ISO standard 3166). + +Required for users that are assigned licenses due to legal requirement to check for availability of services in countries. + +Examples include: "US", "JP", and "GB". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserPrincipalName + +The user principal name (UPN) of the user. + +The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. + +By convention, this UPN should map to the user's email name. + +The general format is "alias@domain". + +For work or school accounts, the domain must be present in the tenant's collection of verified domains. + +This property is required when a work or school account is created; it's optional for local accounts. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserType + +A string value that can be used to classify user types in your directory, such as "Member" and "Guest". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -FacsimileTelephoneNumber + +Specifies the user's telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AgeGroup + +Specifies the user's age group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CompanyName + +Specifies the user's company name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentProvidedForMinor + +Sets whether consent was obtained for minors. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserState + +For an external user invited to the tenant using the invitation API, this property represents the invited user's +invitation status. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserStateChangedOn + +Shows the timestamp for the latest change to the userState property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[Remove-EntraBetaUser](Remove-EntraBetaUser.md) + +[Set-EntraBetaUser](Set-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/New-EntraBetaUserAppRoleAssignment.md b/module/docs/entra-powershell-beta/Users/New-EntraBetaUserAppRoleAssignment.md new file mode 100644 index 0000000000..e9467b04ca --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/New-EntraBetaUserAppRoleAssignment.md @@ -0,0 +1,207 @@ +--- +title: New-EntraBetaUserAppRoleAssignment +description: This article provides details on the New-EntraBetaUserAppRoleAssignment command. + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/New-EntraBetaUserAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaUserAppRoleAssignment + +## Synopsis + +Assigns a user to an application role. + +## Syntax + +```powershell +New-EntraBetaUserAppRoleAssignment + -ResourceId + -Id + -ObjectId + -PrincipalId + [] +``` + +## Description + +The `New-EntraBetaUserAppRoleAssignment` cmdlet assigns a user to an application role in Microsoft Entra ID. + +To grant an app role assignment to a user, you need three identifiers: + +- PrincipalId: The ID of the user to whom you are assigning the app role. + +- ResourceId: The ID of the resource servicePrincipal that defines the app role. + +- Id: The ID of the appRole (defined on the resource service principal) to assign to the user. + +## Examples + +### Example 1: Assign a user to an application without roles + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$appId = (Get-EntraApplication -SearchString '').AppId +$user = Get-EntraBetaUser -searchstring 'NewUser' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "appId eq '$appId'" +$params = @{ + ObjectId = $user.ObjectId + PrincipalId = $user.ObjectId + ResourceId = $servicePrincipal.ObjectId + Id = ([Guid]::Empty) +} +New-EntraBetaUserAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +ZwFW_R__GkeNdDsAcKvOoerWWY8NKDJGlIgS4FjeyXQ 00000000-0000-0000-0000-000000000000 08-08-2024 05:40:06 Conf Room Adams aaaaaaaa-bbbb-cccc-1111-222222222222 User ResourceDisplayName 07188127-baa9-4f… +``` + +This command assigns a user to an application that doesn't have any roles. +You can use the command `Get-EntraBetaUser` to get user object ID. +You can use the command `Get-EntraBetaApplication` to get application ID. +You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ObjectId` parameter specifies the ID of a user to whom you are assigning the app role. +- `-PrincipalId` parameter specifies the ID of a user to whom you are assigning the app role. +- `-ResourceId` parameter specifies the ID of a resource servicePrincipal that defines the app role. +- `-Id` parameter specifies the ID of a appRole (defined on the resource service principal) to assign to the user. + +### Example 2: Assign a user to a specific role within an application + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$userName = 'SawyerM@contoso.com' +$appName = 'Box' +$appId = Get-EntraBetaApplication -Filter "DisplayName eq '$appName'" +$spo = Get-EntraBetaServicePrincipal -All | Where-Object {$_.AppId -eq $appId.AppId } +$user = Get-EntraBetaUser -Filter "userPrincipalName eq '$userName'" +$params = @{ + ObjectId = $user.ObjectId + PrincipalId = $user.ObjectId + ResourceId = $spo.ObjectId + Id = $appId.AppRoles.Id +} +New-EntraBetaUserAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +Idn1u1K7S0OWoJWIjkT69Stnjqd1iblKlg-GoqVkNlM cbbf6a32-6dcd-4f22-9be7-ffb128119fae 08-08-2024 08:13:26 Test One Updated bbbbbbbb-cccc-dddd-2222-333333333333 User M365 License Manager 0008861a-d455-4… +``` + +This example demonstrates how to assign a user to an application role in Microsoft Entra ID. +You can use the command `Get-EntraBetaUser` to get user object ID. +You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ObjectId` parameter specifies the ID of a user to whom you are assigning the app role. +- `-PrincipalId` parameter specifies the ID of a user to whom you are assigning the app role. +- `-ResourceId` specifies the ID of a resource servicePrincipal that defines the app role. +- `-Id` parameter specifies the ID of a appRole (defined on the resource service principal) to assign to the user. + +## Parameters + +### -Id + +The ID of the app role to assign. + +If application doesn't have any roles while creating new app role assignment then provide an empty guid, or the Id of the role to assign to the user. + +You can retrieve the application's roles by examining the application object's AppRoles property: + +`Get-EntraBetaApplication -SearchString 'Your-Application-DisplayName' | select Approles | Format-List` + +This cmdlet returns the list of roles that are defined in an application: + +AppRoles: {GUID1, GUID2} + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of the user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID to which the new app role is to be assigned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +The object ID of the principal to which the new app role is assigned. + +When assigning a new role to a user, provide the object ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The object ID of the Service Principal for the application to which the user role is assigned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUserAppRoleAssignment](Get-EntraBetaUserAppRoleAssignment.md) + +[Remove-EntraBetaUserAppRoleAssignment](Remove-EntraBetaUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUser.md b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUser.md new file mode 100644 index 0000000000..314183dfa0 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUser.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaUser +description: This article provides details on the Remove-EntraBetaUser command. + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaUser + +schema: 2.0.0 +--- + +# Remove-EntraBetaUser + +## Synopsis + +Removes a user. + +## Syntax + +```powershell +Remove-EntraBetaUser + -UserId + [] +``` + +## Description + +The `Remove-EntraBetaUser` cmdlet removes a user in Microsoft Entra ID. Specify the `UserId` parameter to remove the specified user in Microsoft Entra ID. + +The calling user must be assigned at least one of the following Microsoft Entra roles: + +- User Administrator +- Privileged Authentication Administrator + +## Examples + +### Example 1: Remove a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +Remove-EntraBetaUser -UserId 'SawyerM@Contoso.com' +``` + +This command removes the specified user in Microsoft Entra ID. + +## Parameters + +### -UserId + +Specifies the ID of a user (as a UPN or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[New-EntraBetaUser](New-EntraBetaUser.md) + +[Set-EntraBetaUser](Set-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserAppRoleAssignment.md b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserAppRoleAssignment.md new file mode 100644 index 0000000000..20b6c0e45a --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserAppRoleAssignment.md @@ -0,0 +1,105 @@ +--- +title: Remove-EntraBetaUserAppRoleAssignment +description: This article provides details on the Remove-EntraBetaUserAppRoleAssignment command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaUserAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraBetaUserAppRoleAssignment + +## Synopsis + +Removes a user application role assignment. + +## Syntax + +```powershell +Remove-EntraBetaUserAppRoleAssignment + -ObjectId + -AppRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraBetaUserAppRoleAssignment` cmdlet removes a user application role assignment in Microsoft Entra ID. + +## Examples + +### Example 1: Remove user app role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$RemoveAppRoleParams = @{ + ObjectId = 'SawyerM@Contoso.com' + AppRoleAssignmentId = 'C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w' +} +Remove-EntraBetaUserAppRoleAssignment @RemoveAppRoleParams +``` + +This example demonstrates how to Remove the user app role assignment in Microsoft Entra ID. + +- `-ObjectId` parameter specifies the user ID. +- `-AppRoleAssignmentId` parameter specifies the application role assignment ID. + +Use the `Get-EntraBetaUserAppRoleAssignment` cmdlet to get `AppRoleAssignmentId` details. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of an application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID (as a UserPrincipleName or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUserAppRoleAssignment](Get-EntraBetaUserAppRoleAssignment.md) + +[New-EntraBetaUserAppRoleAssignment](New-EntraBetaUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserExtension.md b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserExtension.md new file mode 100644 index 0000000000..6d4b242cc4 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserExtension.md @@ -0,0 +1,130 @@ +--- +title: Remove-EntraBetaUserExtension +description: This article provides details on the Remove-EntraBetaUserExtension command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaUserExtension + +schema: 2.0.0 +--- + +# Remove-EntraBetaUserExtension + +## Synopsis + +Removes a user extension. + +## Syntax + +### SetMultiple + +```powershell +Remove-EntraBetaUserExtension + -ObjectId + -ExtensionNames + [] +``` + +### SetSingle + +```powershell +Remove-EntraBetaUserExtension + -ObjectId + -ExtensionName + [] +``` + +## Description + +The `Remove-EntraBetaUserExtension` cmdlet removes a user extension from Microsoft Entra ID. Specify `ObjectId` and `ExtensionNames` parameters to remove a user extension. + +## Examples + +### Example 1: Remove the user extension + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$Params = @{ + ObjectId = 'SawyerM@Contoso.com' + ExtensionName = 'Test Extension' +} +Remove-EntraBetaUserExtension @Params +``` + +This example demonstrates how to remove a user extension from Microsoft Entra ID. + +- `ObjectId` parameter specifies the user Object ID. +- `ExtensionName` parameter specifies the user ExtentionName. + +## Parameters + +### -ExtensionName + +Specifies the name of an extension. + +```yaml +Type: System.String +Parameter Sets: SetSingle +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExtensionNames + +Specifies an array of extension names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: SetMultiple +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies an object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUserExtension](Get-EntraBetaUserExtension.md) + +[Set-EntraBetaUserExtension](Set-EntraBetaUserExtension.md) diff --git a/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserManager.md b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserManager.md new file mode 100644 index 0000000000..d345a2d8b6 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Remove-EntraBetaUserManager.md @@ -0,0 +1,83 @@ +--- +title: Remove-EntraBetaUserManager +description: This article provides details on the Remove-EntraBetaUserManager command. + + +ms.topic: reference +ms.date: 06/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Remove-EntraBetaUserManager + +schema: 2.0.0 +--- + +# Remove-EntraBetaUserManager + +## Synopsis + +Removes a user's manager. + +## Syntax + +```powershell +Remove-EntraBetaUserManager + -UserId + [] +``` + +## Description + +The `Remove-EntraBetaUserManager` cmdlet removes a user's manager in Microsoft Entra ID. Specify the `UserId` parameter to remove the manager for a user in Microsoft Entra ID. + +## Examples + +### Example 1: Remove the manager of a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$User = Get-EntraBetaUser -UserId 'SawyerM@Contoso.com' +Remove-EntraBetaUserManager -UserId $User.ObjectId +``` + +This example shows how to remove a user's manager. + +You can use `Get-EntraBetaUser` command to get the user's details. + +## Parameters + +### -UserId + +Specifies the ID of a user (as a User Principle Name or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraBetaUserManager](Get-EntraBetaUserManager.md) + +[Set-EntraBetaUserManager](Set-EntraBetaUserManager.md) diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUser.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUser.md new file mode 100644 index 0000000000..128f697ff0 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUser.md @@ -0,0 +1,678 @@ +--- +title: Set-EntraBetaUser +description: This article provides details on the Set-EntraBetaUser command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUser + +schema: 2.0.0 +--- + +# Set-EntraBetaUser + +## Synopsis + +Updates a user. + +## Syntax + +```powershell +Set-EntraBetaUser + -UserId + [-PostalCode ] + [-MailNickName ] + [-ShowInAddressList ] + [-Department ] + [-DisplayName ] + [-Mobile ] + [-JobTitle ] + [-ConsentProvidedForMinor ] + [-OtherMails ] + [-PasswordPolicies ] + [-SignInNames ] + [-PreferredLanguage ] + [-ImmutableId ] + [-City ] + [-AgeGroup ] + [-ExtensionProperty ] + [-UsageLocation ] + [-State ] + [-AccountEnabled ] + [-Country ] + [-UserPrincipalName ] + [-GivenName ] + [-PasswordProfile ] + [-UserType ] + [-StreetAddress ] + [-CompanyName ] + [-Surname ] + [-TelephoneNumber ] + [-CreationType ] + [] +``` + +## Description + +The `Set-EntraBetaUser` cmdlet updates a user in Microsoft Entra ID. Specify the `UserId` parameter to update a user in Microsoft Entra ID. + +## Examples + +### Example 1: Update a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' +$params = @{ + UserId = $user.ObjectId + DisplayName = 'Updated user Name' +} +Set-EntraBetaUser @params +``` + +This example updates the specified user's Display name parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. + +### Example 2: Set the specified user's AccountEnabled parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + AccountEnabled = $true +} +Set-EntraBetaUser @params +``` + +This example updates the specified user's AccountEnabled parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-AccountEnabled` Specifies whether the account is enabled. + +### Example 3: Set all but specified users as minors with parental consent + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +Get-EntraBetaUser -All | Where-Object -FilterScript { $_.DisplayName -notmatch '(George|James|Education)' } | +ForEach-Object { Set-EntraBetaUser -UserId $($_.ObjectId) -AgeGroup 'minor' -ConsentProvidedForMinor 'granted' } +``` + +This example updates the specified user's as minors with parental consent. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-ConsentProvidedForMinor` Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired. + +### Example 4: Set the specified user's property + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + City = 'Add city name' + CompanyName = 'Microsoft' + Country = 'Add country name' + Department = 'Add department name' + GivenName = 'Mircosoft' + ImmutableId = '#1' + JobTitle = 'Manager' + MailNickName = 'Add mailnickname' + Mobile = '9984534564' + OtherMails = 'test12@M365x99297270.OnMicrosoft.com' + PasswordPolicies = 'DisableStrongPassword' + State = 'UP' + StreetAddress = 'Add address' + UserType = 'Member' +} +Set-EntraBetaUser @params +``` + +This example updates the specified user's property. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-UserType` classify user types in your directory, such as "Member" and "Guest." +- `-PasswordPolicies` Specifies password policies for the user. +- `-OtherMails` Specifies other email addresses for the user + +### Example 5: Set the specified user's PasswordProfile parameter + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$params= @{ +UserId = 'SawyerM@contoso.com' +PasswordProfile = @{ + Password= '*****' + ForceChangePasswordNextLogin = $true + EnforceChangePasswordPolicy = $false + } +} +Set-EntraBetaUser @params +``` + +This example updates the specified user's PasswordProfile parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-PasswordProfile` specifies the user's password profile. + +### Example 6: Set user's usage location for license assignment + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -UsageLocation 'US' +``` + +This example updates the specified user's Usage Location for license management. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-UsageLocation` specifies the user's usage location. Two-letter ISO 3166 country code. Required for licensed users to check service availability. Examples: US, JP, GB. Not nullable. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -City + +Specifies the user's city. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Country + +Specifies the user's country. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreationType + +Indicates whether the user account is a local account for a Microsoft Entra ID B2C tenant. +Possible values are "LocalAccount" and null. +When creating a local account, the property is required and you must set it to "LocalAccount". +When creating a work or school account, don't specify the property or set it to null. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Department + +Specifies the user's department. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the user's display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExtensionProperty + +Add data to custom user properties as the basic open extensions or the more versatile schema extensions. + +```yaml +Type: System.Collections.Generic.Dictionary`2[System.String,System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GivenName + +Specifies the user's given name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ImmutableId + +This property links an on-premises Active Directory user account to its Microsoft Entra ID user object. You must specify this property when creating a new user account in Graph if the user's userPrincipalName uses a federated domain. + +Important: Do not use the $ and _ characters when specifying this property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -JobTitle + +Specifies the user's job title. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickName + +Specifies a nickname for the user's mail address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Mobile + +Specifies the user's mobile phone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principle Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OtherMails + +Specifies other email addresses for the user. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordPolicies + +Specifies password policies for the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordProfile + +Specifies the user's password profile. + +```yaml +Type: PasswordProfile +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PostalCode + +Specifies the user's postal code. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredLanguage + +Specifies the user's preferred language. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ShowInAddressList + +Set to True to show this user in the address list. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInNames + +The list of sign in names for this user + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the user's state. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StreetAddress + +Specifies the user's street address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Surname + +Specifies the user's surname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TelephoneNumber + +Specifies the user's telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsageLocation + +A two letter country or region code (ISO standard 3166). Required for users that assigned licenses due to legal requirement to check for availability of services in country and regions. Examples include: "US," "JP," and "GB." Not nullable. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserPrincipalName + +Specifies the user's user principal name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserType + +A string value that can be used to classify user types in your directory, such as "Member" and "Guest." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AgeGroup + +Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, minor, notAdult, and adult. See, [legal-age-group](https://learn.microsoft.com/graph/api/resources/user#legal-age-group-property-definitions). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CompanyName + +The company name, which the user is associated. This property can be useful for describing the company that an external user comes from. The maximum length of the company name is 64 characters. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentProvidedForMinor + +Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[New-EntraBetaUser](New-EntraBetaUser.md) + +[Remove-EntraBetaUser](Remove-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserExtension.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserExtension.md new file mode 100644 index 0000000000..19938de6ea --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserExtension.md @@ -0,0 +1,152 @@ +--- +title: Set-EntraBetaUserExtension +description: This article provides details on the Set-EntraBetaUserExtension command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUserExtension + +schema: 2.0.0 +--- + +# Set-EntraBetaUserExtension + +## Synopsis + +Sets a user extension. + +## Syntax + +### SetSingle + +```powershell +Set-EntraBetaUserExtension + -ExtensionName + -ObjectId + -ExtensionValue + [] +``` + +### SetMultiple + +```powershell +Set-EntraBetaUserExtension + -ObjectId + -ExtensionNameValues + [] +``` + +## Description + +The `Set-EntraBetaUserExtension` cmdlet updates a user extension in Microsoft Entra ID. + +## Examples + +### Example 1: Set the value of an extension attribute for a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$params = @{ + ObjectId = 'SawyerM@contoso.com' + ExtensionName = 'extension_e5e29b8a85d941eab8d12162bd004528_extensionAttribute8' + ExtensionValue = 'New Value' +} +Set-EntraBetaUserExtension @params +``` + +This example shows how to update the value of the extension attribute for a specified user. + +- `-ObjectId` parameter specifies the user Id. +- `-ExtensionName` parameter specifies the name of an extension. +- `-ExtensionValue` parameter specifies the extension name values. + +## Parameters + +### -ExtensionName + +Specifies the name of an extension. + +```yaml +Type: System.String +Parameter Sets: SetSingle +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExtensionNameValues + +Specifies extension name values. + +```yaml +Type: System.Collections.Generic.Dictionary`2[System.String,System.String] +Parameter Sets: SetMultiple +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExtensionValue + +Specifies an extension value. + +```yaml +Type: System.String +Parameter Sets: SetSingle +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[Get-EntraBetaUserExtension](Get-EntraBetaUserExtension.md) + +[Remove-EntraBetaUserExtension](Remove-EntraBetaUserExtension.md) diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserLicense.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserLicense.md new file mode 100644 index 0000000000..36a236e631 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserLicense.md @@ -0,0 +1,213 @@ +--- +title: Set-EntraBetaUserLicense +description: This article provides details on the Set-EntraBetaUserLicense command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUserLicense + +schema: 2.0.0 +--- + +# Set-EntraBetaUserLicense + +## Synopsis + +Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. + +## Syntax + +```powershell +Set-EntraBetaUserLicense + -ObjectId + -AssignedLicenses + [] +``` + +## Description + +The `Set-EntraBetaUserLicense` adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Writers +- License Administrator +- User Administrator + +**Note**: Before assigning a license, assign a usage location to the user using: +`Set-EntraUser -ObjectId user@contoso.com -UsageLocation ''`. + +## Examples + +### Example 1: Add a license to a user based on a template user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$LicensedUser = Get-EntraBetaUser -ObjectId 'TemplateUser@contoso.com' +$License = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License.SkuId = $LicensedUser.AssignedLicenses.SkuId +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.AddLicenses = $License +$Params = @{ + ObjectId = 'SawyerM@contoso.com' + AssignedLicenses = $Licenses +} +Set-EntraBetaUserLicense @Params +``` + +```Output +Name Value +---- ----- +externalUserStateChangeDateTi… +businessPhones {8976546787} +postalCode 444601 +createdDateTime 06-11-2023 04:48:19 +surname KTETSs +jobTitle Manager +employeeType +otherMails {SawyerM@contoso.com} +isResourceAccount +usageLocation DE +legalAgeGroupClassification Adult +id cccccccc-2222-3333-4444-dddddddddddd +isLicenseReconciliationNeeded False +``` + +This example demonstrates how to assign a license to a user based on a template user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +### Example 2: Add a license to a user by copying license from another user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$LicensedUser = Get-EntraBetaUser -ObjectId 'AdeleV@contoso.com' +$User = Get-EntraBetaUser -ObjectId 'SawyerM@contoso.com' +$License1 = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License1.SkuId = $LicensedUser.AssignedLicenses.SkuId[0] +$License2 = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License2.SkuId = $LicensedUser.AssignedLicenses.SkuId[1] +$addLicensesArray = @() +$addLicensesArray += $License1 +$addLicensesArray += $License2 +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.AddLicenses = $addLicensesArray +$Params = @{ + ObjectId = $User.ObjectId + AssignedLicenses = $Licenses +} +Set-EntraBetaUserLicense @Params +``` + +```Output +Name Value +---- ----- +externalUserStateChangeDateTi… +businessPhones {8976546787} +postalCode 444601 +createdDateTime 06-11-2023 04:48:19 +surname KTETSs +jobTitle Manager +employeeType +otherMails {SawyerM@contoso.com} +isResourceAccount +usageLocation DE +legalAgeGroupClassification Adult +id cccccccc-2222-3333-4444-dddddddddddd +isLicenseReconciliationNeeded False +``` + +This example demonstrates how to assign a license to a user by copying license from another user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +### Example 3: Remove an assigned User's License + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$UserPrincipalName = 'SawyerM@contoso.com' +$User = Get-EntraBetaUser -ObjectId $UserPrincipalName +$SkuId = (Get-EntraBetaUserLicenseDetail -ObjectId $UserPrincipalName).SkuId +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.RemoveLicenses = $SkuId +Set-EntraBetaUserLicense -ObjectId $User.ObjectId -AssignedLicenses $Licenses +``` + +```Output +Name Value +---- ----- +displayName SawyerM +id cccccccc-2222-3333-4444-dddddddddddd +jobTitle +surname M +mail +userPrincipalName SawyerM@contoso.com +mobilePhone +preferredLanguage +@odata.context https://graph.microsoft.com/v1.0/$metadata#users/$entity +businessPhones {} +officeLocation +givenName Sawyer +``` + +This example demonstrates how to remove a user's license by retrieving the user details. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +## Parameters + +### -AssignedLicenses + +Specifies a list of licenses to assign or remove. + +```yaml +Type: AssignedLicenses +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaUser](Get-EntraBetaUser.md) diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserManager.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserManager.md new file mode 100644 index 0000000000..64fed02a20 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserManager.md @@ -0,0 +1,101 @@ +--- +title: Set-EntraBetaUserManager +description: This article provides details on the Set-EntraBetaUserManager command. + +ms.topic: reference +ms.date: 06/21/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUserManager + +schema: 2.0.0 +--- + +# Set-EntraBetaUserManager + +## Synopsis + +Updates a user's manager. + +## Syntax + +```powershell +Set-EntraBetaUserManager + -UserId + -RefObjectId + [] +``` + +## Description + +The `Set-EntraBetaUserManager` cmdlet update the manager for a user in Microsoft Entra ID. Specify the `UserId` and `RefObjectId` parameters to update the manager for a user in Microsoft Entra ID. + +## Examples + +### Example 1: Update a user's manager + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$manager = Get-EntraBetaUser -UserId 'Manager@contoso.com' +$params = @{ + UserId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + RefObjectId = '55ff55ff-aa66-bb77-cc88-99dd99dd99dd' +} +Set-EntraBetaUserManager @params +``` + +This example demonstrates how to update the manager for the specified user. + +## Parameters + +### -UserId + +Specifies the ID (as a User Principle Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraBetaUserManager](Get-EntraBetaUserManager.md) + +[Remove-EntraBetaUserManager](Remove-EntraBetaUserManager.md) diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserPassword.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserPassword.md new file mode 100644 index 0000000000..61cd48e807 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserPassword.md @@ -0,0 +1,164 @@ +--- +title: Set-EntraBetaUserPassword +description: This article provides details on the Set-EntraBetaUserPassword command. + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUserPassword + +schema: 2.0.0 +--- + +# Set-EntraBetaUserPassword + +## Synopsis + +Sets the password of a user. + +## Syntax + +```powershell +Set-EntraBetaUserPassword + -ObjectId + -Password + [-ForceChangePasswordNextLogin ] + [-EnforceChangePasswordPolicy ] + [] +``` + +## Description + +The `Set-EntraBetaUserPassword` cmdlet sets the password for a user in Microsoft Entra ID. + +Any user can update their password without belonging to any administrator role. + +## Examples + +### Example 1: Set a user's password + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword = '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraBetaUserPassword -ObjectId 'SawyerM@contoso.com' -Password $securePassword +``` + +This command sets the specified user's password. + +- `-ObjectId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. + +### Example 2: Set a user's password with EnforceChangePasswordPolicy parameter + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword= '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraBetaUserPassword -ObjectId 'SawyerM@contoso.com' -Password $securePassword -EnforceChangePasswordPolicy $True +``` + +This command sets the specified user's password with EnforceChangePasswordPolicy parameter. + +- `-ObjectId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. +- `-EnforceChangePasswordPolicy` parameter force the user to change their password, if set to true. + +### Example 3: Set a user's password with ForceChangePasswordNextLogin parameter + +```powershell +connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword= '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraBetaUserPassword -ObjectId 'SawyerM@contoso.com' -Password $securePassword -ForceChangePasswordNextLogin $True +``` + +This command sets the specified user's password with ForceChangePasswordNextLogin parameter. + +- `-ObjectId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. +- `-ForceChangePasswordNextLogin` parameter forces a user to change their password during their next log in. + +## Parameters + +### -EnforceChangePasswordPolicy + +If set to true, force the user to change their password. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ForceChangePasswordNextLogin + +Forces a user to change their password during their next sign in. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Password + +Specifies the password. + +```yaml +Type: System.SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserThumbnailPhoto.md b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserThumbnailPhoto.md new file mode 100644 index 0000000000..90a73b2ce9 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Set-EntraBetaUserThumbnailPhoto.md @@ -0,0 +1,162 @@ +--- +title: Set-EntraBetaUserThumbnailPhoto +description: This article provides details on the Set-EntraBetaUserThumbnailPhoto command. + +ms.topic: reference +ms.date: 07/24/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Set-EntraBetaUserThumbnailPhoto + +schema: 2.0.0 +--- + +# Set-EntraBetaUserThumbnailPhoto + +## Synopsis + +Set the thumbnail photo for a user. + +## Syntax + +### File (Default) + +```powershell +Set-EntraBetaUserThumbnailPhoto + -FilePath + [-UserId ] + [] +``` + +### ByteArray + +```powershell +Set-EntraBetaUserThumbnailPhoto + -ImageByteArray + [-UserId ] + [] +``` + +### Stream + +```powershell +Set-EntraBetaUserThumbnailPhoto + -FileStream + [-UserId ] + [] +``` + +## Description + +The `Set-EntraBetaUserThumbnailPhoto` cmdlet is used to set the thumbnail photo for a user. + +Updating any user's photo in the organization requires the User.ReadWrite.All permission. Updating only the signed-in user's photo requires the User.ReadWrite permission. + +## Examples + +### Example 1: Sets the thumbnail photo + +```powershell +Connect-Entra -Scopes 'User.ReadWrite','User.ReadWrite.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + FilePath = 'D:\UserThumbnailPhoto.jpg' +} +Set-EntraBetaUserThumbnailPhoto @params +``` + +This example sets the thumbnail photo of the user specified with the UserId parameter to the image specified with the FilePath parameter. + +- `-UserId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-FilePath` parameter specifies the file path of the image to be uploaded as the user thumbnail photo. + +## Parameters + +### -FilePath + +The file path of the image to be uploaded as the user thumbnail photo. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FileStream + +A filestream that contains the user thumbnail photo. + +```yaml +Type: System.Stream +Parameter Sets: Stream +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ImageByteArray + +An Image Byte Array that contains the user thumbnail photo. + +```yaml +Type: System.Byte[] +Parameter Sets: ByteArray +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +The Object ID of the user for which the user thumbnail photo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaUserThumbnailPhoto](Get-EntraBetaUserThumbnailPhoto.md) diff --git a/module/docs/entra-powershell-beta/Users/Update-EntraBetaSignedInUserPassword.md b/module/docs/entra-powershell-beta/Users/Update-EntraBetaSignedInUserPassword.md new file mode 100644 index 0000000000..2c3282077b --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Update-EntraBetaSignedInUserPassword.md @@ -0,0 +1,105 @@ +--- +title: Update-EntraBetaSignedInUserPassword +description: This article provides details on the Update-EntraBetaSignedInUserPassword command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Update-EntraBetaSignedInUserPassword + +schema: 2.0.0 +--- + +# Update-EntraBetaSignedInUserPassword + +## Synopsis + +Updates the password for the signed-in user. + +## Syntax + +```powershell +Update-EntraBetaSignedInUserPassword + -CurrentPassword + -NewPassword + [] +``` + +## Description + +The `Update-EntraBetaSignedInUserPassword` cmdlet updates the password for the signed-in user in Microsoft Entra ID. + +Enable users to update their own passwords. Any user can change their password without requiring administrator privileges. + +## Examples + +### Example 1: Update a password + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$CurrentPassword = ConvertTo-SecureString '' -AsPlainText -Force +$NewPassword = ConvertTo-SecureString '' -AsPlainText -Force +$params = @{ + CurrentPassword = $CurrentPassword + NewPassword = $NewPassword +} +Update-EntraBetaSignedInUserPassword @params +``` + +This example shows how to update the password for the signed-in user. + +- `-CurrentPassword` parameter specifies the current password of the signed-in user. +- `-NewPassword` parameter specifies the new password for the signed-in user. + +## Parameters + +### -CurrentPassword + +Specifies the current password of the signed-in user. + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NewPassword + +Specifies the new password for the signed-in user. + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [changePassword](https://learn.microsoft.com/graph/api/user-changepassword). + +## Related links diff --git a/module/docs/entra-powershell-beta/Users/Update-EntraBetaUserFromFederated.md b/module/docs/entra-powershell-beta/Users/Update-EntraBetaUserFromFederated.md new file mode 100644 index 0000000000..accc96a469 --- /dev/null +++ b/module/docs/entra-powershell-beta/Users/Update-EntraBetaUserFromFederated.md @@ -0,0 +1,105 @@ +--- +title: Update-EntraBetaUserFromFederated +description: This article provides details on the Update-EntraBetaUserFromFederated command. + +ms.topic: reference +ms.date: 08/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Beta.Users-Help.xml +Module Name: Microsoft.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra.Beta/Update-EntraBetaUserFromFederated + +schema: 2.0.0 +--- + +# Update-EntraBetaUserFromFederated + +## Synopsis + +Updates a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. + +## Syntax + +```powershell +Update-EntraBetaUserFromFederated + -UserPrincipalName + [-NewPassword ] + [] +``` + +## Description + +The `Update-EntraBetaUserFromFederated` cmdlet is used to update a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. A new password must be provided for the user. + +This process writes the new password to Microsoft Entra ID and, if configured with password writeback, pushes it to on-premises Active Directory. The admin can provide a new password or let the system generate one. The user will be prompted to change their password at their next sign-in. + +For delegated scenarios, the administrator needs at least the Authentication Administrator or Privileged Authentication Administrator Microsoft Entra role. + +Admins with User Administrator, Helpdesk Administrator, or Password Administrator roles can also reset passwords for non-admin users and a limited set of admin roles. + +## Examples + +### Example 1: Update a user in a domain + +```powershell +Connect-Entra -Scopes 'UserAuthenticationMethod.ReadWrite.All' +Update-EntraBetaUserFromFederated -UserPrincipalName 'pattifuller@contoso.com' +``` + +This command updates a user in a domain. + +- `-UserPrincipalName` parameter specifies the Microsoft Entra ID UserID for the user to convert. + +## Parameters + +### -UserPrincipalName + +The Microsoft Entra ID UserID for the user to convert. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NewPassword + +The new password of the user. + +For tenants using hybrid password scenarios, specifying a new password is required. If you omit the password for a cloud-only account, the system generates one automatically. This generated password is a Unicode string without additional encoding. Before acceptance, the password is validated against the tenant's banned password list and must meet the tenant's cloud and/or on-premises password requirements. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [resetPassword](https://learn.microsoft.com/graph/api/authenticationmethod-resetpassword). + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Applications/Add-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Applications/Add-EntraApplicationOwner.md new file mode 100644 index 0000000000..dca68faccc --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Add-EntraApplicationOwner.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraApplicationOwner +description: This article provides details on the Add-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Add-EntraApplicationOwner + +## Synopsis + +Adds an owner to an application. + +## Syntax + +```powershell +Add-EntraApplicationOwner + -ApplicationId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. + +## Examples + +### Example 1: Add a user as an owner to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +Add-EntraApplicationOwner -ApplicationId $application.Id -RefObjectId $user.Id +``` + +This example demonstrates how to add an owner to an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the ID of an application. +- `-RefObjectId` parameter specifies the ID of a user. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) + +[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..acf6ebade0 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,163 @@ +--- +title: Add-EntraServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Add-EntraServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Add-EntraServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Add a classification for a delegated permission. + +## Syntax + +```powershell +Add-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -PermissionId + -Classification + -PermissionName + [] +``` + +## Description + +The `Add-EntraServicePrincipalDelegatedPermissionClassification` cmdlet creates a delegated permission classification for the given permission on service principal. + +## Examples + +### Example 1: Create Delegated Permission Classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$PermissionId = $ServicePrincipal.PublishedPermissionScopes[0].Id +$PermissionName = $ServicePrincipal.PublishedPermissionScopes[0].Value + +$params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + PermissionId = $PermissionId + Classification = 'Low' + PermissionName = $PermissionName +} + +Add-EntraServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +T2qU_E28O0GgkLLIYRPsTwE low fc946a4f-bc4d-413b-a090-b2c86113ec4f LicenseManager.AccessAsUser +``` + +This command creates a delegated permission classification for the given permission on the service principal. You can use the command `Get-EntraServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-PermissionId` parameter specifies the ID for a delegated permission. +- `-Classification` parameter specifies the classification for a delegated permission. +- `-PermissionName` parameter specifies the name for a delegated permission. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionId + +The ID for a delegated permission. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionName + +The name for a delegated permission. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Classification + +The classification for a delegated permission. +This parameter can take one of the following values: + +- Low: Specifies a classification for a permission as low impact. + +- Medium: Specifies a classification for a permission as medium impact. + +- High: Specifies a classification for a permission as high impact. + +```yaml +Type: ClassificationEnum +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) + +[Remove-EntraServicePrincipalDelegatedPermissionClassification](Remove-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..0f49565131 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Add-EntraServicePrincipalOwner.md @@ -0,0 +1,105 @@ +--- +title: Add-EntraServicePrincipalOwner +description: This article provides details on the Add-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Add-EntraServicePrincipalOwner + +## Synopsis + +Adds an owner to a service principal. + +## Syntax + +```powershell +Add-EntraServicePrincipalOwner + -ServicePrincipalId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Add a user as an owner to a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$owner = Get-EntraUser -UserId 'SawyerM@contoso.com' +Add-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -RefObjectId $owner.Id +``` + +This example demonstrates how to add an owner to a service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. +- `-RefObjectId` parameter specifies the user object ID. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) + +[Get-EntraUser](../Users/Get-EntraUser.md) + +[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplication.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplication.md new file mode 100644 index 0000000000..ebae562fd6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplication.md @@ -0,0 +1,276 @@ +--- +title: Get-EntraApplication +description: This article provides details on the Get-EntraApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplication + +schema: 2.0.0 +--- + +# Get-EntraApplication + +## Synopsis + +Gets an application. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraApplication + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraApplication + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraApplication + -ApplicationId + [-Property ] + [-All] + [] +``` + +## Description + +The `Get-EntraApplication` cmdlet gets a Microsoft Entra ID application. + +## Examples + +### Example 1: Get an application by ApplicationId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication -ApplicationId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +ToGraph_443democc3c aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This example demonstrates how to retrieve specific application by providing ID. + +### Example 2: Get all applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication -All +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +test app aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADandPersonalMicrosoftAccount contoso.com +ToGraph_443DEM cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +test adms eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADandPersonalMicrosoftAccount contoso.com +test adms app azure gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADandPersonalMicrosoftAccount contoso.com +test adms2 iiiiiiii-aaaa-bbbb-cccc-jjjjjjjjjjjj jjjjjjjj-bbbb-cccc-dddd-kkkkkkkkkkkk AzureADandPersonalMicrosoftAccount contoso.com +``` + +This example demonstrates how to get all applications from Microsoft Entra ID. + +### Example 3: Get applications with expiring secrets + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication | + Where-Object { + $_.PasswordCredentials.keyId -ne $null -and + $_.PasswordCredentials.EndDateTime -lt (Get-Date).AddDays(30) + } | + ForEach-Object { + $_.DisplayName, + $_.Id, + $_.PasswordCredentials + } +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + AppOne 8/19/2024 9:00:00 PM 1jQ aaaaaaaa-0b0b-1c1c-2d2d-333333333333 8/6/2024 6:07:47 PM +``` + +This example retrieves applications with expiring secrets within 30 days. + +### Example 4: Get an application by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication -Filter "DisplayName eq 'ToGraph_443DEMO'" +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +ToGraph_443DEMO cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +``` + +In this example, we retrieve application by its display name from Microsoft Entra ID. + +### Example 5: Search among retrieved applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication -SearchString 'My new application 2' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application 2 kkkkkkkk-cccc-dddd-eeee-llllllllllll llllllll-dddd-eeee-ffff-mmmmmmmmmmmm AzureADandPersonalMicrosoftAccount contoso.com +``` + +This example demonstrates how to retrieve applications for specific string from Microsoft Entra ID. + +### Example 6: Retrieve an application by identifierUris + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplication -Filter "identifierUris/any(uri:uri eq 'https://wingtips.wingtiptoysonline.com')" +``` + +This example demonstrates how to retrieve applications by its identifierUris from Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplication](New-EntraApplication.md) + +[Remove-EntraApplication](Remove-EntraApplication.md) + +[Set-EntraApplication](Set-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..7bb9eabfd6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraApplicationExtensionProperty +description: This article provides details on the Get-EntraApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Get-EntraApplicationExtensionProperty + +## Synopsis + +Gets application extension properties. + +## Syntax + +```powershell +Get-EntraApplicationExtensionProperty + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. + +## Examples + +### Example 1: Get extension properties + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraApplicationExtensionProperty -ApplicationId $application.Id +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ------------- ---------------------- ---- ------------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} +``` + +This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraApplication` to get application ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) + +[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..0fba894e79 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationKeyCredential.md @@ -0,0 +1,89 @@ +--- +title: Get-EntraApplicationKeyCredential +description: This article provides details on the Get-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraApplicationKeyCredential + +## Synopsis + +Gets the key credentials for an application. + +## Syntax + +```powershell +Get-EntraApplicationKeyCredential + -ObjectId + [] +``` + +## Description + +The `Get-EntraApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. + +## Examples + +### Example 1: Get key credentials + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationKeyCredential -ObjectId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- +{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify +``` + +This command gets the key credentials for the specified application. + +`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) + +[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationLogo.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationLogo.md new file mode 100644 index 0000000000..7e66e4beec --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationLogo.md @@ -0,0 +1,137 @@ +--- +title: Get-EntraApplicationLogo +description: This article provides details on the Get-EntraApplicationLogo command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationLogo + +schema: 2.0.0 +--- + +# Get-EntraApplicationLogo + +## Synopsis + +Retrieve the logo of an application. + +## Syntax + +```powershell +Get-EntraApplicationLogo + -ApplicationId + [-FileName ] + [-View ] + [-FilePath ] + [] +``` + +## Description + +The `Get-EntraApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. + +## Examples + +### Example 1: Get an application logo for an application by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraApplicationLogo -ApplicationId $application.Id -FilePath 'D:\outfile1.jpg' +``` + +This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. + +## Parameters + +### -FileName + +If provided, the application logo is saved to the file using the specified file name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FilePath + +If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the application for which the logo is to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -View + +If set to $true, the application's logo is displayed in a new window on the screen. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +### System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraApplicationLogo](Set-EntraApplicationLogo.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationOwner.md new file mode 100644 index 0000000000..8e2da80aeb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationOwner.md @@ -0,0 +1,212 @@ +--- +title: Get-EntraApplicationOwner +description: This article provides details on the Get-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Get-EntraApplicationOwner + +## Synopsis + +Gets the owner of an application. + +## Syntax + +```powershell +Get-EntraApplicationOwner + -ApplicationId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. + +## Examples + +### Example 1: Get the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraApplicationOwner -ApplicationId $application.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 2: Get the details about the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -SearchString '' +$applicationOwners = Get-EntraApplicationOwner -ObjectId $application.ObjectId +$ownerDetails = $applicationOwners | ForEach-Object { + $ownerDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + displayName = $ownerDetail.displayName + Id = $ownerDetail.Id + UserPrincipalName = $ownerDetail.UserPrincipalName + UserType = $ownerDetail.UserType + accountEnabled = $ownerDetail.accountEnabled + } +} +$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize +``` + +```Output +displayName Id UserPrincipalName UserType accountEnabled +----------- -- ----------------- -------- -------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True +Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. + +### Example 3: Get all owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraApplicationOwner -ApplicationId $application.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 4: Get top two owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraApplicationOwner -ApplicationId $application.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) + +[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..734049b959 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Get-EntraApplicationPasswordCredential +description: This article provides details on the Get-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraApplicationPasswordCredential + +## Synopsis + +Gets the password credential for an application. + +## Syntax + +```powershell +Get-EntraApplicationPasswordCredential + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. + +## Examples + +### Example 1: Get password credential for specified application + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 +``` + +This example shows how to retrieve the password credential for specified application. + +- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ApplicationId + +The ApplicationId of the application for which to get the password credential. Use `Get-EntraApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationServiceEndpoint.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationServiceEndpoint.md new file mode 100644 index 0000000000..f6f2422c71 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationServiceEndpoint.md @@ -0,0 +1,167 @@ +--- +title: Get-EntraApplicationServiceEndpoint +description: This article provides details on the Get-EntraApplicationServiceEndpoint command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationServiceEndpoint + +schema: 2.0.0 +--- + +# Get-EntraApplicationServiceEndpoint + +## Synopsis + +Retrieve the service endpoint of an application. + +## Syntax + +```powershell +Get-EntraApplicationServiceEndpoint + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. + +The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. + +Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. + +## Examples + +### Example 1: Retrieve the application service endpoint by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id +``` + +This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 2: Get all service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -All +``` + +This example demonstrates how to retrieve all service endpoints of a specified application. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 3: Get top five service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" +Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -Top 5 +``` + +This example demonstrates how to retrieve five service endpoints of a specified application. + +`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -All + +Return all service endpoints. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the object ID of the application for which the service endpoint is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of results that are returned. +The default is 100. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationTemplate.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationTemplate.md new file mode 100644 index 0000000000..bc2961b62f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraApplicationTemplate.md @@ -0,0 +1,174 @@ +--- +title: Get-EntraApplicationTemplate +description: This article provides details on the Get-EntraApplicationTemplate command. + + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraApplicationTemplate +schema: 2.0.0 +--- + +# Get-EntraApplicationTemplate + +## Synopsis + +Retrieve a list of applicationTemplate objects. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraApplicationTemplate + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraApplicationTemplate + -Id + [] +``` + +## Description + +The `Get-EntraApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. + +## Examples + +### Example 1. Gets a list of application template objects + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplicationTemplate +``` + +This command gets all the application template objects + +### Example 2. Gets an application template object + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$applicationTemplate = Get-EntraApplicationTemplate -Filter "DisplayName eq 'Dynamics CRM Online'" +Get-EntraApplicationTemplate -Id $applicationTemplate.Id +``` + +```Output +Id Categories Description +-- ---------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses +``` + +This command gets an application template object for the given id. + +- `-Id` Specifies the unique identifier of an application template. + +## Parameters + +### -Id + +The unique identifier of an application template. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplate + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraDeletedApplication.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraDeletedApplication.md new file mode 100644 index 0000000000..f80317c8a2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraDeletedApplication.md @@ -0,0 +1,257 @@ +--- +title: Get-EntraDeletedApplication +description: This article provides details on the Get-EntraDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeletedApplication + +schema: 2.0.0 +--- + +# Get-EntraDeletedApplication + +## Synopsis + +Retrieves the list of previously deleted applications. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDeletedApplication + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraDeletedApplication + [-SearchString ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDeletedApplication` cmdlet Retrieves the list of previously deleted applications. + +Note: Deleted security groups are permanently removed and cannot be retrieved. + +## Examples + +### Example 1: Get list of deleted applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +TestApp3 eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADMyOrg contoso.com +TestApp4 gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADMyOrg contoso.com +``` + +This cmdlet retrieves the list of deleted applications. + +### Example 2: Get list of deleted applications using All parameter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication -All +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +TestApp3 eeeeeeee-6666-7777-8888-ffffffffffff ffffffff-7777-8888-9999-gggggggggggg AzureADMyOrg contoso.com +TestApp4 gggggggg-8888-9999-aaaa-hhhhhhhhhhhh hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii AzureADMyOrg contoso.com +``` + +This cmdlet retrieves the list of deleted applications using All parameter. + +### Example 3: Get top two deleted applications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +TestApp2 cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee AzureADMyOrg contoso.com +``` + +This cmdlet retrieves top two deleted applications. + +### Example 4: Get deleted applications using SearchString parameter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication -SearchString 'TestApp1' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This cmdlet retrieves deleted applications using SearchString parameter. + +### Example 5: Get deleted applications filter by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication -Filter "DisplayName eq 'TestApp1'" +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +TestApp1 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com +``` + +This cmdlet retrieves deleted applications having specified display name. + +### Example 6: Get deleted applications with deletion age in days + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraDeletedApplication | + Select-Object DisplayName, Id, AppId, SignInAudience, PublisherDomain, DeletedDateTime, + @{Name='DeletionAgeInDays'; Expression={(Get-Date) - $_.DeletedDateTime | Select-Object -ExpandProperty Days}} | + Format-Table -AutoSize +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain DeletedDateTime DeletionAgeInDays +----------- -- ----- -------------- --------------- --------------- ----------------- +Entra PowerShell App aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc AzureADMyOrg contoso.com 9/18/2024 7:41:44 AM 1 +``` + +This cmdlet retrieves deleted applications with deletion age in days. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Retrieve only those deleted applications that satisfy the filter. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Retrieve only those applications that satisfy the -SearchString value. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of applications returned by this cmdlet. +The default value is 100. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipal.md new file mode 100644 index 0000000000..72dafff67c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipal.md @@ -0,0 +1,370 @@ +--- +title: Get-EntraServicePrincipal +description: This article provides details on the Get-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipal + +## Synopsis + +Gets a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraServicePrincipal + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraServicePrincipal + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraServicePrincipal + -ServicePrincipalId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal +``` + +```Output +ObjectId AppId DisplayName +-------- ----- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 Demo App +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 Demo Two App +dddddddd-3333-4444-5555-eeeeeeeeeeee 33334444-dddd-5555-eeee-6666ffff7777 ProjectWorkManagement +``` + +This example retrieves all service principals from the directory. + +### Example 2: Retrieve a service principal by ServicePrincipalId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This command retrieves specific service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve all service principals from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -All +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 4: Retrieve top two service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +``` + +This command retrieves top two service principals from the directory. + +### Example 5: Get a service principal by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a service principal by its display name. + +### Example 6: Retrieve a list of all service principal, which has a display name that contains "Helpdesk Application" + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -SearchString 'Helpdesk Application' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a list of service principal, which has the specified display name. + +### Example 7: Retrieve all Enterprise apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all enterprise apps. + +### Example 8: Retrieve all App proxy apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all app proxy apps. + +### Example 9: Retrieve all disabled apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "accountEnabled eq false" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all disabled apps. + +### Example 10: Retrieve all Global Secure Access apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all Global secure access apps. + +### Example 11: List all applications without user assignment + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all applications without user assignment. + +### Example 12: List all SAML application details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" +$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize +``` + +```Output +Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses +-- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- +00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} +``` + +This example demonstrates how to retrieve all SAML application details. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.md new file mode 100644 index 0000000000..20ee6e4cea --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.md @@ -0,0 +1,194 @@ +--- +title: Get-EntraServicePrincipalAppRoleAssignedTo +description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignedTo command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalAppRoleAssignedTo + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalAppRoleAssignedTo + +## Synopsis + +Gets app role assignments for this app or service, granted to users, groups and other service principals. + +## Syntax + +```powershell +Get-EntraServicePrincipalAppRoleAssignedTo + -ServicePrincipalId + [-All ] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups and other service principals. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id +``` + +This example shows how to get app role assignments for an app or service, granted to users, groups and other service principals. + +- The first command gets the ID of a service principal and stores it in the $ServicePrincipalId variable. + +- The second command gets the app role assignments for the service principal granted to users, groups and other service principals. + +### Example 2: Get all app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -All +``` + +```output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets the all app role assignments for the service principal granted to users, groups and other service principals. + +### Example 3: Get five app role assignments + +```powershell +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -Top 5 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets the five app role assignments for the service principal granted to users, groups and other service principals. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +`Get-EntraServiceAppRoleAssignedTo` is an alias for `Get-EntraServicePrincipalAppRoleAssignedTo`. + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..b26fd69f7f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Gets a service principal application role assignment. + +## Syntax + +```powershell +Get-EntraServicePrincipalAppRoleAssignment + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 29-02-2024 05:53:00 Ask HR aaaaaaaa-bbbb-cccc-1111-222222222222 Group M365 License Manager +``` + +This command gets application role assignments for specified service principal. + +- The first command gets the ID of a service principal by using the Get-EntraServicePrincipal (./Get-EntraServicePrincipal.md) cmdlet. The command stores the ID in the $ServicePrincipalId variable. + +- The second command gets the application role assignments for the service principal in identified by $ServicePrincipalId. + +### Example 2: Retrieve all application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets all application role assignments for specified service principal. + +### Example 3: Retrieve the top five application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -Top 3 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets three application role assignments for specified service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraServiceAppRoleAssignment` is an alias for `Get-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) + +[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalCreatedObject.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalCreatedObject.md new file mode 100644 index 0000000000..aff6fd5cf6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalCreatedObject.md @@ -0,0 +1,155 @@ +--- +title: Get-EntraServicePrincipalCreatedObject +description: This article provides details on the Get-EntraServicePrincipalCreatedObject command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalCreatedObject + +## Synopsis + +Get objects created by a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalCreatedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the objects that created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id +``` + +This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve the all objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -All +``` + +This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve the top two objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -Top 2 +``` + +This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..81b1ad1973 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,194 @@ +--- +title: Get-EntraServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Get-EntraServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Retrieve the delegated permission classification objects on a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. + +## Examples + +### Example 1: Get a list of delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile +``` + +This command retrieves all delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. + +### Example 2: Get a delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$permissionClassification = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" +Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +### Example 3: Get a delegated permission classification with filter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the filtered delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Remove-EntraServicePrincipalDelegatedPermissionClassification](Remove-EntraServicePrincipalDelegatedPermissionClassification.md) + +[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..130d49e187 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalKeyCredential.md @@ -0,0 +1,91 @@ +--- +title: Get-EntraServicePrincipalKeyCredential +description: This article provides details on the Get-EntraServicePrincipalKeyCredential Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalKeyCredential + +## Synopsis + +Get key credentials for a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalKeyCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the key credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- + 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign +``` + +This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal object Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the application for which to get the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) + +[Remove-EntraServicePrincipalKeyCredential](Remove-EntraServicePrincipalKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalMembership.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalMembership.md new file mode 100644 index 0000000000..b4b4ad12d5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalMembership.md @@ -0,0 +1,178 @@ +--- +title: Get-EntraServicePrincipalMembership +description: This article provides details on the Get-EntraServicePrincipalMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalMembership + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalMembership + +## Synopsis + +Get a service principal membership. + +## Syntax + +```powershell +Get-EntraServicePrincipalMembership + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +``` + +This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve all memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 +33334444-dddd-5555-eeee-6666ffff7777 +``` + +This command gets all memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve top two memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 + +``` + +This command gets top two memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.md new file mode 100644 index 0000000000..a931ca305f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.md @@ -0,0 +1,171 @@ +--- +title: Get-EntraServicePrincipalOAuth2PermissionGrant +description: This article provides details on the Get-EntraServicePrincipalOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOAuth2PermissionGrant + +## Synopsis + +Gets an oAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraServicePrincipalOAuth2PermissionGrant +-ServicePrincipalId +[-All] +[-Top ] +[-Property ] +[] +``` + +## Description + +The `Get-EntraServicePrincipalOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id +``` + +```output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +### Example 2: Get all OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals A1bC2dE3f... openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +### Example 3: Get two OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -Top 2 +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This example demonstrates how to get top two oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwnedObject.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwnedObject.md new file mode 100644 index 0000000000..39d58ce217 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwnedObject.md @@ -0,0 +1,176 @@ +--- +title: Get-EntraServicePrincipalOwnedObject +description: This article provides details on the Get-EntraServicePrincipalOwnedObject Command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOwnedObject + +## Synopsis + +Gets an object owned by a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalOwnedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The command retrieves the owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 2: Retrieve the all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 3: Retrieve top one owned object of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..873b880471 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalOwner.md @@ -0,0 +1,181 @@ +--- +title: Get-EntraServicePrincipalOwner +description: This article provides details on the Get-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOwner + +## Synopsis + +Get the owner of a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalOwner + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owner of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This example gets the owners of a specified service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 2: Retrieve all the owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -All +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This command gets all the owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 3: Retrieve top two owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -Top 2 +``` + +```Output +Id userPrincipalName displayName @odata.type +-- ----------------- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user +bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user +``` + +This command gets top two owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..5606fcb1bb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Get-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,93 @@ +--- +title: Get-EntraServicePrincipalPasswordCredential +description: This article provides details on the Get-EntraServicePrincipalPasswordCredential Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalPasswordCredential + +## Synopsis + +Get credentials for a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the password credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 + 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 + 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 +``` + +This example retrieves the password credentials for specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the service principal for which to get password credentials. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) + +[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplication.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplication.md new file mode 100644 index 0000000000..dd107d7709 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplication.md @@ -0,0 +1,490 @@ +--- +title: New-EntraApplication +description: This article provides details on the New-EntraApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplication + +schema: 2.0.0 +--- + +# New-EntraApplication + +## Synopsis + +Creates (registers) a new application object. + +## Syntax + +```powershell +New-EntraApplication + -DisplayName + [-AddIns ] + [-PasswordCredentials ] + [-TokenEncryptionKeyId ] + [-SignInAudience ] + [-KeyCredentials ] + [-ParentalControlSettings ] + [-IdentifierUris ] + [-AppRoles ] + [-PublicClient ] + [-InformationalUrl ] + [-Tags ] + [-Api ] + [-OptionalClaims ] + [-GroupMembershipClaims ] + [-Web ] + [-IsFallbackPublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-RequiredResourceAccess ] + [] +``` + +## Description + +Creates (registers) a new application object. Specify the `DisplayName` parameter to create a new application. + +## Examples + +### Example 1: Create an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +New-EntraApplication -DisplayName 'My new application' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 2: Create an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +New-EntraApplication -DisplayName 'My new application' -IdentifierUris 'https://mynewapp.contoso.com' +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +### Example 3: Create an application using AddIns parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$addin = New-Object Microsoft.Open.MSGraph.Model.AddIn +$addin.Type = 'testtype' +$addinproperties = New-Object System.collections.Generic.List[Microsoft.Open.MSGraph.Model.KeyValue] +$addinproperties.Add([Microsoft.Open.MSGraph.Model.KeyValue]@{ Key = "key"; Value = "value" }) +$addin.Properties = $addinproperties +New-EntraApplication -DisplayName 'My new application' -AddIns $addin +``` + +```Output +DisplayName Id AppId SignInAudience PublisherDomain +----------- -- ----- -------------- --------------- +My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com +``` + +This command creates an application in Microsoft Entra ID. + +## Parameters + +### -AddIns + +Defines custom behavior that a consuming service can use to call an app in specific contexts. + +For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. + +This will let services like Office 365 call the application in the context of a document the user is working on. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +User-defined URI(s) that uniquely identify a Web application within its Microsoft Entra ID tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant. + +The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Microsoft Entra ID PowerShell cmdlet parameter). + +Extra URIs can be added via the application manifest; see Understanding the Microsoft Entra ID Application Manifest for details. + +This collection is also used to populate the Web application's servicePrincipalNames collection. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is false that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). +Default is false. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.Add-in] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System. Nullable`1[System.Boolean] + +## Outputs + +### Microsoft.Open.MSGraph.Model.MsApplication + +## Notes + +- See more details - + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[Remove-EntraApplication](Remove-EntraApplication.md) + +[Set-EntraApplication](Set-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..0b212e34c9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationExtensionProperty.md @@ -0,0 +1,198 @@ +--- +title: New-EntraApplicationExtensionProperty +description: This article provides details on the New-EntraApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# New-EntraApplicationExtensionProperty + +## Synopsis + +Creates an application extension property. + +## Syntax + +```powershell +New-EntraApplicationExtensionProperty + -ApplicationId + -Name + [-DataType ] + [-TargetObjects ] + [] +``` + +## Description + +The `New-EntraApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Create an extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute' +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the string type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. + +### Example 2: Create an extension property with data type parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute1' -DataType 'Boolean' +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the specified data type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-DataType` parameter specifies the data type of the value the extension property can hold. + +### Example 3: Create an extension property with targets parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$targets = New-Object System.Collections.Generic.List[System.String] +$targets.Add('User') +New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute2' -TargetObjects $targets +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} +``` + +The example shows how to create an application extension property with the specified target objects for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. + +## Parameters + +### -DataType + +Specifies the data type of the value the extension property can hold. Following values are supported. + +- Binary - 256 bytes maximum +- Boolean +- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. +- Integer - 32-bit value. +- LargeInteger - 64-bit value. +- String - 256 characters maximum + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Specifies the name of the extension property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjects + +Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. + +- User +- Group +- AdministrativeUnit +- Application +- Device +- Organization + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) + +[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationFromApplicationTemplate.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationFromApplicationTemplate.md new file mode 100644 index 0000000000..4d206cce91 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationFromApplicationTemplate.md @@ -0,0 +1,108 @@ +--- +title: New-EntraApplicationFromApplicationTemplate +description: This article provides details on the New-EntraApplicationFromApplicationTemplate command. + + +ms.service: entra +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationFromApplicationTemplate +schema: 2.0.0 +--- + +# New-EntraApplicationFromApplicationTemplate + +## Synopsis + +Add an instance of an application from the Microsoft Entra application gallery into your directory. + +## Syntax + +```powershell +New-EntraApplicationFromApplicationTemplate + -Id + -DisplayName + [] +``` + +## Description + +The `New-EntraApplicationFromApplicationTemplate` cmdlet adds an instance of an application from the Microsoft Entra application gallery into your directory. + +The application template with ID `8adf8e6e-67b2-4cf2-a259-e3dc5476c621` can be used to add a non-gallery app that you can configure different single-sign on (SSO) modes like SAML SSO and password-based SSO. + +## Examples + +### Example 1: Creates an application from application template + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$applicationTemplate = Get-EntraApplicationTemplate -Filter "DisplayName eq 'SAP Fieldglass'" +New-EntraApplicationFromApplicationTemplate -Id $applicationTemplate.Id -DisplayName 'Contoso SAP App' +``` + +```Output +@odata.context servicePrincipal +-------------- ---------------- +https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.applicationServicePrincipal @{oauth2PermissionScopes=System.Object[]; servicePrincipalType=Application; displ...} +``` + +This command instantiates a new application based on application template referenced by the ID. + +- `-Id` specifies Application TemplateId. +- `-DisplayName` specifies application template display name. + +## Parameters + +### -Id + +The Id parameter specifies Application TemplateId. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Application template display name. + +```yaml +Type: System.ApplicationTemplateDisplayName +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplateCopy + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKey.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKey.md new file mode 100644 index 0000000000..d5379f081b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKey.md @@ -0,0 +1,155 @@ +--- +title: New-EntraApplicationKey +description: This article provides details on the New-EntraApplicationKey command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationKey + +schema: 2.0.0 +--- + +# New-EntraApplicationKey + +## Synopsis + +Adds a new key to an application. + +## Syntax + +```powershell +New-EntraApplicationKey + -ObjectId + -KeyCredential + -PasswordCredential ] + -Proof + [] +``` + +## Description + +Adds a new key to an application. + +## Examples + +### Example 1: Add a key credential to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq ''" +$params = @{ + ApplicationId = $application.Id + KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } + PasswordCredential = @{ DisplayName = 'mypassword' } + Proof = '{token}' +} + +New-EntraApplicationKey @params +``` + +This command adds a key credential to an specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyCredential` parameter specifies the application key credential to add. +- `-PasswordCredential` parameter specifies the application password credential to add. +- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. + +## Parameters + +### -KeyCredential + +The application key credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: KeyCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +The application password credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +A signed JWT token used as a proof of possession of the existing keys. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.KeyCredential + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +### Microsoft.Open.MSGraph.Model.KeyCredential + +## Notes + +## Related Links + +[Remove-EntraApplicationKey](Remove-EntraApplicationKey.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..54bc059a63 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationKeyCredential.md @@ -0,0 +1,255 @@ +--- +title: New-EntraApplicationKeyCredential +description: This article provides details on the New-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# New-EntraApplicationKeyCredential + +## Synopsis + +Creates a key credential for an application. + +## Syntax + +```powershell +New-EntraApplicationKeyCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-Type ] + [-Usage ] + [-Value ] + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraApplicationKeyCredential` cmdlet creates a key credential for an application. + +An application can use this command along with `Remove-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. + +As part of the request validation, proof of possession of an existing key is verified before the action can be performed. + +## Examples + +### Example 1: Create a new application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$params = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = 'EntraPowerShellKey' + StartDate = '2024-03-21T14:14:14Z' + Type = 'Symmetric' + Usage = 'Sign' + Value = '' +} +New-EntraApplicationKeyCredential @params +``` + +```Output +CustomKeyIdentifier : {84, 101, 115, 116} +EndDate : 2024-03-21T14:14:14Z +KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +StartDate : 2025-03-21T14:14:14Z +Type : Symmetric +Usage : Sign +Value : {49, 50, 51} +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +You can use the `Get-EntraApplication` cmdlet to retrieve the application Object ID. + +### Example 2: Use a certificate to add an application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object +$cer.Import('C:\Users\ContosoUser\appcert.cer') +$bin = $cer.GetRawCertData() +$base64Value = [System.Convert]::ToBase64String($bin) +$bin = $cer.GetCertHash() +$base64Thumbprint = [System.Convert]::ToBase64String($bin) +$keyid = [System.Guid]::NewGuid().ToString() + +$params = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = $base64Thumbprint + Type = 'AsymmetricX509Cert' + Usage = 'Verify' + Value = $base64Value + StartDate = $cer.GetEffectiveDateString() + EndDate = $cer.GetExpirationDateString() +} +New-EntraApplicationKeyCredential @params +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +## Parameters + +### -CustomKeyIdentifier + +Specifies a custom key ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +Specifies the time when the key becomes invalid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +Specifies the time when the key becomes valid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of the key. + +```yaml +Type: KeyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Usage + +Specifies the key usage. + +- `AsymmetricX509Cert`: The usage must be `Verify`. +- `X509CertAndPassword`: The usage must be `Sign`. + +```yaml +Type: KeyUsage +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Value + +Specifies the value for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) + +[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPassword.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPassword.md new file mode 100644 index 0000000000..c3ad56de89 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPassword.md @@ -0,0 +1,116 @@ +--- +title: New-EntraApplicationPassword +description: This article provides details on the New-EntraApplicationPassword command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationPassword + +schema: 2.0.0 +--- + +# New-EntraApplicationPassword + +## Synopsis + +Adds a strong password to an application. + +## Syntax + +```powershell +New-EntraApplicationPassword + -ApplicationId + -PasswordCredential + [] +``` + +## Description + +Adds a strong password to an application. + +## Examples + +### Example 1: Add a password to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$passwordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential +$passwordCredential.StartDateTime = Get-Date -Year 2024 -Month 10 -Day 23 +$passwordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 +$passwordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Analytics App Password') +$passwordCredential.Hint = 'analytics' +$passwordCredential.DisplayName = 'Analytics App Password' +New-EntraApplicationPassword -ApplicationId $application.Id -PasswordCredential $passwordCredential +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM +``` + +This example adds a password to the specified application. + +- `-ApplicationId` parameter specifies the unique identifier of the application. +- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. + +## Parameters + +### -ApplicationId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +Represents a password credential associated with an application or a service principal. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraApplicationPassword](Remove-EntraApplicationPassword.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..24d92ce324 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraApplicationPasswordCredential.md @@ -0,0 +1,200 @@ +--- +title: New-EntraApplicationPasswordCredential +description: This article provides details on the New-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraApplicationPasswordCredential + +## Synopsis + +Creates a password credential for an application. + +## Syntax + +```powershell +New-EntraApplicationPasswordCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-StartDate ] + [-EndDate ] + [] +``` + +## Description + +The `New-EntraApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +New-EntraApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. + +### Example 2: Create a password credential using CustomKeyIdentifier parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +100 101 109 111 demo 8/2/2026 11:47:53 AM 8Mw tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 8/2/2024 11:47:53 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-CustomKeyIdentifier` Speicifies unique binary identifier. + +### Example 3: Create a password credential using StartDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$startDate = (Get-Date).AddYears(0) +New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -StartDate $startDate +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-StartDate` Speicifies the date and time at which the password becomes valid. + +### Example 4: Create a password credential using EndDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$endDate = (Get-Date).AddYears(2) +New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -EndDate $endDate +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-EndDate` Speicifies The date and time at which the password expires. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -CustomKeyIdentifier + +A unique binary identifier. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +The date and time at which the password expires. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) + +[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipal.md new file mode 100644 index 0000000000..58fdb0f0ac --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipal.md @@ -0,0 +1,397 @@ +--- +title: New-EntraServicePrincipal +description: This article provides details on the New-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraServicePrincipal + +schema: 2.0.0 +--- + +# New-EntraServicePrincipal + +## Synopsis + +Creates a service principal. + +## Syntax + +```powershell +New-EntraServicePrincipal + -AppId + [-KeyCredentials ] + [-Homepage ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +Create a new service Principal. + +For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: + +- Application Administrator +- Cloud Application Administrator + +For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. + +## Examples + +### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +$params = @{ + AccountEnabled = $true + AppId = $application.AppId + AppRoleAssignmentRequired = $true + DisplayName = $application.DisplayName + Tags = {WindowsAzureActiveDirectoryIntegratedApp} +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. + +- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-DisplayName` parameter specifies the service principal display name. +- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. + +### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +$params = @{ + AppId = $application.AppId + Homepage = 'https://localhost/home' + LogoutUrl = 'htpp://localhost/logout' + ReplyUrls = 'https://localhost/redirect' +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-Homepage` parameter specifies the home page or landing page of the application. +- `-LogoutUrl` parameter specifies the logout URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 3: Create a new service principal by KeyCredentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2023 -Month 10 -Day 23 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') +$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" + +New-EntraServicePrincipal -AppId $application.AppId -KeyCredentials $creds +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. + +### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" +New-EntraServicePrincipal -AppId $application.AppId -AlternativeNames 'sktest2' -ServicePrincipalType 'Application' -ServicePrincipalNames $application.AppId +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADandPersonalMicrosoftAccount Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-AlternativeNames` parameter specifies the alternative names for this service principal. +- `-ServicePrincipalType` parameter specifies the type of the service principal. +- `-ServicePrincipalNames` parameter specifies an array of service principal names. + +## Parameters + +### -AccountEnabled + +True if the service principal account is enabled; otherwise, false. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +The unique identifier for the associated application (its appId property). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the service principal display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the service principal. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the logout URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies an array of service principal names. +Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. +A client uses ServicePrincipalNames to: + +- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. +- Specify a resource URI to acquire an access token, which is the URI returned in the claim. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The type of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Tags linked to this service principal. + +Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..519fa1e806 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,226 @@ +--- +title: New-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the New-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Assigns a service principal to an application role. + +## Syntax + +```powershell +New-EntraServicePrincipalAppRoleAssignment + -ObjectId + -PrincipalId + -Id + -ResourceId + [] +``` + +## Description + +The `New-EntraServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Assign an app role to a service principal + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$resourceServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Microsoft Graph'" +$appRole = $resourceServicePrincipal.AppRoles | Where-Object { $_.Value -eq "User.ReadBasic.All" } + +New-EntraServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -Id $appRole.Id -ResourceId $resourceServicePrincipal.Id +``` + +### Example 2: Assign an app role to another service principal + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" +New-EntraServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -ResourceId $servicePrincipalObject.Id -Id $servicePrincipalObject.Approles[1].Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. + +- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. +- `-ResourceId`parameter specifies the ObjectId of the resource service principal. +- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. +- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. + +### Example 3: Assign an app role to a user + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" +$user = Get-EntraUser -UserId 'PattiF@Contoso.com' + +New-EntraServicePrincipalAppRoleAssignment ` + -ObjectId $servicePrincipalObject.Id ` + -ResourceId $servicePrincipalObject.Id ` + -Id $servicePrincipalObject.Approles[1].Id ` + -PrincipalId $user.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +``` + +This example demonstrates how to assign an app role to a user in Microsoft Entra ID. +You can use the command `Get-EntraServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraUser` to get a user Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. +- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. + +### Example 4: Assign an app role to a group + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" +$group = Get-EntraGroup -Filter "displayName eq 'Contoso marketing'" + +New-EntraServicePrincipalAppRoleAssignment ` + -ObjectId $servicePrincipalObject.Id ` + -ResourceId $servicePrincipalObject.Id ` + -Id $servicePrincipalObject.Approles[1].Id ` + -PrincipalId $group.Id +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to assign an app role to a group in Microsoft Entra ID. +You can use the command `Get-EntraServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraGroup` to get a group Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. +- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. + +## Parameters + +### -Id + +Specifies the ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies a principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +Specifies a resource ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`New-EntraServiceAppRoleAssignment` is an alias for `New-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) + +[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..12d01aef3a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalKeyCredential.md @@ -0,0 +1,182 @@ +--- +title: New-EntraServicePrincipalKeyCredential +description: This article provides details on the New-EntraServicePrincipalKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# New-EntraServicePrincipalKeyCredential + +## Synopsis + +Creates a password credential for a service principal. + +## Syntax + +```powershell +New-EntraServicePrincipalKeyCredential + -ObjectId + [-CustomKeyIdentifier ] + [-StartDate ] + [-EndDate ] + [-Type ] + [-Usage ] + [-Value ] + [] +``` + +## Description + +The New-EntraServicePrincipalKeyCredential cmdlet creates a key credential for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Create a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +New-EntraServicePrincipalKeyCredential +``` + +This command creates a key credential for a service principal. + +## Parameters + +### -CustomKeyIdentifier + +Specifies a custom key ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +Specifies the time when the key becomes invalid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies an object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +Specifies the time when the key becomes valid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of the key. + +```yaml +Type: KeyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Usage + +Specifies the key usage. + +```yaml +Type: KeyUsage +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Value + +Specifies the value for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalKeyCredential](Get-EntraServicePrincipalKeyCredential.md) + +[Remove-EntraServicePrincipalKeyCredential](Remove-EntraServicePrincipalKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..9c00e75b9c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/New-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,160 @@ +--- +title: New-EntraServicePrincipalPasswordCredential +description: This article provides details on the New-EntraServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraServicePrincipalPasswordCredential + +## Synopsis + +Creates a password credential for a service principal. + +## Syntax + +```powershell +New-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential with StartDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +New-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -StartDate '2024-11-04T14:14:14Z' +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-StarteDate` parameter specifies the date and time at which the password becomes valid. + +### Example 2: Create a password credential with EndDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +New-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -EndDate '2024-11-04T14:14:14Z' +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. + +## Parameters + +### -EndDate + +The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) + +[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplication.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplication.md new file mode 100644 index 0000000000..02034c0eeb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplication.md @@ -0,0 +1,93 @@ +--- +title: Remove-EntraApplication +description: This article provides details on the Remove-EntraApplication command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplication + +schema: 2.0.0 +--- + +# Remove-EntraApplication + +## Synopsis + +Deletes an application object. + +## Syntax + +```powershell +Remove-EntraApplication + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. + +## Examples + +### Example 1: Remove an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraApplication -ApplicationId $application.Id +``` + +This example demonstrates how to delete an application object. + +### Example 2: Remove an application using pipelining + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" | Remove-EntraApplication +``` + +This example demonstrates how to delete an application object using pipelining. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[New-EntraApplication](New-EntraApplication.md) + +[Set-EntraApplication](Set-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..8080bdf285 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationExtensionProperty.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraApplicationExtensionProperty +description: This article provides details on the Remove-EntraApplicationExtensionProperty command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Remove-EntraApplicationExtensionProperty + +## Synopsis + +Removes an application extension property. + +## Syntax + +```powershell +Remove-EntraApplicationExtensionProperty + -ExtensionPropertyId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$extension = Get-EntraApplicationExtensionProperty -ApplicationId $application.Id | Where-Object {$_.Name -eq 'extension_3ed1a24748dd4e4cb91fc0ab09576ff0_NewAttribute'} +Remove-EntraApplicationExtensionProperty -ApplicationId $application.Id -ExtensionPropertyId $extension.Id +``` + +This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. + +## Parameters + +### -ExtensionPropertyId + +Specifies the unique ID of the extension property to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) + +[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKey.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKey.md new file mode 100644 index 0000000000..93dc1591cd --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKey.md @@ -0,0 +1,127 @@ +--- +title: Remove-EntraApplicationKey +description: This article provides details on the Remove-EntraApplicationKey command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationKey + +schema: 2.0.0 +--- + +# Remove-EntraApplicationKey + +## Synopsis + +Removes a key from an application. + +## Syntax + +```powershell +Remove-EntraApplicationKey + -ApplicationId + [-Proof ] + [-KeyId ] + [] +``` + +## Description + +Removes a key from an application. + +## Examples + +### Example 1: Remove a key credential from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraApplicationKey -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -Proof '{token}' +``` + +This command removes the specified key credential from the specified application. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. +- `-Proof` parameter specifies the JWT token provided as a proof of possession. + +## Parameters + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The key Id corresponding to the key object to be removed. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +The JWT token provided as a proof of possession. + +A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: + +- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. +- `iss`: Issuer needs to be the ID of the application that initiates the request. +- `nbf`: Not before time. +- `exp`: Expiration time should be the value of nbf + 10 minutes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationKey](New-EntraApplicationKey.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..36ee7a4025 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationKeyCredential.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraApplicationKeyCredential +description: This article provides details on the Remove-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraApplicationKeyCredential + +## Synopsis + +Removes a key credential from an application. + +## Syntax + +```powershell +Remove-EntraApplicationKeyCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraApplicationKeyCredential` cmdlet removes a key credential from an application. + +An application can use this command along with `New-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Remove-EntraApplicationKeyCredential -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +``` + +This command removes the specified key credential from the specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-KeyId` Specifies a custom key ID. Use `Get-EntraApplicationKeyCredential` to get the keyId details. + +## Parameters + +### -KeyId + +Specifies a custom key ID. The unique identifier for the password. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) + +[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationOwner.md new file mode 100644 index 0000000000..e6a029b2e6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationOwner.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraApplicationOwner +description: This article provides details on the Remove-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Remove-EntraApplicationOwner + +## Synopsis + +Removes an owner from an application. + +## Syntax + +```powershell +Remove-EntraApplicationOwner + -OwnerId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Remove-EntraApplicationOwner @params +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$owner = Get-EntraApplicationOwner -ApplicationId $application.Id | Where-Object {$_.userPrincipalName -eq 'SawyerM@contoso.com'} +Remove-EntraApplicationOwner -ApplicationId $application.Id -OwnerId $owner.Id +``` + +This example removes the specified owner from the specified application. You can use the command `Get-EntraApplication` to get application Id. + +- `-ApplicationId` parameter specifies the the unique identifier of a application. +- `-OwnerId` parameter specifies the ID of the owner. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) + +[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPassword.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPassword.md new file mode 100644 index 0000000000..974b4f4aa2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPassword.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraApplicationPassword +description: This article provides details on the Remove-EntraApplicationPassword command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationPassword + +schema: 2.0.0 +--- + +# Remove-EntraApplicationPassword + +## Synopsis + +Remove a password from an application. + +## Syntax + +```powershell +Remove-EntraApplicationPassword + -ObjectId + [-KeyId ] + [] +``` + +## Description + +Remove a password from an application. + +## Examples + +### Example 1: Removes a password from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$applicationPassword = Get-EntraApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'CRM Helpdesk App'} +Remove-EntraApplicationPassword -ObjectId $application.Id -KeyId $applicationPassword.KeyId +``` + +This example removes the specified password from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. + +## Parameters + +### -ObjectId + +The unique identifier of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The unique identifier for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationPassword](New-EntraApplicationPassword.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..34ccf9a29d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraApplicationPasswordCredential +description: This article provides details on the Remove-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraApplicationPasswordCredential + +## Synopsis + +Removes a password credential from an application. + +## Syntax + +```powershell +Remove-EntraApplicationPasswordCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq 'Contoso Helpdesk Application'" +$applicationPassword = Get-EntraApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} +Remove-EntraApplicationPasswordCredential -ApplicationId $application.Id -KeyId $applicationPassword.KeyId +``` + +This example demonstrates how to remove the password credential for an application. + +- `ApplicationId` Specifies the ID of the application. Use `Get-EntraApplication` to get application ObjectId value. +- `KeyId` Specifies the ID of the password credential. Use `Get-EntraApplicationPasswordCredential` to retrieve a specific credential details. + +## Parameters + +### -KeyId + +Specifies the ID of the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of the application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) + +[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationVerifiedPublisher.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..c81d790901 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraApplicationVerifiedPublisher.md @@ -0,0 +1,83 @@ +--- +title: Remove-EntraApplicationVerifiedPublisher +description: This article provides details on the Remove-EntraApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Remove-EntraApplicationVerifiedPublisher + +## Synopsis + +Removes the verified publisher from an application. + +## Syntax + +```powershell +Remove-EntraApplicationVerifiedPublisher + -AppObjectId + [] +``` + +## Description + +Removes the verified publisher from an application. + +## Examples + +### Example 1: Remove the verified publisher from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "displayName eq 'Contoso Helpdesk Application'" +Remove-EntraApplicationVerifiedPublisher -AppObjectId $application.Id +``` + +This command demonstrates how to remove the verified publisher from an application. + +- `-AppObjectId` parameter specifies the unique identifier of an application. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Set-EntraApplicationVerifiedPublisher](Set-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraDeletedApplication.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraDeletedApplication.md new file mode 100644 index 0000000000..dc3d494f19 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraDeletedApplication.md @@ -0,0 +1,101 @@ +--- +title: Remove-EntraDeletedApplication +description: This article provides details on the Remove-EntraDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDeletedApplication + +schema: 2.0.0 +--- + +# Remove-EntraDeletedApplication + +## Synopsis + +Permanently delete a recently deleted application object from deleted items. + +## Syntax + +```powershell +Remove-EntraDeletedApplication + [-ObjectId] + [] +``` + +## Description + +Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. + +## Examples + +### Example 1: Remove deleted application object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraDeletedApplication -ObjectId $deletedApplication.Id +``` + +This command removes recently deleted application. You can use the command `Get-EntraDeletedApplication` to get deleted application Id. + +- `-ObjectId` parameter specifies the Id of a deleted application. + +### Example 2: Remove deleted application using pipelining + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +Get-EntraDeletedApplication -Filter "DisplayName eq 'My PowerShell Application'" | Remove-EntraDeletedApplication +``` + +This command removes recently deleted application using pipelining. + +## Parameters + +### -ObjectId + +The unique identifier of deleted application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) + +[Restore-EntraDeletedApplication](Restore-EntraDeletedApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipal.md new file mode 100644 index 0000000000..4b98537da4 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipal.md @@ -0,0 +1,85 @@ +--- +title: Remove-EntraServicePrincipal +description: This article provides details on the Remove-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipal + +## Synopsis + +Removes a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipal + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" | Remove-EntraServicePrincipal +``` + +This example demonstrates how to remove a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipal](New-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..11afe9d9d0 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,119 @@ +--- +title: Remove-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the Remove-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Removes a service principal application role assignment. + +## Syntax + +```powershell +Remove-EntraServicePrincipalAppRoleAssignment + -AppRoleAssignmentId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. + +App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Removes a service principal application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$group = Get-EntraGroup -Filter "displayName eq 'Contoso marketing'" +$assignment = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PrincipalId -eq $group.Id} +Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -AppRoleAssignmentId $assignment.Id +``` + +This example demonstrates how to remove a service principal application role assignment for a group in Microsoft Entra ID. + +- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. +- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of the application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Remove-EntraServiceAppRoleAssignment` is an alias for `Remove-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) + +[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..467b145115 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Remove-EntraServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Remove delegated permission classification. + +## Syntax + +```powershell +Remove-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [] +``` + +## Description + +The `Remove-EntraServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. + +## Examples + +### Example 1: Remove a delegated permission classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$permissionClassification = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PermissionName -eq 'Sites.Read.All'} +Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id +``` + +This command deletes the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object Id. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) + +[Add-EntraServicePrincipalDelegatedPermissionClassification](Add-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalKeyCredential.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..d2ef580e33 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalKeyCredential.md @@ -0,0 +1,99 @@ +--- +title: Remove-EntraServicePrincipalKeyCredential +description: This article provides details on the Remove-EntraServicePrincipalKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalKeyCredential + +## Synopsis + +Removes a key credential from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalKeyCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The Remove-EntraServicePrincipalKeyCredential cmdlet removes a key credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All', 'Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$key = Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id +Remove-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.Id +``` + +This example demonstrates how to remove a key credential from a service principal in Microsoft Entra ID. + +## Parameters + +### -KeyId + +Specifies the ID of a key credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalKeyCredential](Get-EntraServicePrincipalKeyCredential.md) + +[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..ef9bad0d69 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalOwner.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraServicePrincipalOwner +description: This article provides details on the Remove-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalOwner + +## Synopsis + +Removes an owner from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalOwner + -OwnerId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes an owner from a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$ownership = Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' +$owner = $ownership | Where-Object {$_.userPrincipalName -eq 'SawyerM@Contoso.com' } +Remove-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -OwnerId $owner.Id +``` + +This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-OwnerId` parameter specifies the service principal owner Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) + +[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..64db9ae038 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Remove-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraServicePrincipalPasswordCredential +description: This article provides details on the Remove-EntraServicePrincipalPasswordCredential command. + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalPasswordCredential + +## Synopsis + +Removes a password credential from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a password credential from a service principal in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$key = Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id +$key = $key | Where-Object {$_.DisplayName -eq 'Helpdesk secret'} +Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.KeyId +``` + +This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ServicePrincipalId of a specified Service Principal Password Credential. +- `-KeyId` parameter specifies the unique identifier of a Password Credential. + +## Parameters + +### -KeyId + +Specifies the unique identifier of password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) + +[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Restore-EntraDeletedApplication.md b/module/docs/entra-powershell-v1.0/Applications/Restore-EntraDeletedApplication.md new file mode 100644 index 0000000000..56eec8e5c5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Restore-EntraDeletedApplication.md @@ -0,0 +1,119 @@ +--- +title: Restore-EntraDeletedApplication +description: This article provides details on the Restore-EntraDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Restore-EntraDeletedApplication + +schema: 2.0.0 +--- + +# Restore-EntraDeletedApplication + +## Synopsis + +Restores a previously deleted application. + +## Syntax + +```powershell +Restore-EntraDeletedApplication + [-IdentifierUris ] + -ObjectId + [] +``` + +## Description + +This cmdlet restores a previously deleted application. + +Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Hybrid Identity Administrator + +## Examples + +### Example 1: Restores a previously deleted application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' +Restore-EntraDeletedApplication -ObjectId $deletedApplication.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraDeletedApplication` cmdlet. + +- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. + +## Parameters + +### -IdentifierUris + +The IdentifierUris of the application that is to be restored. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The ObjectId of the deleted application that is to be restored. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraDeletedApplication](Remove-EntraDeletedApplication.md) + +[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.md b/module/docs/entra-powershell-v1.0/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.md new file mode 100644 index 0000000000..f12f7ccb62 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.md @@ -0,0 +1,104 @@ +--- +title: Select-EntraGroupIdsServicePrincipalIsMemberOf +description: This article provides details on the Select-EntraGroupIdsServicePrincipalIsMemberOf command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsServicePrincipalIsMemberOf + +## Synopsis + +Selects the groups in which a service principal is a member. + +## Syntax + +```powershell +Select-EntraGroupIdsServicePrincipalIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$group.GroupIds = (Get-EntraGroup -Top 10).Id +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $servicePrincipal.Id -GroupIdsForMembershipCheck $group +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command gets the group membership of a group for a specified service principal. Use the command `Get-EntraGroup` to get group Id and `Get-EntraServicePrincipal` to get service principal Id. + +- `-ObjectId` parameter specifies the service principal Id. +- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplication.md b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplication.md new file mode 100644 index 0000000000..45a4cbd8d2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplication.md @@ -0,0 +1,484 @@ +--- +title: Set-EntraApplication +description: This article provides details on the Set-EntraApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraApplication + +schema: 2.0.0 +--- + +# Set-EntraApplication + +## Synopsis + +Updates the properties of an application object. + +## Syntax + +```powershell +Set-EntraApplication + -ApplicationId + [-PasswordCredentials ] + [-TokenEncryptionKeyId ] + [-SignInAudience ] + [-KeyCredentials ] + [-ParentalControlSettings ] + [-IdentifierUris ] + [-AppRoles ] + [-PublicClient ] + [-InformationalUrl ] + [-Tags ] + [-Api ] + [-OptionalClaims ] + [-GroupMembershipClaims ] + [-Web ] + [-DisplayName ] + [-IsFallbackPublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-RequiredResourceAccess ] + [] +``` + +## Description + +Updates the properties of an application object. + +## Examples + +### Example 1: Update an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$params = @{ + ApplicationId = $application.Id + DisplayName = 'Contoso Entra PowerShell App Production' + IdentifierUris = 'https://contoso.com' + GroupMembershipClaims = 'SecurityGroup' + IsDeviceOnlyAuthSupported = $False + Tags = 'mytag' +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 2: Update an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraApplication -ApplicationId $application.Id -IdentifierUris 'https://mynewapp.contoso.com' +``` + +This command updates an application in Microsoft Entra ID. + +### Example 3: Update an application using GroupMembershipClaims parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraApplication -ApplicationId $application.Id -GroupMembershipClaims 'SecurityGroup' +``` + +This command updates an application in Microsoft Entra ID. + +### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraApplication -ApplicationId $application.Id -IsDeviceOnlyAuthSupported $False +``` + +This command updates an application in Microsoft Entra ID. + +### Example 5: Update an application using Tags parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraApplication -ApplicationId $application.Id -Tags 'mytag' +``` + +This command updates an application in Microsoft Entra ID. + +## Parameters + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. + +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +Specifies identifier Uniform Resource Identifiers (URIs). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is `false` that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System.Nullable`1[System.Boolean] + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[New-EntraApplication](New-EntraApplication.md) + +[Remove-EntraApplication](Remove-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationLogo.md b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationLogo.md new file mode 100644 index 0000000000..b9afa093df --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationLogo.md @@ -0,0 +1,122 @@ +--- +title: Set-EntraApplicationLogo +description: This article provides details on the Set-EntraApplicationLogo command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraApplicationLogo + +schema: 2.0.0 +--- + +# Set-EntraApplicationLogo + +## Synopsis + +Sets the logo for an Application + +## Syntax + +### File (Default) + +```powershell +Set-EntraApplicationLogo + -ApplicationId + -FilePath + [] +``` + +### Stream + +```powershell +Set-EntraApplicationLogo + -ApplicationId + [] +``` + +### ByteArray + +```powershell +Set-EntraApplicationLogo + -ApplicationId + [] +``` + +## Description + +The `Set-EntraApplicationLogo` cmdlet is used to set the logo for an application. + +## Examples + +### Example 1: Sets the application logo for the application specified by the ApplicationId parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Set-EntraApplicationLogo -ApplicationId $application.Id -FilePath 'D:\applogo.jpg' +``` + +This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. + +## Parameters + +### -FilePath + +The file path of the file that is to be uploaded as the application logo. + +```yamlset-EntraApplicationLogo +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the Application for which the logo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +File uploads must be smaller than 500KB. + +## Related Links + +[Get-EntraApplicationLogo](Get-EntraApplicationLogo.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationVerifiedPublisher.md b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..c059419acb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Set-EntraApplicationVerifiedPublisher.md @@ -0,0 +1,106 @@ +--- +title: Set-EntraApplicationVerifiedPublisher +description: This article provides details on the Set-EntraApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Set-EntraApplicationVerifiedPublisher + +## Synopsis + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Syntax + +```powershell +Set-EntraApplicationVerifiedPublisher + -AppObjectId + -SetVerifiedPublisherRequest + [] +``` + +## Description + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Examples + +### Example 1: Set the verified publisher of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +$mpnId = '0433167' +$req = @{verifiedPublisherId = $mpnId} +Set-EntraApplicationVerifiedPublisher -AppObjectId $application.Id -SetVerifiedPublisherRequest $req +``` + +This command sets the verified publisher of an application. + +The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. + +- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. +- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SetVerifiedPublisherRequest + +A request body object containing the verifiedPublisherId property it's the MPNID value. + +```yaml +Type: SetVerifiedPublisherRequest +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraApplicationVerifiedPublisher](Remove-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Applications/Set-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Applications/Set-EntraServicePrincipal.md new file mode 100644 index 0000000000..1746997bd9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Applications/Set-EntraServicePrincipal.md @@ -0,0 +1,415 @@ +--- +title: Set-EntraServicePrincipal +description: This article provides details on the Set-EntraServicePrincipal command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Set-EntraServicePrincipal + +## Synopsis + +Updates a service principal. + +## Syntax + +```powershell +Set-EntraServicePrincipal + -ServicePrincipalId + [-KeyCredentials ] + [-Homepage ] + [-AppId ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-PreferredSingleSignOnMode ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +The `Set-EntraServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Disable the account of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AccountEnabled $false +``` + +This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AccountEnabled` parameter specifies indicates whether the account is enabled. + +### Example 2: Update Homepage of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$homePage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -Homepage $homePage +``` + +This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AppId` parameter specifies the application ID. +- `-Homepage` parameter specifies the home page or landing page of the application. + +### Example 3: Update AlternativeNames and DisplayName of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AlternativeNames 'Helpdesk Application Global' -DisplayName 'NewName' +``` + +This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 4: Update LogoutUrl and ReplyUrls of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$logoutUrl = 'https://securescore.office.com/SignOut' +$replyUrls = 'https://admin.contoso.com' +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -LogoutUrl $logoutUrl -ReplyUrls $replyUrls +``` + +This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-LogoutUrl` parameter specifies the sign out URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -ServicePrincipalType 'Application' -AppRoleAssignmentRequired $True +``` + +This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-ServicePrincipalType` parameter specifies the service principal type. +- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. + +### Example 6: Update KeyCredentials of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 10 -Day 10 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') +$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -KeyCredentials $creds +``` + +This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. + +Use the `New-EntraServicePrincipalPasswordCredential` and `Remove-EntraServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. + +### Example 7: Update PreferredSingleSignOnMode of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -PreferredSingleSignOnMode 'saml' +``` + +This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +Specifies the application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Specifies the home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the sign out URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Species the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredSingleSignOnMode + +Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies service principal names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The service principal type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Specifies an array of tags. + +If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipal](New-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Authentication/Add-EntraEnvironment.md b/module/docs/entra-powershell-v1.0/Authentication/Add-EntraEnvironment.md new file mode 100644 index 0000000000..c51231c2d3 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Add-EntraEnvironment.md @@ -0,0 +1,119 @@ +--- +title: Add-EntraEnvironment +description: This article provides details on the Add-EntraEnvironment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraEnvironment + +schema: 2.0.0 +--- + +# Add-EntraEnvironment + +## Synopsis + +Adds Microsoft Entra environment to the settings file. + +## Syntax + +### Add Entra Environment Name + +```powershell +Add-EntraEnvironment + [-Name] + [-AzureADEndpoint] + [-GraphEndpoint] + [-ProgressAction ] + [-WhatIf] + [-Confirm] + [] +``` + +## Description + +Adds Microsoft Entra environment to the settings file. + +## Examples + +### Example 1: Add a user defined environment + +```powershell +$params = @{ + Name = 'Canary' + GraphEndpoint = 'https://canary.graph.microsoft.com' + AzureADEndpoint = 'https://login.microsoftonline.com' +} + +Add-EntraEnvironment @params +``` + +```Output +Name AzureADEndpoint GraphEndpoint Type +---- --------------- ------------- ---- +Canary https://login.microsoftonline.com https://microsoftgraph.com User-defined {} +``` + +Adds a user-defined Entra environment to the settings file. + +## Parameters + +### -Name + +Specifies the name of an environment + +```yaml + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GraphEndpoint + +Specifies the GraphEndpoint URL of an environment + +```yaml + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AzueADEndpoint + +Specifies the AzureADEndpoint URL of an environment + +```yaml + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraEnvironment](Get-EntraEnvironment.md) diff --git a/module/docs/entra-powershell-v1.0/Authentication/Connect-Entra.md b/module/docs/entra-powershell-v1.0/Authentication/Connect-Entra.md new file mode 100644 index 0000000000..3a804c12fe --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Connect-Entra.md @@ -0,0 +1,583 @@ +--- +title: Connect-Entra +description: This article provides details on the Connect-Entra Command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi254 +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Connect-Entra + +schema: 2.0.0 +--- + +# Connect-Entra + +## Synopsis + +Connect to Microsoft Entra ID with an authenticated account. + +## Syntax + +### UserParameterSet (Default) + +```powershell +Connect-Entra +[[-Scopes] ] +[[-ClientId] ] +[-TenantId ] +[-ContextScope ] +[-Environment ] +[-UseDeviceCode] +[-ClientTimeout ] +[-NoWelcome] +[] +``` + +### AppCertificateParameterSet + +```powershell +Connect-Entra +[-ClientId] +[[-CertificateSubjectName] ] +[[-CertificateThumbprint] ] +[-Certificate ] +[-TenantId ] +[-ContextScope ] +[-Environment ] +[-ClientTimeout ] +[-NoWelcome] +[] +``` + +### IdentityParameterSet + +```powershell +Connect-Entra +[[-ClientId] ] +[-ContextScope ] +[-Environment ] +[-ClientTimeout ] +[-Identity] +[-NoWelcome] +[] +``` + +### AppSecretCredentialParameterSet + +```powershell +Connect-Entra +[-ClientSecretCredential ] +[-TenantId ] +[-ContextScope ] +[-Environment ] +[-ClientTimeout ] +[-NoWelcome] +[] +``` + +### AccessTokenParameterSet + +```powershell +Connect-Entra +[-AccessToken] +[-Environment ] +[-ClientTimeout ] +[-NoWelcome] +[] +``` + +### EnvironmentVariableParameterSet + +```powershell +Connect-Entra +[-ContextScope ] +[-Environment ] +[-ClientTimeout ] +[-EnvironmentVariable] +[-NoWelcome] +[] +``` + +## Description + +The `Connect-Entra` cmdlet connects to Microsoft Entra ID with an authenticated account. + +Several authentication scenarios are supported based on your use case, such as delegated (interactive) and app-only (non-interactive). + +`Connect-Entra` is an alias for `Connect-MgGraph`. + +## Examples + +### Example 1: Delegated access: Connect a PowerShell session to a tenant + +```powershell +Connect-Entra +``` + +This example shows how to connect your current PowerShell session to a Microsoft Entra ID tenant using credentials. + +### Example 2: Delegated access: Connect a PowerShell session to a tenant with required scopes + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Group.ReadWrite.All' +``` + +```Output +Welcome to Microsoft Graph! + +``` + +This example shows how to authenticate to Microsoft Entra ID with scopes. + +### Example 3: Delegated access: Using an access token + +```powershell +$secureString = ConvertTo-SecureString -String $AccessToken -AsPlainText -Force +Connect-Entra -AccessToken $secureString +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example shows how to interactively authenticate to Microsoft Entra ID using an access token. + +For more information on how to get or create access token, see [Request an access token](https://learn.microsoft.com/graph/auth-v2-user#3-request-an-access-token). + +### Example 4: Delegated access: Using device code flow + +```powershell +Connect-Entra -UseDeviceCode +``` + +```Output +To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code A1B2CDEFGH to authenticate. +``` + +This example shows how to interactively authenticate to Microsoft Entra ID using device code flow. + +For more information, see [Device Code flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-device-code). + +### Example 5: App-only access: Using client credential with a Certificate thumbprint + +```powershell +$connectParams = @{ + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + ApplicationId = '00001111-aaaa-2222-bbbb-3333cccc4444' + CertificateThumbprint = 'AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00' +} + +Connect-Entra @connectParams +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example shows how to authenticate using an ApplicationId and CertificateThumbprint. + +For more information on how to get or create CertificateThumbprint, see [Authenticate with app-only access](https://learn.microsoft.com/powershell/entra-powershell/app-only-access-auth). + +### Example 6: App-only access: Using client credential with a certificate name + +```powershell +$params = @{ + ClientId = '00001111-aaaa-2222-bbbb-3333cccc4444' + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + CertificateName = 'YOUR_CERT_SUBJECT' +} + +Connect-Entra @params +``` + +```powershell + $Cert = Get-ChildItem Cert:\LocalMachine\My\$CertThumbprint + Connect-Entra -ClientId '' -TenantId '' -Certificate $Cert +``` + +You can find the certificate subject by running the above command. + +### Example 7: App-only access: Using client credential with a certificate + +```powershell +$Cert = Get-ChildItem Cert:\LocalMachine\My\$CertThumbprint +$params = @{ + ClientId = '00001111-aaaa-2222-bbbb-3333cccc4444' + TenantId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + Certificate = $Cert +} + +Connect-Entra @params +``` + +### Example 8: App-only access: Using client secret credentials + +```powershell +$ClientSecretCredential = Get-Credential -Credential '00001111-aaaa-2222-bbbb-3333cccc4444' +# Enter client_secret in the password prompt. +Connect-Entra -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' -ClientSecretCredential $ClientSecretCredential +``` + +This authentication method is ideal for background interactions. + +For more information on how to get credential, see [Get-Credential](https://learn.microsoft.com/powershell/module/microsoft.powershell.security/get-credential) command. + +### Example 9: App-only access: Using managed identity: System-assigned managed identity + +```powershell +Connect-Entra -Identity +``` + +Uses an automatically managed identity on a service instance. The identity is tied to the lifecycle of a service instance. + +### Example 10: App-only access: Using managed identity: User-assigned managed identity + +```powershell +Connect-Entra -Identity -ClientId 'User_Assigned_Managed_identity_Client_Id' +``` + +Uses a user created managed identity as a standalone Azure resource. + +### Example 11: Connecting to an environment as a different identity + +```powershell +Connect-Entra -ContextScope 'Process' +``` + +```Output +Welcome to Microsoft Graph! +``` + +To connect as a different identity other than CurrentUser, specify the ContextScope parameter with the value Process. + +For more information on how to get the current context, see [Get-EntraContext](https://learn.microsoft.com/powershell/module/Microsoft.Entra/get-entracontext) command. + +### Example 12: Connecting to an environment or cloud + +```powershell +Get-EntraEnvironment +``` + +```Output +Name AzureADEndpoint GraphEndpoint Type +---- --------------- ------------- ---- +China https://login.chinacloudapi.cn https://microsoftgraph.chinacloudapi.cn Built-in +Global https://login.microsoftonline.com https://graph.microsoft.com Built-in +USGov https://login.microsoftonline.us https://graph.microsoft.us Built-in +USGovDoD https://login.microsoftonline.us https://dod-graph.microsoft.us Built-in +``` + +```powershell +Connect-Entra -Environment 'Global' +``` + +When you use Connect-Entra, you can choose to target other environments. By default, Connect-Entra targets the global public cloud. + +### Example 13: Sets the HTTP client timeout in seconds + +```powershell + Connect-Entra -ClientTimeout 60 +``` + +```Output +Welcome to Microsoft Graph! +``` + +This example Sets the HTTP client timeout in seconds. + +### Example 14: Hides the welcome message + +```powershell +Connect-Entra -NoWelcome +``` + +This example hides the welcome message. + +### Example 15: Allows for authentication using environment variables + +```powershell +Connect-Entra -EnvironmentVariable +``` + +This example allows for authentication using environment variables. + +## Parameters + +### -CertificateThumbprint + +Specifies the certificate thumbprint of a digital public key X.509 certificate of a user account that has permission to perform this action. + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientId + +Specifies the application ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: UserParameterSet, IdentityParameterSet +Aliases: AppId, ApplicationId + +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: AppId, ApplicationId + +Required: True +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the ID of a tenant. + +If you don't specify this parameter, the account is authenticated with the home tenant. + +You must specify the TenantId parameter to authenticate as a service principal or when using Microsoft account. + +```yaml +Type: System.String +Parameter Sets: UserParameterSet, AppCertificateParameterSet, AppSecretCredentialParameterSet +Aliases: Audience, Tenant + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AccessToken + +Specifies a bearer token for Microsoft Entra service. Access tokens do time out and you have to handle their refresh. + +```yaml +Type: SecureString +Parameter Sets: AccessTokenParameterSet +Aliases: +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientTimeout + +Sets the HTTP client timeout in seconds. + +```yaml +Type: System.Double +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContextScope + +Determines the scope of authentication context. This ContextScope accepts `Process` for the current process, or `CurrentUser` for all sessions started by user. + +```yaml +Type: ContextScope +Accepted values: Process, CurrentUser +Parameter Sets: UserParameterSet, AppCertificateParameterSet, IdentityParameterSet, AppSecretCredentialParameterSet, EnvironmentVariableParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Environment + +The name of the national cloud environment to connect to. By default global cloud is used. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: EnvironmentName, NationalCloud +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -NoWelcome + +Hides the welcome message. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Scopes + +An array of delegated permissions to consent to. + +```yaml +Type: System.String[] +Parameter Sets: UserParameterSet +Aliases: +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UseDeviceCode + +Use device code authentication instead of a browser control. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: UserParameterSet +Aliases: UseDeviceAuthentication, DeviceCode, DeviceAuth, Device +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Certificate + +An X.509 certificate supplied during invocation. + +```yaml +Type: X509Certificate2 +Parameter Sets: AppCertificateParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CertificateSubjectName + +The subject distinguished name of a certificate. The certificate is retrieved from the current user's certificate store. + +```yaml +Type: System.String +Parameter Sets: AppCertificateParameterSet +Aliases: CertificateSubject, CertificateName +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecretCredential + +The PSCredential object provides the application ID and client secret for service principal credentials. For more information about the PSCredential object, type Get-Help Get-Credential. + +```yaml +Type: PSCredential +Parameter Sets: AppSecretCredentialParameterSet +Aliases: SecretCredential, Credential +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EnvironmentVariable + +Allows for authentication using environment variables configured on the host machine. See + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: EnvironmentVariableParameterSet +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Identity + +Sign-in using a managed identity + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: IdentityParameterSet +Aliases: ManagedIdentity, ManagedServiceIdentity, MSI +Required: False +Position: 1 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProgressAction + +The ProgressAction parameter takes one of the ActionPreference enumeration values: SilentlyContinue, Stop, Continue, Inquire, Ignore, Suspend, or Break. + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Disconnect-Entra](Disconnect-Entra.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Authentication/Disconnect-Entra.md b/module/docs/entra-powershell-v1.0/Authentication/Disconnect-Entra.md new file mode 100644 index 0000000000..602eece1c1 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Disconnect-Entra.md @@ -0,0 +1,78 @@ +--- +title: Disconnect-Entra +description: This article provides details on the Disconnect-Entra Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Disconnect-Entra + +schema: 2.0.0 +--- + +# Disconnect-Entra + +## Synopsis + +Disconnects the current session from a Microsoft Entra ID tenant. + +## Syntax + +```powershell +Disconnect-Entra + [] +``` + +## Description + +The Disconnect-Entra cmdlet disconnects the current session from a Microsoft Entra ID tenant. + +## Examples + +### Example 1: Disconnect your session from a tenant + +```powershell + Disconnect-Entra +``` + +```output +ClientId : 00001111-aaaa-2222-bbbb-3333cccc4444 +TenantId : bbbbcccc-1111-dddd-2222-eeee3333ffff +Scopes : {Agreement.ReadWrite.All, CustomSecAttributeDefinition.ReadWrite.All, TeamMember.Read.All...} +AuthType : AppOnly +TokenCredentialType : ClientCertificate +CertificateThumbprint : AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00 +CertificateSubjectName : +Account : +AppName : MG_graph_auth +ContextScope : Process +Certificate : +PSHostVersion : 5.1.22621.2506 +ManagedIdentityId : +ClientSecret : +Environment : Global +``` + +This command disconnects your session from a tenant. + +## Parameters + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Connect-Entra](Connect-Entra.md) diff --git a/module/docs/entra-powershell-v1.0/Authentication/Find-EntraPermission.md b/module/docs/entra-powershell-v1.0/Authentication/Find-EntraPermission.md new file mode 100644 index 0000000000..7bd1d60f78 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Find-EntraPermission.md @@ -0,0 +1,239 @@ +--- +title: Find-EntraPermission +description: This article provides details on the Find-EntraPermission command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Find-EntraPermission + +schema: 2.0.0 +--- + +# Find-EntraPermission + +## Synopsis + +Helps users determine the necessary permissions for resources and identify the appropriate permissions required for various commands. + +## Syntax + +### Search + +```powershell +Find-EntraPermission + [-SearchString] + [-ExactMatch] + [-PermissionType ] + [-Online] + [-ProgressAction ] + [] +``` + +### All + +```powershell +Find-EntraPermission + [-PermissionType ] + [-Online] + [-All] + [-ProgressAction ] + [] +``` + +## Description + +The `Find-EntraPermission` cmdlet helps users determine the necessary permissions for resources and identify the appropriate permissions required for various commands. + +## Examples + +### Example 1: Get a list of all Application permissions + +```powershell +Find-EntraPermission application +``` + +```Output +PermissionType: Delegated + +Id Consent Name Description +-- ------- ---- ----------- +c79f8feb-a9db-4090-85f9-90d820caa0eb Admin Application.Read.All Allows the app to read applications and service principals on behalf of the signed-in user. +bdfbf15f-ee85-4955-8675-146e8e5296b5 Admin Application.ReadWrite.All Allows the app to create, read, update and delete applications and service principals on behalf of the signed-in user. Does not allow management of consent grants. + +PermissionType: Application + +Id Consent Name Description +-- ------- ---- ----------- +9a5d68dd-52b0-4cc2-bd40-abcf44ac3a30 Admin Application.Read.All Allows the app to read all applications and service principals without a signed-in user. +1bfefb4e-e0b5-418b-a88f-73c46d2cc8e9 Admin Application.ReadWrite.All Allows the app to create, read, update and delete applications and service principals without a signed-in user. Does not allow management of consent grants. +18a4783c-866b-4cc7-a460-3d5e5662c884 Admin Application.ReadWrite.OwnedBy Allows the app to create other applications, and fully manage those applications (read, update, update application secrets and delete), without a signed-in user... +``` + +### Example 2. Get a list of permissions for the Read permissions + +```powershell +Find-EntraPermission application.Read | Format-List +``` + +```Output +Id : c79f8feb-a9db-4090-85f9-90d820caa0eb +PermissionType : Delegated +Consent : Admin +Name : Application.Read.All +Description : Allows the app to read applications and service principals on behalf of the signed-in user. + +Id : bdfbf15f-ee85-4955-8675-146e8e5296b5 +PermissionType : Delegated +Consent : Admin +Name : Application.ReadWrite.All +Description : Allows the app to create, read, update and delete applications and service principals on behalf of the signed-in user. Does not allow management of consent grants. + +Id : 9a5d68dd-52b0-4cc2-bd40-abcf44ac3a30 +PermissionType : Application +Consent : Admin +Name : Application.Read.All +Description : Allows the app to read all applications and service principals without a signed-in user. +``` + +### Example 3. Search for permissions with exact match + +```powershell +Find-EntraPermission -SearchString 'User.Read.All' -ExactMatch +``` + +```Output + PermissionType: Delegated + +Id Consent Name Description +-- ------- ---- ----------- +a154be20-db9c-4678-8ab7-66f6cc099a59 Admin User.Read.All Allows the app to read the full set of profile properties, reports, and ma… + + PermissionType: Application + +Id Consent Name Description +-- ------- ---- ----------- +df021288-bdef-4463-88db-98f22de89214 Admin User.Read.All Allows the app to read user profiles without a signed in user. +``` + +This example demonstrates how to search for permissions that exactly match a specified permission name. + +### Example 4. Get all permissions of the specified type + +```powershell +Find-EntraPermission -PermissionType 'Delegated' +``` + +```Output +Id Consent Name Description +-- ------- ---- ----------- +ebfcd32b-babb-40f4-a14b-42706e83bd28 Admin AccessReview.Read.All Allows the app to read access re… +e4aa47b9-9a69-4109-82ed-36ec70d85ff1 Admin AccessReview.ReadWrite.All Allows the app to read, update, … +5af8c3f5-baca-439a-97b0-ea58a435e269 Admin AccessReview.ReadWrite.Membership Allows the app to read, +``` + +This example shows how to get all permissions of a specified type, for example, `Delegated` or `Application` permissions. + +## Parameters + +### -SearchString + +Specifies the filter for the permissions, for example, domain and scope. + +```yaml + +Type: System.String +Required: True +Position: Named +Default value: None +Accept pipeline input: True +Accept wildcard characters: False +``` + +### -All + +Sets if the cmdlet returns all parameters. + +```yaml + +Type: System.Management.Automation.SwitchParameter +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExactMatch + +Sets if Search String should be an exact match. + +```yaml + +Type: System.Management.Automation.SwitchParameter +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Online + +Use the -Online parameter with -SearchString in Find-MgGraphPermission to fetch the latest permissions from Microsoft Graph before searching. This ensures Find-MgGraphPermission returns accurate results by including any new permissions added for recent APIs. The command uses the existing Microsoft Graph connection established by Connect-MgGraph. If your connection lacks permissions to access this data or if there’s no network connectivity, the command fails. Once updated, Find-MgGraphPermission will continue using the refreshed permission list for future searches, even without the -Online parameter. + +```yaml + +Type: System.Management.Automation.SwitchParameter +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionType + +Specifies the type of Permission, for example, Delegated or Application. + +```yaml + +Type: System.String +Required: False +Position: Named +Default value: Any +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProgressAction + +Specifics the progra option. + +```yaml +Type: System.Management.Automation.SwitchParameter +Aliases: progra +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Authentication/Get-EntraContext.md b/module/docs/entra-powershell-v1.0/Authentication/Get-EntraContext.md new file mode 100644 index 0000000000..b9eb7971b0 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Get-EntraContext.md @@ -0,0 +1,130 @@ +--- +title: Get-EntraContext +description: This article provides details on the Get-EntraContext command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContext + +schema: 2.0.0 +--- + +# Get-EntraContext + +## Synopsis + +Retrieve information about your current session + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraContext + [-ProgressAction ] + [] +``` + +## Description + +`Get-EntraContext` is used to retrieve the details about your current session, which include: + +- ClientID +- TenantID +- Certificate Thumbprint +- Scopes consented to +- AuthType: Delegated or app-only +- AuthProviderType +- CertificateName +- Account +- AppName +- ContextScope +- Certificate +- PSHostVersion +- ClientTimeOut. + +`Get-EntraCurrentSessionInfo` is an alias for `Get-EntraContext`. + +## Examples + +### Example 1: Get the current session + +```powershell +Get-EntraContext +``` + +```Output +ClientId : 11112222-bbbb-3333-cccc-4444dddd5555 +TenantId : aaaabbbb-0000-cccc-1111-dddd2222eeee +CertificateThumbprint : +Scopes : {User.ReadWrite.All,...} +AuthType : Delegated +AuthProviderType : InteractiveAuthenticationProvider +CertificateName : +Account : SawyerM@Contoso.com +AppName : Microsoft Graph PowerShell +ContextScope : CurrentUser +Certificate : +PSHostVersion : 5.1.17763.1 +ClientTimeout : 00:05:00 +``` + +This example demonstrates how to retrieve the details of the current session. + +### Example 2: Get the current session scopes + +```powershell +Get-EntraContext | Select -ExpandProperty Scopes +``` + +```Output +AppRoleAssignment.ReadWrite.All +Directory.AccessAsUser.All +EntitlementManagement.ReadWrite.All +Group.ReadWrite.All +openid +Organization.Read.All +profile +RoleManagement.ReadWrite.Directory +User.Read +User.ReadWrite.All +``` + +Retrieves all scopes. + +## Parameters + +### -ProgressAction + +Determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider, such as the progress bars generated by the Write-Progress cmdlet. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Authentication/Get-EntraEnvironment.md b/module/docs/entra-powershell-v1.0/Authentication/Get-EntraEnvironment.md new file mode 100644 index 0000000000..0d04211dd5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Get-EntraEnvironment.md @@ -0,0 +1,108 @@ +--- +title: Get-EntraEnvironment +description: This article provides details on the Get-EntraEnvironment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraEnvironment + +schema: 2.0.0 +--- + +# Get-EntraEnvironment + +## Synopsis + +Gets global public Environments. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraEnvironment + [] +``` + +### GetByName + +```powershell +Get-EntraEnvironment + -Name + [] +``` + +## Description + +When you use `Connect-Entra`, you can choose to target other environments. By default, `Connect-Entra` targets the global public cloud. + +## Examples + +### Example 1: Get a list of public cloud environments + +```powershell +Get-EntraEnvironment +``` + +```Output +Name AzureADEndpoint GraphEndpoint Type +---- --------------- ------------- ---- +Global https://login.microsoftonline.com https://graph.microsoft.com Built-in +China https://login.chinacloudapi.cn https://microsoftgraph.chinacloudapi.cn Built-in +USGovDoD https://login.microsoftonline.us https://dod-graph.microsoft.us Built-in +USGov https://login.microsoftonline.us https://graph.microsoft.us Built-in +Germany https://login.microsoftonline.de https://graph.microsoft.de Built-in +Canary https://login.microsoftonline.com https://canary.graph.microsoft.com User-defined +``` + +This command retrieves a list of global public Environments. + +### Example 2: Get a specific environment created + +```powershell +Get-EntraEnvironment -Name 'Global' +``` + +```Output +Name AzureADEndpoint GraphEndpoint Type +---- --------------- ------------- ---- +Global https://login.microsoftonline.com https://graph.microsoft.com Built-in +``` + +This command retrieves an environment with the specified name. + +## Parameters + +### -Name + +Specifies the name of an environment + +```yaml + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraEnvironment](Add-EntraEnvironment.md) diff --git a/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraSignedInUserAllRefreshToken.md b/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraSignedInUserAllRefreshToken.md new file mode 100644 index 0000000000..7e46392371 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraSignedInUserAllRefreshToken.md @@ -0,0 +1,73 @@ +--- +title: Revoke-EntraSignedInUserAllRefreshToken +description: This article provides details on the Revoke-EntraSignedInUserAllRefreshToken command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Revoke-EntraSignedInUserAllRefreshToken + +schema: 2.0.0 +--- + +# Revoke-EntraSignedInUserAllRefreshToken + +## Synopsis + +Invalidates the refresh tokens issued to applications for the current user. + +## Syntax + +```powershell +Revoke-EntraSignedInUserAllRefreshToken + [] +``` + +## Description + +The `Revoke-EntraSignedInUserAllRefreshToken` cmdlet invalidates all the refresh tokens issued to applications for a user (and session cookies in a user's browser), by resetting the signInSessionsValidFromDateTime user property to the current date-time. + +The user or an administrator typically performs this operation if the user's device is lost or stolen. This action prevents access to the organization's data on the device by requiring the user to sign in again to all previously consented applications, regardless of the device. + +Note: If the application attempts to redeem a delegated access token for this user using an invalidated refresh token, the application receives an error. When this happens, the application needs to acquire a new refresh token by making a request to the authorized endpoint, which forces the user to sign in. + +After you run this command, a small delay of a few minutes can occur before tokens are revoked. + +## Examples + +### Example 1: Revoke refresh tokens for the current user + +```powershell +Connect-Entra -Scopes 'User.RevokeSessions.All' +Revoke-EntraSignedInUserAllRefreshToken +``` + +```Output +Value +----- +True +``` + +This command revokes the tokens for the current user. + +## Parameters + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Revoke-EntraUserAllRefreshToken](Revoke-EntraUserAllRefreshToken.md) diff --git a/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraUserAllRefreshToken.md b/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraUserAllRefreshToken.md new file mode 100644 index 0000000000..c943896d8d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Authentication/Revoke-EntraUserAllRefreshToken.md @@ -0,0 +1,90 @@ +--- +title: Revoke-EntraUserAllRefreshToken +description: This article provides details on the Revoke-EntraUserAllRefreshToken command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Authentication-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Revoke-EntraUserAllRefreshToken +schema: 2.0.0 +--- + +# Revoke-EntraUserAllRefreshToken + +## Synopsis + +Invalidates the refresh tokens issued to applications for a user. + +## Syntax + +```powershell +Revoke-EntraUserAllRefreshToken + -UserId + [] +``` + +## Description + +The `Revoke-EntraUserAllRefreshToken` cmdlet invalidates the refresh tokens issued to applications for a user. + +The cmdlet also invalidates tokens issued to session cookies in a browser for the user. + +The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time. + +This operation is usually performed by the user or an administrator if the user's device is lost or stolen. It blocks access to the organization's data by requiring the user to sign in again to all previously authorized applications, regardless of the device. + +## Examples + +### Example 1: Revoke refresh tokens for a user + +```powershell +Connect-Entra -Scopes 'User.RevokeSessions.All' +Revoke-EntraUserAllRefreshToken -UserId 'SawyerM@contoso.com' +``` + +```Output +Value +----- +True +``` + +This example demonstrates how to revoke the tokens for the specified user. + +- `-UserId` parameter specifies the unique identifier of a user. + +## Parameters + +### -UserId + +Specifies the unique ID of a user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Revoke-EntraSignedInUserAllRefreshToken](Revoke-EntraSignedInUserAllRefreshToken.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..8932522a93 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraAdministrativeUnitMember.md @@ -0,0 +1,107 @@ +--- +title: Add-EntraAdministrativeUnitMember +description: This article provides details on the Add-EntraAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Add-EntraAdministrativeUnitMember + +## Synopsis + +Adds an administrative unit member. + +## Syntax + +```powershell +Add-EntraAdministrativeUnitMember + -RefObjectId + -AdministrativeUnitId + [] +``` + +## Description + +The `Add-EntraAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. + +Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. + +To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add user as an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +Add-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -RefObjectId $user.Id +``` + +This example demonstrates adding an administrative unit member. Use `Get-EntraAdministrativeUnit` to find the administrative unit ID and `Get-EntraUser` to find the user ID. + +- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of a Microsoft Entra ID administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the unique ID of the specific Microsoft Entra ID object that are as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) +[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..ac5e15aea2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,139 @@ +--- +title: Add-EntraCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Add-EntraCustomSecurityAttributeDefinitionAllowedValue command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue +schema: 2.0.0 +--- + +# Add-EntraCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Adds a predefined value for a custom security attribute definition. + +## Syntax + +```powershell +Add-EntraCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + -Id + -IsActive + [] +``` + +## Description + +The `Add-EntraCustomSecurityAttributeDefinitionAllowedValue` adds a predefined value for a Microsoft Entra ID custom security attribute definition. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a predefined value for a Microsoft Entra ID custom security attribute definition + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinitionId = (Get-EntraCustomSecurityAttributeDefinition -Id '').Id +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinitionId + Id = 'Alpine' + IsActive = $true +} +Add-EntraCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output + +Id IsActive +-- -------- +Alpine True +``` + +This example adds a predefined value to a custom security attribute definition. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use the command `Get-EntraCustomSecurityAttributeDefinition` to get the ID. +- `-Id` parameter specifies the identifier for the predefined value. +- `-IsActive` parameter specifies the predefined value is active or deactivated. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier for a custom security attribute definition in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for the predefined value, which can be up to 64 characters long and include Unicode characters. Spaces are allowed, but some special characters aren't. This identifier is case sensitive, can't be changed later, and is required. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsActive + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any another supported directory objects. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Add-EntraCustomSecurityAttributeDefinitionAllowedValues` is an alias for `Add-EntraCustomSecurityAttributeDefinitionAllowedValue`. + +## Related Links + +[Get-EntraCustomSecurityAttributeDefinitionAllowedValue](Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md) + +[Set-EntraCustomSecurityAttributeDefinitionAllowedValue](Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredOwner.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredOwner.md new file mode 100644 index 0000000000..99c79ee9f4 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredOwner.md @@ -0,0 +1,107 @@ +--- +title: Add-EntraDeviceRegisteredOwner +description: This article provides details on the Add-EntraDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Add-EntraDeviceRegisteredOwner + +## Synopsis + +Adds a registered owner for a device. + +## Syntax + +```powershell +Add-EntraDeviceRegisteredOwner + -DeviceId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraDeviceRegisteredOwner` cmdlet adds a registered owner for a Microsoft Entra ID device. + +## Examples + +### Example 1: Add a user as a registered user + +```powershell +Connect-Entra -Scopes 'Device.ReadWrite.All' +$User = Get-EntraUser -UserId 'SawyerM@contoso.com' +$Device = Get-EntraDevice -SearchString '' +$params = @{ + DeviceId = $Device.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraDeviceRegisteredOwner @params +``` + +This example shows how to add a registered user to a device. + +- `-DeviceId` parameter specifies the unique identifier (Object ID) of the device to which you want to add a registered user. The $Device.ObjectId variable should contain the Object ID of the device. You can use the command `Get-EntraDevice` to get device Id. + +- `-RefObjectId` parameter specifies the unique identifier (Object ID) of the user who will be added as a registered user of the device. The $User.ObjectId variable should contain the Object ID of the user. You can use the command `Get-EntraUser` to get user Id. + +## Parameters + +### -DeviceId + +Specifies the object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Active Directory object to add. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDeviceRegisteredOwner](Get-EntraDeviceRegisteredOwner.md) + +[Remove-EntraDeviceRegisteredOwner](Remove-EntraDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredUser.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredUser.md new file mode 100644 index 0000000000..05cca07b00 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDeviceRegisteredUser.md @@ -0,0 +1,112 @@ +--- +title: Add-EntraDeviceRegisteredUser +description: This article provides details on the Add-EntraDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Add-EntraDeviceRegisteredUser + +## Synopsis + +Adds a registered user for a device. + +## Syntax + +```powershell +Add-EntraDeviceRegisteredUser + -DeviceId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraDeviceRegisteredUser` cmdlet adds a registered user for a Microsoft Entra ID device. + +## Examples + +### Example 1: Add a user as a registered user + +```powershell +Connect-Entra -Scopes 'Device.ReadWrite.All' +$User = Get-EntraUser -UserId 'SawyerM@contoso.com' +$Device = Get-EntraDevice -SearchString '' +$params = @{ + DeviceId = $Device.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraDeviceRegisteredUser @params +``` + +This example shows how to add a registered user to a device. + +- `-DeviceId` parameter specifies the unique identifier (Object ID) of the device to which you want to add a registered user. The $Device.ObjectId variable should contain the Object ID of the device. You can use the command `Get-EntraDevice` to get device Id. + +- `-RefObjectId` parameter specifies the unique identifier (Object ID) of the user who will be added as a registered user of the device. The $User.ObjectId variable should contain the Object ID of the user. You can use the command `Get-EntraUser` to get user Id. + +## Parameters + +### -DeviceId + +Specifies the ID of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDevice](Get-EntraDevice.md) + +[Get-EntraDeviceRegisteredUser](Get-EntraDeviceRegisteredUser.md) + +[Get-EntraUser](../Users/Get-EntraUser.md) + +[Remove-EntraDeviceRegisteredUser](Remove-EntraDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDirectoryRoleMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDirectoryRoleMember.md new file mode 100644 index 0000000000..7571c092cb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraDirectoryRoleMember.md @@ -0,0 +1,104 @@ +--- +title: Add-EntraDirectoryRoleMember +description: This article provides details on the Add-EntraDirectoryRoleMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraDirectoryRoleMember + +schema: 2.0.0 +--- + +# Add-EntraDirectoryRoleMember + +## Synopsis + +Adds a member to a directory role. + +## Syntax + +```powershell +Add-EntraDirectoryRoleMember + -DirectoryRoleId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraDirectoryRoleMember` cmdlet adds a member to a Microsoft Entra ID role. + +## Examples + +### Example 1: Add a member to a Microsoft Entra ID role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$params = @{ + DirectoryRoleId = '019ea7a2-1613-47c9-81cb-20ba35b1ae48' + RefObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Add-EntraDirectoryRoleMember @params +``` + +This example adds a member to a directory role. + +- `DirectoryRoleId` parameter specifies the ID of the directory role to which the member is added. Use the Get-EntraDirectoryRole command to retrieve the details of the directory role. +- `RefObjectId` parameter specifies the ID of Microsoft Entra ID object to assign as owner/manager/member. + +## Parameters + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDirectoryRoleMember](Get-EntraDirectoryRoleMember.md) + +[Remove-EntraDirectoryRoleMember](Remove-EntraDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..c2cf72d69a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Add-EntraScopedRoleMembership.md @@ -0,0 +1,130 @@ +--- +title: Add-EntraScopedRoleMembership +description: This article provides details on the Add-EntraScopedRoleMembership command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Add-EntraScopedRoleMembership + +## Synopsis + +Assign a Microsoft Entra role with an administrative unit scope. + +## Syntax + +```powershell +Add-EntraScopedRoleMembership + -AdministrativeUnitId + [-RoleObjectId ] + [-RoleMemberInfo ] + [] +``` + +## Description + +The `Add-EntraScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. + +For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add a scoped role membership to an administrative unit + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo +$roleMember.Id = $user.Id +Add-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -RoleObjectId $role.Id -RoleMemberInfo $roleMember +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The example shows how to add a user to the specified role within the specified administrative unit. + +- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. +- `-RoleObjectId` Parameter specifies the ID of a directory role. +- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RoleMemberInfo + +Specifies a RoleMemberInfo object. + +```yaml +Type: System.RoleMemberInfo +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleObjectId + +Specifies the ID of a directory role. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) + +[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Confirm-EntraDomain.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Confirm-EntraDomain.md new file mode 100644 index 0000000000..da2f0d8d91 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Confirm-EntraDomain.md @@ -0,0 +1,112 @@ +--- +title: Confirm-EntraDomain +description: This article provides details on the Confirm-EntraDomain command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Confirm-EntraDomain + +schema: 2.0.0 +--- + +# Confirm-EntraDomain + +## Synopsis + +Validate the ownership of a domain. + +## Syntax + +```powershell +Confirm-EntraDomain + -Name + [-CrossCloudVerificationCode ] + [] +``` + +## Description + +The `Confirm-EntraDomain` cmdlet validates the ownership of a Microsoft Entra ID domain. + +The work or school account needs to belong to at least the **Domain Name Administrator** Microsoft Entra role. + +## Examples + +### Example 1: Confirm the domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Confirm-EntraDomain -Name Contoso.com +``` + +This example verifies a domain and updates its status to `verified`. + +### Example 2: Confirm the domain with a cross cloud verification code + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Confirm-EntraDomain -Name Contoso.com -CrossCloudVerificationCode ms84324896 +``` + +This example confirms a domain in dual federation scenarios. + +## Parameters + +### -Name + +Specifies the name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -CrossCloudVerificationCode + +The cross-cloud domain verification code. + +```yaml +Type: CrossCloudVerificationCodeBody +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDomain](Get-EntraDomain.md) + +[New-EntraDomain](New-EntraDomain.md) + +[Remove-EntraDomain](Remove-EntraDomain.md) + +[Set-EntraDomain](Set-EntraDomain.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Enable-EntraDirectoryRole.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Enable-EntraDirectoryRole.md new file mode 100644 index 0000000000..8b9e84b52e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Enable-EntraDirectoryRole.md @@ -0,0 +1,96 @@ +--- +title: Enable-EntraDirectoryRole +description: This article provides details on the Enable-EntraDirectoryRole command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Enable-EntraDirectoryRole + +schema: 2.0.0 +--- + +# Enable-EntraDirectoryRole + +## Synopsis + +Activates an existing directory role in Microsoft Entra ID. + +## Syntax + +```powershell +Enable-EntraDirectoryRole + [-RoleTemplateId ] + [] +``` + +## Description + +The `Enable-EntraDirectoryRole` cmdlet activates an existing directory role in Microsoft Entra ID. + +The Company Administrators and the default user directory roles (User, Guest User, and Restricted Guest User) are activated by default. To access and assign members to other directory roles, you must first activate them using their corresponding directory role template ID. + +## Examples + +### Example 1: Enable a directory role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$InviterRole = Get-EntraDirectoryRoleTemplate | Where-Object {$_.DisplayName -eq 'Guest Inviter'} +Enable-EntraDirectoryRole -RoleTemplateId $InviterRole.ObjectId +``` + +```Output +DeletedDateTime Id Description DisplayName RoleTemplateId +--------------- -- ----------- ----------- -------------- + b5baa59b-86ab-4053-ac3a-0396116d1924 Guest Inviter has access to invite guest users. Guest Inviter 92ed04bf-c94a-4b82-9729-b799a7a4c178 +``` + +The example shows how to enable the directory role. + +You can use `Get-EntraDirectoryRoleTemplate` to fetch a specific directory role to activate. + +- `RoleTemplateId` parameter specifies the ID of the role template to enable. + +## Parameters + +### -RoleTemplateId + +The ID of the Role template to enable. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For additional details see [Activate directoryRole](/graph/api/directoryrole-post-directoryroles). + +## Related Links + +[Get-EntraDirectoryRole](Get-EntraDirectoryRole.md) + +[Get-EntraDirectoryRoleTemplate](Get-EntraDirectoryRoleTemplate.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-CrossCloudVerificationCode.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-CrossCloudVerificationCode.md new file mode 100644 index 0000000000..a78469f640 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-CrossCloudVerificationCode.md @@ -0,0 +1,72 @@ +--- +title: Get-CrossCloudVerificationCode +description: This article provides details on the Get-CrossCloudVerificationCode command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-CrossCloudVerificationCode + +schema: 2.0.0 +--- + +# Get-CrossCloudVerificationCode + +## Synopsis +Gets the verification code used to validate the ownership of the domain in another connected cloud. +Important: Only applies to a verified domain. + +## Syntax + +```powershell +Get-CrossCloudVerificationCode + -Name + [] +``` + +## Description + +## Examples + +### Example 1: Get the cross cloud verification code +```powershell +PS C:\>Get-CrossCloudVerificationCode -Name Contoso.com +``` + +This command returns a string that can be used to enable cross cloud federation scenarios. + +## Parameters + +### -Name +Specifies the name of a domain. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.GetCrossCloudVerificationCodeResponse +## Notes + +## RELATED LINKS \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAccountSku.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAccountSku.md new file mode 100644 index 0000000000..8ddb5f8978 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAccountSku.md @@ -0,0 +1,117 @@ +--- +title: Get-EntraAccountSku +description: This article provides details on the Get-EntraAccountSku command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAccountSku + +schema: 2.0.0 +--- + +# Get-EntraAccountSku + +## Synopsis + +Retrieves all the SKUs for a company. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraAccountSku + [] +``` + +### GetById + +```powershell +Get-EntraAccountSku + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraAccountSku` retrieves the list of commercial subscriptions acquired by an organization. + +For a list of license names in the Microsoft Entra or Microsoft 365 admin centers and their corresponding Microsoft Graph `skuId` and `skuPartNumber` properties, refer to the [mapping information](https://learn.microsoft.com/entra/identity/users/licensing-service-plan-reference). + +## Examples + +### Example 1: Gets a list of SKUs + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraAccountSku +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +eeeeeeee-4444-5555-6666-ffffffffffff aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSPRE… +ffffffff-5555-6666-7777-aaaaaaaaaaaa aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTERP… +dddddddd-3333-4444-5555-eeeeeeeeeeee aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERP… +``` + +This command returns a list of SKUs. + +### Example 2: Gets a list of SKUs by TenantId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraAccountSku -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +eeeeeeee-4444-5555-6666-ffffffffffff aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSPRE… +ffffffff-5555-6666-7777-aaaaaaaaaaaa aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTERP… +dddddddd-3333-4444-5555-eeeeeeeeeeee aaaabbbb-0000-cccc-1111-dddd2222eeee Contoso-User User Suspended 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERP… +``` + +This command returns a list of SKUs for a specified tenant. + +- `-TenantId` parameter specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this isn't provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..4deed44fa9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnit.md @@ -0,0 +1,237 @@ +--- +title: Get-EntraAdministrativeUnit +description: This article provides details on the Get-EntraAdministrativeUnit command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAdministrativeUnit +schema: 2.0.0 +--- + +# Get-EntraAdministrativeUnit + +## Synopsis + +Gets an administrative unit. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraAdministrativeUnit + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraAdministrativeUnit + -AdministrativeUnitId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraAdministrativeUnit` cmdlet gets a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameter to get a specific administrative unit. + +## Examples + +### Example 1: Get all administrative units + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraAdministrativeUnit +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + dddddddd-3333-4444-5555-eeeeeeeeeeee Updated Description Updated DisplayName + cccccccc-2222-3333-4444-dddddddddddd testdemo test1 + bbbbbbbb-1111-2222-3333-cccccccccccc TestAU + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test_130624_09 + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb demotest test111 +``` + +This command gets all the administrative units. + +### Example 2: Get all administrative units using '-All' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraAdministrativeUnit -All +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + dddddddd-3333-4444-5555-eeeeeeeeeeee Updated Description Updated DisplayName + cccccccc-2222-3333-4444-dddddddddddd testdemo test1 + bbbbbbbb-1111-2222-3333-cccccccccccc TestAU + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test_130624_09 + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb demotest test111 +``` + +This command gets all the administrative units. + +### Example 3: Get a specific administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraAdministrativeUnit -AdministrativeUnitId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Updated Description Updated DisplayName +``` + +This example returns the details of the specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 4: Get administrative units filter by display name + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraAdministrativeUnit -Filter "DisplayName eq 'DAU-Test'" +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Dynamic AU testing in CORP tenant DAU-Test +``` + +This example list of administrative units containing display name with the specified name. + +### Example 5: Get top one administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +Get-EntraAdministrativeUnit -Top 1 +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Dynamic AU testing in CORP tenant DAU-Test +``` + +This example returns the specified top administrative units. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter filters which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) + +[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) + +[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..86d1548592 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAdministrativeUnitMember.md @@ -0,0 +1,193 @@ +--- +title: Get-EntraAdministrativeUnitMember +description: This article provides details on the Get-EntraAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Get-EntraAdministrativeUnitMember + +## Synopsis + +Gets a member of an administrative unit. + +## Syntax + +```powershell +Get-EntraAdministrativeUnitMember + -AdministrativeUnitId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. + +In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Directory Readers: Read basic properties on administrative units +- Global Reader: Read all properties of administrative units, including members +- Privileged Role Administrator: Create and manage administrative units (including members) + +## Examples + +### Example 1: Get an administrative unit member by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 2: Get all administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of all administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 3: Get top three administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example returns top three administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) + +[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAttributeSet.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAttributeSet.md new file mode 100644 index 0000000000..089bb12b2d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraAttributeSet.md @@ -0,0 +1,143 @@ +--- +title: Get-EntraAttributeSet +description: This article provides details on the Get-EntraAttributeSet command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAttributeSet + +schema: 2.0.0 +--- + +# Get-EntraAttributeSet + +## Synopsis + +Gets a list of attribute sets. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraAttributeSet + [] +``` + +### GetById + +```powershell +Get-EntraAttributeSet + -AttributeSetId + [] +``` + +## Description + +The `Get-EntraAttributeSet` cmdlet gets a list of Microsoft Entra ID attribute sets. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with the necessary permissions. The supported roles for this operation are: + +- Attribute Assignment Reader +- Attribute Definition Reader +- Attribute Assignment Administrator +- Attribute Definition Administrator + +By default, other administrator roles cannot read, define, or assign custom security attributes. + +## Examples + +### Example 1: Get an all attribute sets + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraAttributeSet +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Engineering Attributes for cloud engineering team 25 +Contoso Attributes for Contoso 25 +``` + +This example returns all attribute sets. + +### Example 2: Get an attribute sets + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraAttributeSet -AttributeSetId 'Testing' +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Testing Attributes for engineering team 10 +``` + +This example demonstrates how to retrieve an attribute set by Id. + +- `AttributeSetId` parameter specifies the unique identifier for the attribute set within a tenant. + +## Parameters + +### -AttributeSetId + +Unique identifier for the attribute set within a tenant. + +This identifier can be up to 32 characters long and may include Unicode characters. It cannot contain spaces or special characters, and it cannot be changed later. The identifier is case insensitive. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraAttributeSet](New-EntraAttributeSet.md) + +[Set-EntraAttributeSet](Set-EntraAttributeSet.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContact.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContact.md new file mode 100644 index 0000000000..692f1deffb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContact.md @@ -0,0 +1,236 @@ +--- +title: Get-EntraContact +description: This article provides details on the Get-EntraContact command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContact + +schema: 2.0.0 +--- + +# Get-EntraContact + +## Synopsis + +Gets a contact from Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraContact + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraContact + -OrgContactId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraContact` cmdlet gets a contact from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all contact objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraContact +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves all contact objects in the directory. + +### Example 2: Retrieve specific contact object in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraContact -OrgContactId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +``` + +This example retrieves specified contact in the directory. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 3: Retrieve all contacts objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraContact -All +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves all the contacts in the directory. + +### Example 4: Retrieve top two contacts objects in the directory + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraContact -Top 2 +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +``` + +This example retrieves top two contacts in the directory. + +### Example 5: Retrieve all contacts objects in the directory filter by DisplayName + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +Get-EntraContact -Filter "DisplayName eq 'Contoso Contact'" +``` + +```Output +DisplayName Id Mail MailNickname +----------- -- ---- ------------ +Contoso Contact aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb contact@contoso.com Contoso Contact +Contoso Contact1 bbbbbbbb-1111-2222-3333-cccccccccccc contact1@contoso.com Contoso Contact 1 +Contoso Contact2 cccccccc-2222-3333-4444-dddddddddddd contact2@contoso.com Contoso Contact 2 +Contoso Contact3 dddddddd-3333-4444-5555-eeeeeeeeeeee contact3@contoso.com Contoso Contact 3 +``` + +This example retrieves contacts having the specified display name. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraContact](Remove-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactDirectReport.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactDirectReport.md new file mode 100644 index 0000000000..1e872261b6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactDirectReport.md @@ -0,0 +1,159 @@ +--- +title: Get-EntraContactDirectReport +description: This article provides details on the Get-EntraContactDirectReport command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContactDirectReport + +schema: 2.0.0 +--- + +# Get-EntraContactDirectReport + +## Synopsis + +Get the direct reports for a contact. + +## Syntax + +```powershell +Get-EntraContactDirectReport + -OrgContactId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraContactDirectReport` cmdlet gets the direct reports for a contact. + +## Examples + +### Example 1: Get the direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraContactDirectReport -OrgContactId $Contact.ObjectId +``` + +This example shows how to retrieve direct reports for an organizational contact. + +You can use the command `Get-EntraBetaContact` to get organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 2: Get all direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraContactDirectReport -OrgContactId $Contact.ObjectId -All +``` + +This example shows how to retrieve all direct reports for an organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +### Example 3: Get top two direct reports of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraBetaContact -Top 1 +Get-EntraContactDirectReport -OrgContactId $Contact.ObjectId -Top 2 +``` + +This example shows how to retrieve top two direct reports for an organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraContact](Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactManager.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactManager.md new file mode 100644 index 0000000000..50b896aaf3 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactManager.md @@ -0,0 +1,98 @@ +--- +title: Get-EntraContactManager +description: This article provides details on the Get-EntraContactManager command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContactManager + +schema: 2.0.0 +--- + +# Get-EntraContactManager + +## Synopsis + +Gets the manager of a contact. + +## Syntax + +```powershell +Get-EntraContactManager + -OrgContactId + [-Property ] + [] +``` + +## Description + +The `Get-EntraContactManager` cmdlet gets the manager of a contact in Microsoft Entra ID. + +## Examples + +### Example 1: Get the manager of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraContact -Top 1 +Get-EntraContactManager -OrgContactId $Contact.ObjectId +``` + +The example demonstrates how to retrieve the manager of a contact. You can use the command `Get-EntraContact` to get organizational contact. + +- `-OrgContactId` parameter specifies the contact Id. + +## Parameters + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: OrgContactId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraContact](Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactMembership.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactMembership.md new file mode 100644 index 0000000000..dbe722149e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactMembership.md @@ -0,0 +1,175 @@ +--- +title: Get-EntraContactMembership +description: This article provides details on the Get-EntraContactMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContactMembership + +schema: 2.0.0 +--- + +# Get-EntraContactMembership + +## Synopsis + +Get a contact membership. + +## Syntax + +```powershell +Get-EntraContactMembership + -OrgContactId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraContactMembership` cmdlet gets a contact membership in Microsoft Entra ID. + +This command is useful to administrators who need to understand which groups, roles, or administrative units a particular contact belongs to. This can be important for troubleshooting access issues, auditing memberships, and ensuring that contact memberships are correctly configured. + +## Examples + +### Example 1: Get the memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntraContactMembership -OrgContactId $Contact.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This command gets all the memberships for specified contact. + +### Example 2: Get all memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntraContactMembership -OrgContactId $Contact.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This command gets all the memberships for specified contact. + +### Example 3: Get top two memberships of a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraContact -Filter "DisplayName eq 'Contoso Contact'" +Get-EntraContactMembership -OrgContactId $Contact.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +``` + +This command gets top two memberships for specified contact. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgContactId + +Specifies the ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraContact](Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactThumbnailPhoto.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactThumbnailPhoto.md new file mode 100644 index 0000000000..cf20aa5742 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContactThumbnailPhoto.md @@ -0,0 +1,150 @@ +--- +title: Get-EntraContactThumbnailPhoto +description: This article provides details on the Get-EntraContactThumbnailPhoto command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContactThumbnailPhoto + +schema: 2.0.0 +--- + +# Get-EntraContactThumbnailPhoto + +## Synopsis + +Retrieves the thumbnail photo of a contact. + +## Syntax + +```powershell +Get-EntraContactThumbnailPhoto + -ObjectId + [-FilePath ] + [-FileName ] + [-View ] + [] +``` + +## Description + +Retrieves the thumbnail photo of a contact. + +## Examples + +### Example 1: Get the memberships of a contact + +```powershell +Connect-Entra -Scopes 'Contacts.Read' +Get-EntraContactThumbnailPhoto -ObjectId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```output +Tag : +PhysicalDimension : {Width=279, Height=390} +Size : {Width=279, Height=390} +Width : 279 +Height : 390 +HorizontalResolution : 96 +VerticalResolution : 96 +Flags : 77840 +RawFormat : [ImageFormat: aaaa0000-bb11-2222-33cc-444444dddddd] +PixelFormat : Format24bppRgb +Palette : System.Drawing.Imaging.ColorPalette +FrameDimensionsList : {eeee4444-ff55-6666-77aa-888888bbbbbb} +PropertyIdList : {274, 305, 306, 36867...} +PropertyItems : {274, 305, 306, 36867...} +``` + +This example retrieves the thumbnail photo of the contact object specified with the object ID parameter. + +## Parameters + +### -FileName + +When provided, the cmdlet writes a copy of the thumbnail photo to this filename. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FilePath + +When provided, the cmdlet writes a copy of the thumbnail photo to this file path using a random filename. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +The object ID of the contact for which the thumbnail photo is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -View + +If this parameter value is set to $True, display the retrieved thumbnail photo in a new window. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Boolean + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContract.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContract.md new file mode 100644 index 0000000000..650a446db7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraContract.md @@ -0,0 +1,192 @@ +--- +title: Get-EntraContract +description: This article provides details on the Get-EntraContract command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraContract + +schema: 2.0.0 +--- + +# Get-EntraContract + +## Synopsis + +Gets a contract. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraContract + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraContract + -ContractId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraContract` cmdlet gets a contract information associated to a partner tenant. + +In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user + +## Examples + +### Example 1: Get all contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraContract +``` + +This command gets all contracts in the Microsoft Entra ID. + +### Example 2: Get top two contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraContract -Top 2 +``` + +This command gets top two contracts in the Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ContractId + +Specifies the ID of a contract. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +The contract object contains the following attributes: + +`contractType` - type of the contract. + +Possible values are: + +**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. +**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +`customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. + +`deletionTimestamp` - this property isn't valid for contracts and always returns null. + +`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. + +`objectType` - a string that identifies the object type. The value is always `Contract`. + +`ContractId` - the unique identifier for the partnership. + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..aca48c56e7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.md @@ -0,0 +1,142 @@ +--- +title: Get-EntraCustomSecurityAttributeDefinition +description: This article provides details on the Get-EntraCustomSecurityAttributeDefinition command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraCustomSecurityAttributeDefinition +schema: 2.0.0 +--- + +# Get-EntraCustomSecurityAttributeDefinition + +## Synopsis + +Gets a list of custom security attribute definitions. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraCustomSecurityAttributeDefinition + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraCustomSecurityAttributeDefinition + -Id + [-Property ] + [] +``` + +## Description + +Gets a list of Microsoft Entra ID custom security attribute definitions. Specify `Id` parameter to get a list of custom security attribute definitions. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following privileged roles are supported for this operation: + +- Attribute Assignment Reader +- Attribute Definition Reader +- Attribute Assignment Administrator +- Attribute Definition Administrator + +## Examples + +### Example 1: Get a list of all custom security attribute definitions + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All, CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraCustomSecurityAttributeDefinition +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Engineering_newvalue Engineering New Eng Value True True NewValue Available String False +Engineering_ProjectDate Engineering Target completion date False True ProjectDate Available String False +``` + +This example returns all custom security attribute definitions. + +### Example 2: Get a specific custom security attribute definition + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All, CustomSecAttributeDefinition.ReadWrite.All' +Get-EntraCustomSecurityAttributeDefinition -Id 'Engineering_ProjectDate' +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Engineering_ProjectDate Engineering Target completion date False True ProjectDate Available String False +``` + + This example returns a specific custom security attribute definition. + +- `Id` parameter specifies the custom security attribute definition object ID. + +## Parameters + +### -Id + +The unique identifier of a Microsoft Entra ID custom security attribute definition object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraCustomSecurityAttributeDefinition](New-EntraCustomSecurityAttributeDefinition.md) + +[Set-EntraCustomSecurityAttributeDefinition](Set-EntraCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..84798ce283 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,187 @@ +--- +title: Get-EntraCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Get-EntraCustomSecurityAttributeDefinitionAllowedValue command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue +schema: 2.0.0 +--- + +# Get-EntraCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Gets the predefined value for a custom security attribute definition. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + [-Filter ] + [] +``` + +### GetById + +```powershell +Get-EntraCustomSecurityAttributeDefinitionAllowedValue + -CustomSecurityAttributeDefinitionId + -Id + [] +``` + +## Description + +The `Get-EntraCustomSecurityAttributeDefinitionAllowedValue` cmdley gets the predefined value for a Microsoft Entra ID custom security attribute definition. Specify `CustomSecurityAttributeDefinitionId` parameter to get the predefined value custom security attribute definition. + +The signed-in user must be assigned one of the following directory roles: + +- Attribute Definition Reader +- Attribute Definition Administrator + +## Examples + +### Example 1: Get all predefined values + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraCustomSecurityAttributeDefinition -Id '' +Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId $CustomSecurityAttributeDefinition.Id +``` + +```Output +Id IsActive +-- -------- +Apline True +``` + +This example retrieves an all predefined values. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. + +### Example 2: Get predefined value with ID parameter + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraCustomSecurityAttributeDefinition -Id '' +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinition.Id + Id = 'Alpine' +} +Get-EntraCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output +id isActive +-- -------- +Apline True +``` + +This example retrieves a specific predefined value. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. +- `-Id` parameter specifies the ID of Microsoft Entra ID Object. + +### Example 3: Get predefined value with Filter parameter + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$CustomSecurityAttributeDefinition = Get-EntraCustomSecurityAttributeDefinition -Id '' +$params = @{ + CustomSecurityAttributeDefinitionId = $CustomSecurityAttributeDefinition.Id + Filter = "Id eq 'Apline'" +} +Get-EntraCustomSecurityAttributeDefinitionAllowedValue @params +``` + +```Output +id isActive +-- -------- +Apline True +``` + +This example Get a predefined value with Filter. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. You can use `Get-EntraBetaCustomSecurityAttributeDefinition` to get this value. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier of a custom security attribute definition in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Filter items by property values. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for the predefined value, which can be up to 64 characters long and include Unicode characters. Spaces are allowed, but some special characters are not. This identifier is case sensitive, cannot be changed later, and is required. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Add-EntraCustomSecurityAttributeDefinitionAllowedValue](Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md) + +[Set-EntraCustomSecurityAttributeDefinitionAllowedValue](Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeletedDirectoryObject.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeletedDirectoryObject.md new file mode 100644 index 0000000000..16978c4e81 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeletedDirectoryObject.md @@ -0,0 +1,122 @@ +--- +title: Get-EntraDeletedDirectoryObject +description: This article provides details on the Get-EntraDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Get-EntraDeletedDirectoryObject + +## Synopsis + +Retrieves a soft deleted directory object from the directory. + +## Syntax + +```powershell +Get-EntraDeletedDirectoryObject + -DirectoryObjectId + [-Property ] + [] +``` + +## Description + +The `Get-EntraDeletedDirectoryObject` cmdlet retrieves a soft deleted directory object from the directory. +Note that soft delete for groups is currently only implemented for Unified Groups (also known as +Office 365 Groups). + +## Examples + +### Example 1: Retrieve a deleted directory object. + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All', 'Application.Read.All','Group.Read.All','User.Read.All' +Get-EntraDeletedDirectoryObject -DirectoryObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 2/2/2024 5:33:56 AM +``` + +This example shows how to retrieve the deleted directory object from the directory. + +- `-DirectoryObjectId` parameter specifies the Id of the directory object to retrieve. + +### Example 2: Retrieve a deleted directory object with more details. + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All', 'Application.Read.All','Group.Read.All','User.Read.All' +Get-EntraDeletedDirectoryObject -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' | Format-Table -Property Id, displayName, '@odata.type' -AutoSize +``` + +```Output +Id displayName @odata.type +-- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Entra PowerShell App #microsoft.graph.application +``` + +This example shows how to retrieve the deleted directory object details from the directory. + +- `-Id` parameter specifies the Id of the directory object to retrieve. + +## Parameters + +### -DirectoryObjectId + +The Id of the directory object to retrieve. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDevice.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDevice.md new file mode 100644 index 0000000000..328ba69297 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDevice.md @@ -0,0 +1,271 @@ +--- +title: Get-EntraDevice +description: This article provides details on the Get-EntraDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDevice + +schema: 2.0.0 +--- + +# Get-EntraDevice + +## Synopsis + +Gets a device from Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDevice + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraDevice + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDevice + -DeviceId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDevice` cmdlet gets a device from Microsoft Entra ID. Specify the `DeviceId` parameter to get a specific device. + +## Examples + +### Example 1: Get a device by ID + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice -DeviceId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example shows how to retrieve a device using its ID. + +### Example 2: Get all devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData + cccccccc-2222-3333-4444-dddddddddddd True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example demonstrates how to retrieve all devices from Microsoft Entra ID. + +### Example 3: Get top two devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice -Top 2 +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData + cccccccc-2222-3333-4444-dddddddddddd True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example demonstrates how to retrieve top two devices from Microsoft Entra ID. + +### Example 4: Get a device by display name + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice -Filter "DisplayName eq 'Woodgrove Desktop'" +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example demonstrates how to retrieve device using the display name. + +### Example 5: Get a device using display name + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice -Filter "startsWith(DisplayName,'Woodgrove')" +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example demonstrates how to retrieve all the devices whose display name starts with the word `Woodgrove`. + +### Example 6: Search among retrieved devices + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDevice -SearchString 'DESKTOP' +``` + +```Output +DeletedDateTime Id AccountEnabled ApproximateLastSignInDateTime ComplianceExpirationDateTime DeviceCategory DeviceId DeviceMetadata DeviceOwnership +--------------- -- -------------- ----------------------------- ---------------------------- -------------- -------- -------------- --------------- + bbbbbbbb-1111-2222-3333-cccccccccccc True eeeeeeee-4444-5555-6666-ffffffffffff MetaData +``` + +This example shows how to retrieve devices containing the word 'DESKTOP.' + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies the OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraDevice](New-EntraDevice.md) + +[Remove-EntraDevice](Remove-EntraDevice.md) + +[Set-EntraDevice](Set-EntraDevice.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredOwner.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredOwner.md new file mode 100644 index 0000000000..1ae57ba1cb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredOwner.md @@ -0,0 +1,196 @@ +--- +title: Get-EntraDeviceRegisteredOwner +description: This article provides details on the Get-EntraDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Get-EntraDeviceRegisteredOwner + +## Synopsis + +Gets the registered owner of a device. + +## Syntax + +```powershell +Get-EntraDeviceRegisteredOwner + -DeviceId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDeviceRegisteredOwner` cmdlet gets the registered owner of a device in Microsoft Entra ID. Specify `DeviceId` parameter gets the registered owner of a device. + +## Examples + +### Example 1: Retrieve the registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +$DevId = (Get-EntraDevice -Top 1).ObjectId +Get-EntraDeviceRegisteredOwner -DeviceId $DevId +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example shows how to find the registered owner of a device.. + +- `-DeviceId` parameter specifies the device's ID. + +### Example 2: Retrieve the registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDeviceRegisteredOwner -DeviceId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +cccccccc-2222-3333-4444-dddddddddddd +``` + +This command gets the registered owner of a device. + +- `-DeviceId` parameter specifies the device's ID + +### Example 3: Retrieve all the registered owners of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDeviceRegisteredOwner -DeviceId 'bbbbbbbb-1111-2222-3333-cccccccccccc' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +cccccccc-2222-3333-4444-dddddddddddd +``` + +This command retrieves all the registered owners of a device. + +- `-DeviceId` parameter specifies the device's ID. + +### Example 4: Retrieve top one registered owner of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDeviceRegisteredOwner -DeviceId 'bbbbbbbb-1111-2222-3333-cccccccccccc' -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command retrieves all the registered owners of a device. + +- `-DeviceId` parameter specifies the device's ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDeviceRegisteredOwner](Add-EntraDeviceRegisteredOwner.md) + +[Get-EntraDevice](Get-EntraDevice.md) + +[Remove-EntraDeviceRegisteredOwner](Remove-EntraDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredUser.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredUser.md new file mode 100644 index 0000000000..a3a919fbd6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDeviceRegisteredUser.md @@ -0,0 +1,180 @@ +--- +title: Get-EntraDeviceRegisteredUser +description: This article provides details on the Get-EntraDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Get-EntraDeviceRegisteredUser + +## Synopsis + +Retrieve a list of users that are registered users of the device. + +## Syntax + +```powershell +Get-EntraDeviceRegisteredUser + -DeviceId + [-All ] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDeviceRegisteredUser` cmdlet gets a registered user for a Microsoft Entra ID device. Specify `DeviceId` parameter to get a registered user for a Microsoft Entra ID device. + +## Examples + +### Example 1: Retrieve the registered user of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +$DevId = (Get-EntraDevice -Top 1).ObjectId +Get-EntraDeviceRegisteredUser -DeviceId $DevId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +``` + +This example demonstrates how to retrieve registered user for a specific Microsoft Entra ID device. + +### Example 2: Get all registered users of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDeviceRegisteredUser -DeviceId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +``` + +This example demonstrates how to retrieve all registered users for a specified device. + +- `-DeviceId` parameter specifies an object ID of a device, which you want to retrieve. + +### Example 3: Get top two registered users of a device + +```powershell +Connect-Entra -Scopes 'Device.Read.All' +Get-EntraDeviceRegisteredUser -DeviceId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to retrieve top two registered users for the specified device. + +- `-DeviceId` parameter specifies an object ID of a device, which you want to retrieve. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies an object ID of a device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDeviceRegisteredUser](Add-EntraDeviceRegisteredUser.md) + +[Remove-EntraDeviceRegisteredUser](Remove-EntraDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncConfiguration.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncConfiguration.md new file mode 100644 index 0000000000..e8de7e8c9e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncConfiguration.md @@ -0,0 +1,107 @@ +--- +title: Get-EntraDirSyncConfiguration +description: This article provides details on the Get-EntraDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirSyncConfiguration + +schema: 2.0.0 +--- + +# Get-EntraDirSyncConfiguration + +## Synopsis + +Gets the directory synchronization settings. + +## Syntax + +```powershell +Get-EntraDirSyncConfiguration + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraDirSyncConfiguration` cmdlet gets the directory synchronization settings. See [configuration settings](https://learn.microsoft.com/graph/api/resources/onpremisesaccidentaldeletionprevention#properties) details. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Get directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraDirSyncConfiguration +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings. + +### Example 2: Get directory synchronization settings by TenantId + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$tenant = Get-EntraTenantDetail +Get-EntraDirSyncConfiguration -TenantId $tenant.Id +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings by TenantId. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links + +[Set-EntraDirSyncConfiguration](Set-EntraDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncFeature.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncFeature.md new file mode 100644 index 0000000000..012f5b9672 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirSyncFeature.md @@ -0,0 +1,153 @@ +--- +title: Get-EntraDirSyncFeature +description: This article provides details on the Get-EntraDirSyncFeature command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirSyncFeature + +schema: 2.0.0 +--- + +# Get-EntraDirSyncFeature + +## Synopsis + +Checks the status of directory synchronization features for a tenant. + +## Syntax + +```powershell +Get-EntraDirSyncFeature + [-TenantId ] + [-Feature ] + [] +``` + +## Description + +The `Get-EntraDirSyncFeature` cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +Some of the features that can be used with this cmdlet include: + +- **DeviceWriteback** +- **DirectoryExtensions** +- **DuplicateProxyAddressResiliency** +- **DuplicateUPNResiliency** +- **EnableSoftMatchOnUpn** +- **PasswordSync** +- **SynchronizeUpnForManagedUsers** +- **UnifiedGroupWriteback** +- **UserWriteback** + +To view all supported features, see the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). + +## Examples + +### Example 1: Return a list of all directory synchronization features + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraDirSyncFeature +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False BlockCloudObjectTakeoverThroughHardMatch + False BlockSoftMatch + False BypassDirSyncOverrides + False CloudPasswordPolicyForPasswordSyncedUsers + False ConcurrentCredentialUpdate + True ConcurrentOrgIdProvisioning + False DeviceWriteback + False DirectoryExtensions + False FopeConflictResolution + False GroupWriteBack + False PasswordSync + False PasswordWriteback + True QuarantineUponProxyAddressesConflict + True QuarantineUponUpnConflict + True SoftMatchOnUpn + True SynchronizeUpnForManagedUsers + False UnifiedGroupWriteback + False UserForcePasswordChangeOnLogon + False UserWriteback +``` + +This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). + +### Example 2: Return the PasswordSync feature status + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraDirSyncFeature -Feature 'PasswordSync' +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False PasswordSync +``` + +This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. + +- `-Feature` specifies the directory synchronization feature to check the status of. + +## Parameters + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Feature + +The directory sync feature to check. See the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraDirSyncFeature](Set-EntraDirSyncFeature.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.md new file mode 100644 index 0000000000..f629f058ec --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.md @@ -0,0 +1,104 @@ +--- +title: Get-EntraDirectoryObjectOnPremisesProvisioningError +description: This article provides details on the Get-EntraDirectoryObjectOnPremisesProvisioningError command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError + +schema: 2.0.0 +--- + +# Get-EntraDirectoryObjectOnPremisesProvisioningError + +## Synopsis + +Returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +## Syntax + +```powershell +Get-EntraDirectoryObjectOnPremisesProvisioningError + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraDirectoryObjectOnPremisesProvisioningError` returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +## Examples + +### Example 1: Return whether Microsoft Entra ID has objects with DirSync provisioning error + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Directory.Read.All', 'Group.Read.All', 'Contacts.Read' + +Get-EntraDirectoryObjectOnPremisesProvisioningError +``` + +```Output +False +``` + +This command returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +### Example 2: Return whether Microsoft Entra ID has objects with DirSync provisioning error + +```powershell +Connect-Entra -Scopes 'User.Read.All', 'Directory.Read.All', 'Group.Read.All', 'Contacts.Read' + +Get-EntraDirectoryObjectOnPremisesProvisioningError -TenantId '0000aaaa-11bb-cccc-dd22-eeeeee333333' +``` + +```Output +False +``` + +This command returns whether Microsoft Entra ID has objects with DirSync provisioning error. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. + +If this isn't provided then the value defaults to the tenant of the current user. + +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRole.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRole.md new file mode 100644 index 0000000000..6e0594cd2e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRole.md @@ -0,0 +1,181 @@ +--- +title: Get-EntraDirectoryRole +description: This article provides details on the Get-EntraDirectoryRole command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryRole + +schema: 2.0.0 +--- + +# Get-EntraDirectoryRole + +## Synopsis + +Gets a directory role. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDirectoryRole + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDirectoryRole + -DirectoryRoleId + [-Property ] + [] +``` + +## Description + +The `Get-EntraDirectoryRole` cmdlet gets a directory role from Microsoft Entra ID. Specify `ObjectId` parameter to get a directory role. + +## Examples + +### Example 1: Get a directory role by ID + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRole -DirectoryRoleId '019ea7a2-1613-47c9-81cb-20ba35b1ae48' +``` + +```Output +ObjectId DisplayName Description +-------- ----------- ----------- +019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope. +``` + +This command gets the specified directory role. + +- `-ObjectId` parameter specifies the ID of a directory role in Microsoft Entra ID. + +### Example 2: Get all directory roles + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRole +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Perform all migration functionality to migrate content to Microsoft 365 usin... + aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb Can manage all aspects of users and groups, including resetting passwords fo... + bbbbbbbb-7777-8888-9999-cccccccccccc Can read basic directory information. Commonly used to grant directory read ... + cccccccc-8888-9999-0000-dddddddddddd Can read and write basic directory information. For granting access to appli... +``` + +This command gets all the directory roles. + +### Example 3: Get a directory role filter by ObjectId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRole -Filter "ObjectId eq '019ea7a2-1613-47c9-81cb-20ba35b1ae48'" +``` + +```Output +ObjectId DisplayName Description +-------- ----------- ----------- +019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope. +``` + +This command gets the directory role by ObjectId. + +- `-ObjectId` parameter specifies the ID of a directory role in Microsoft Entra ID. + +### Example 4: Get a directory role filter by displayName + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRole -Filter "displayName eq 'Helpdesk Administrator'" +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 56644e28-bf8b-4dad-8595-24448ffa3cb8 Perform all migration functionality to migrate content to Microsoft 365 usin... +``` + +This command gets the directory role by display name. + +## Parameters + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Enable-EntraDirectoryRole](Enable-EntraDirectoryRole.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleMember.md new file mode 100644 index 0000000000..88cda43dc2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleMember.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraDirectoryRoleMember +description: This article provides details on the Get-EntraDirectoryRoleMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryRoleMember + +schema: 2.0.0 +--- + +# Get-EntraDirectoryRoleMember + +## Synopsis + +Gets members of a directory role. + +## Syntax + +```powershell +Get-EntraDirectoryRoleMember + -DirectoryRoleId + [-Property ] + [] +``` + +## Description + +The `Get-EntraDirectoryRoleMember` cmdlet retrieves the members of a directory role in Microsoft Entra ID. To obtain the members of a specific directory role, specify the `DirectoryRoleId`. Use the `Get-EntraDirectoryRole` cmdlet to get the `DirectoryRoleId` value. + +## Examples + +### Example 1: Get members by role ID + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRoleMember -DirectoryRoleId '1d73e796-aac5-4b3a-b7e7-74a3d1926a85' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This example retrieves the members of the specified role. + +- `-DirectoryRoleId` parameter specifies directory role ID. + +## Parameters + +### -DirectoryRoleId + +Specifies the ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDirectoryRoleMember](Add-EntraDirectoryRoleMember.md) + +[Remove-EntraDirectoryRoleMember](Remove-EntraDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleTemplate.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleTemplate.md new file mode 100644 index 0000000000..4560db21cc --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDirectoryRoleTemplate.md @@ -0,0 +1,101 @@ +--- +title: Get-EntraDirectoryRoleTemplate +description: This article provides details on the Get-EntraDirectoryRoleTemplate command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryRoleTemplate + +schema: 2.0.0 +--- + +# Get-EntraDirectoryRoleTemplate + +## Synopsis + +Gets directory role templates. + +## Syntax + +```powershell +Get-EntraDirectoryRoleTemplate + [-Property ] + [] +``` + +## Description + +The `Get-EntraDirectoryRoleTemplate` cmdlet gets directory role templates in Microsoft Entra ID. + +## Examples + +### Example 1: Get role templates + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRoleTemplate +``` + +```Output +DeletedDateTime Id Description +--------------- -- ----------- + 62e90394-69f5-4237-9190-012177145e10 Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities. + 10dae51f-b6af-4016-8d66-8c2a99b929b3 Default role for guest users. Can read a limited set of directory information. + 2af84b1e-32c8-42b7-82bc-daa82404023b Default role for guest users with restricted access. Can read a limited set of directory information. + 95e79109-95c0-4d8e-aee3-d01accf2d47b Can invite guest users independent of the 'members can invite guests' setting. + fe930be7-5e62-47db-91af-98c3a49a38b1 Can manage all aspects of users and groups, including resetting passwords for limited admins. +``` + +This example retrieves the role templates in Microsoft Entra ID. + +### Example 2: Get a specific role template + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +Get-EntraDirectoryRoleTemplate | Where-Object {$_.DisplayName -eq 'Helpdesk Administrator'} +``` + +```Output +DeletedDateTime Id Description DisplayName +--------------- -- ----------- ----------- + 729827e3-9c14-49f7-bb1b-9608f156bbb8 Can reset passwords for non-administrators and Helpdesk Administrators. Helpdesk Administrator +``` + +This example retrieves a Helpdesk role template. + +## Parameters + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomain.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomain.md new file mode 100644 index 0000000000..3b4c0b5d86 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomain.md @@ -0,0 +1,147 @@ +--- +title: Get-EntraDomain +description: This article provides details on the Get-EntraDomain command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDomain + +schema: 2.0.0 +--- + +# Get-EntraDomain + +## Synopsis + +Gets a domain. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDomain + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDomain + -Name + [-Property ] + [] +``` + +## Description + +The `Get-EntraDomain` cmdlet gets a domain in Microsoft Entra ID. + +The work or school account must be assigned to at least one of the following Microsoft Entra roles: + +- User Administrator +- Helpdesk Administrator +- Service Support Administrator +- Directory Readers +- AdHoc License Administrator +- Application Administrator +- Security Reader +- Security Administrator +- Privileged Role Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Get a list of Domains that are created + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomain +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +test33.com Managed True False False False False 15 +test44.com Managed True False False False False 17 +``` + +This command retrieves a list of domains. + +### Example 2: Get a specific Domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomain -Name TEST22.com +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified PasswordNotificationWindowInDays +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- -------------------------------- +test22.com Managed True False False False False 13 +``` + +This command retrieves a domain with the specified name. + +## Parameters + +### -Name + +Specifies the name of a domain. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraDomain](Confirm-EntraDomain.md) + +[New-EntraDomain](New-EntraDomain.md) + +[Remove-EntraDomain](Remove-EntraDomain.md) + +[Set-EntraDomain](Set-EntraDomain.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainFederationSettings.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainFederationSettings.md new file mode 100644 index 0000000000..06fc4878cb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainFederationSettings.md @@ -0,0 +1,129 @@ +--- +title: Get-EntraDomainFederationSettings +description: This article provides details on the Get-EntraDomainFederationSettings command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDomainFederationSettings + +schema: 2.0.0 +--- + +# Get-EntraDomainFederationSettings + +## Synopsis + +Retrieves settings for a federated domain. + +## Syntax + +```powershell +Get-EntraDomainFederationSettings + -DomainName + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraDomainFederationSettings` cmdlet gets key settings from Microsoft Entra ID. + +Use the `Get-EntraFederationProperty` cmdlet to get settings for both Microsoft Entra ID and the Entra ID Federation Services server. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Global Reader +- Security Reader +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Get federation settings for specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomainFederationSettings -DomainName 'contoso.com' +``` + +This command gets federation settings for specified domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. + +## Parameters + +### -DomainName + +The fully qualified domain name to retrieve. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this isn't provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DomainFederationSettings + +### This cmdlet returns the following settings + +### ActiveLogOnUri + +### FederationBrandName + +### IssuerUri + +### LogOffUri + +### MetadataExchangeUri + +### NextSigningCertificate + +### PassiveLogOnUri + +### SigningCertificate + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainNameReference.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainNameReference.md new file mode 100644 index 0000000000..558e7a9ded --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainNameReference.md @@ -0,0 +1,113 @@ +--- +title: Get-EntraDomainNameReference +description: This article provides details on the Get-EntraDomainNameReference command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDomainNameReference + +schema: 2.0.0 +--- + +# Get-EntraDomainNameReference + +## Synopsis + +Retrieves the objects that are referenced by a given domain name. + +## Syntax + +```powershell +Get-EntraDomainNameReference + -Name + [-Property ] + [] +``` + +## Description + +The `Get-EntraDomainNameReference` cmdlet retrieves the objects that are referenced with a given domain name. Specify `Name` parameter retrieve the objects. + +The work or school account needs to belong to at least the Domain Name Administrator or Global Reader Microsoft Entra role. + +## Examples + +### Example 1: Retrieve the domain name reference objects for a domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomainNameReference -Name contoso.com +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +hhhhhhhh-5555-6666-7777-iiiiiiiiiiii +``` + +This example shows how to retrieve the domain name reference objects for a domain that is specified through the -Name parameter. + +- `-Name` parameter specifies the name of the domain name for which the referenced objects are retrieved. + +## Parameters + +### -Name + +The name of the domain name for which the referenced objects are retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.md new file mode 100644 index 0000000000..098852cab7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.md @@ -0,0 +1,112 @@ +--- +title: Get-EntraDomainServiceConfigurationRecord +description: This article provides details on the Get-EntraDomainServiceConfigurationRecord command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDomainServiceConfigurationRecord + +schema: 2.0.0 +--- + +# Get-EntraDomainServiceConfigurationRecord + +## Synopsis + +Gets the domain's service configuration records from the `serviceConfigurationRecords` navigation property. + +## Syntax + +```powershell +Get-EntraDomainServiceConfigurationRecord + -Name + [-Property ] + [] +``` + +## Description + +Gets the domain's service configuration records from the `serviceConfigurationRecords` navigation property. + +After you have successfully verified the ownership of a domain and you have indicated what services you plan to use with the domain, you can request Microsoft Entra ID to return you a set of DNS records which you need to add to the zone file of the domain so that the services can work properly with your domain. + +## Examples + +### Example 1: Retrieve domain service configuration records by Name + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomainServiceConfigurationRecord -Name 'test.mail.contoso.com' +``` + +```Output +Id IsOptional Label RecordType SupportedService Ttl +-- ---------- ----- ---------- ---------------- --- +aaaa0000-bb11-2222-33cc-444444dddddd False test.mail.contoso.com Mx Email 3600 +bbbb1111-cc22-3333-44dd-555555eeeeee False test.mail.contoso.com Txt Email 3600 +cccc2222-dd33-4444-55ee-666666ffffff False autodiscover.test.mail.contoso.com CName Email 3600 +dddd3333-ee44-5555-66ff-777777aaaaaa False msoid.test.mail.contoso.com CName OrgIdAuthentication 3600 +eeee4444-ff55-6666-77aa-888888bbbbbb False enterpriseregistration.test.mail.contoso.com CName Intune 3600 +ffff5555-aa66-7777-88bb-999999cccccc False enterpriseenrollment.test.mail.contoso.com CName Intune 3600 +``` + +This example shows how to retrieve the Domain service configuration records for a domain with the given name. + +- `-Name` parameter specifies domain name for which the domain service configuration records are to be retrieved. + +## Parameters + +### -Name + +The name of the domain for which the domain service configuration records are to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.md new file mode 100644 index 0000000000..e7a389c356 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.md @@ -0,0 +1,112 @@ +--- +title: Get-EntraDomainVerificationDnsRecord +description: This article provides details on the Get-EntraDomainVerificationDnsRecord command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDomainVerificationDnsRecord + +schema: 2.0.0 +--- + +# Get-EntraDomainVerificationDnsRecord + +## Synopsis + +Retrieve the domain verification DNS record for a domain. + +## Syntax + +```powershell +Get-EntraDomainVerificationDnsRecord + -Name + [-Property ] + [] +``` + +## Description + +Gets the domain's verification records from the `verificationDnsRecords` navigation property. + +You can't use the domain with your Microsoft Entra ID tenant until you have successfully verified that you own the domain. + +To verify the ownership of the domain, you need to first retrieve a set of domain verification records that you need to add to the zone file of the domain. This can be done through the domain registrar or DNS server configuration. + +Root domains require verification. For example, contoso.com requires verification. If a root domain is verified, subdomains of the root domain are automatically verified. For example, subdomain.contoso.com is automatically be verified if contoso.com has been verified. + +The work or school account needs to belong to at least the Domain Name Administrator or Global Reader Microsoft Entra role. + +## Examples + +### Example 1: Retrieve the domain verification DNS record + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraDomainVerificationDnsRecord -Name mail.contoso.com +``` + +```Output +Id IsOptional Label RecordType SupportedService Ttl +-- ---------- ----- ---------- ---------------- --- +aaaa0000-bb11-2222-33cc-444444dddddd False mail.contoso.com Txt Email 3600 +bbbb1111-cc22-3333-44dd-555555eeeeee False mail.contoso.com Mx Email 3600 +``` + +This example shows how to retrieve the Domain verification DNS records for a domain with the given name. + +## Parameters + +### -Name + +The domain name for which the domain verification Domain Name System (DNS) records are to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraExtensionProperty.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraExtensionProperty.md new file mode 100644 index 0000000000..8e08027eca --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraExtensionProperty.md @@ -0,0 +1,97 @@ +--- +title: Get-EntraExtensionProperty +description: This article provides details on the Get-EntraExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraExtensionProperty + +schema: 2.0.0 +--- + +# Get-EntraExtensionProperty + +## Synopsis + +Gets extension properties registered with Microsoft Entra ID. + +## Syntax + +```powershell +Get-EntraExtensionProperty + [-IsSyncedFromOnPremises ] + [] +``` + +## Description + +The Get-EntraExtensionProperty cmdlet gets a collection that contains the extension properties registered with Microsoft Entra ID through Microsoft Entra ID Connect. + +You can get extension properties that are synced with on-premises Microsoft Entra ID that aren't synced with on-premises Microsoft Entra ID or both types. + +This command returns all directory extension definitions registered in a directory, including those from multitenant apps. The following entities support extension properties: + +- User +- Group +- AdministrativeUnit +- Application +- Device +- Organization + +## Examples + +### Example 1: Get extension properties synced from on-premises Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraExtensionProperty -IsSyncedFromOnPremises $True +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ------------- ---------------------- ---- ------------- + aaaabbbb-0000-cccc-1111-dddd2222eeee Tenant Schema Extension App String False True extension_aaaabbbb-0000-cccc-1111-dddd2222eeee_extensionAttribute1 {User} +``` + +This command gets extension properties that have sync from on-premises Microsoft Entra ID. + +## Parameters + +### -IsSyncedFromOnPremises + +Specifies whether this cmdlet gets extension properties that are synced or not synced. + +- `$True` - get extension properties that are synced from the on-premises Microsoft Entra ID. +- `$False` - get extension properties that aren't synced from the on-premises Microsoft Entra ID. +- `No value` - get all extension properties (both synced and nonsynced). + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraFederationProperty.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraFederationProperty.md new file mode 100644 index 0000000000..ea63f66690 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraFederationProperty.md @@ -0,0 +1,90 @@ +--- +title: Get-EntraFederationProperty +description: This article provides details on the Get-EntraFederationProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraFederationProperty + +schema: 2.0.0 +--- + +# Get-EntraFederationProperty + +## Synopsis + +Displays the properties of the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +## Syntax + +```powershell +Get-EntraFederationProperty + -DomainName + [] +``` + +## Description + +The `Get-EntraFederationProperty` cmdlet gets key settings from both the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +You can use this information to troubleshoot authentication problems caused by mismatched settings between the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Global Reader +- Security Reader +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Display properties for specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraFederationProperty -DomainName contoso.com +``` + +This command displays properties for specified domain. + +- `-DomainName` Specifies the domain name. + +## Parameters + +### -DomainName + +The domain name for which the properties from both the Microsoft Entra ID Federation Services 2.0 server and Microsoft Online are displayed. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraObjectByObjectId.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraObjectByObjectId.md new file mode 100644 index 0000000000..6410e8f9d1 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraObjectByObjectId.md @@ -0,0 +1,142 @@ +--- +title: Get-EntraObjectByObjectId +description: This article provides details on the Get-EntraObjectByObjectId command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraObjectByObjectId + +schema: 2.0.0 +--- + +# Get-EntraObjectByObjectId + +## Synopsis + +Retrieves the objects specified by the ObjectIds parameter. + +## Syntax + +```powershell +Get-EntraObjectByObjectId + -ObjectIds + [-Types ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraObjectByObjectId` cmdlet retrieves the objects specified by the ObjectIds parameter. + +## Examples + +### Example 1: Get an object One or more object IDs + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraObjectByObjectId -ObjectIds 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' , 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve objects for a specified object Ids. + +- `ObjectIds` parameter specifies the One or more object IDs. + +### Example 2: Get an object by types + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraObjectByObjectId -ObjectIds 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -Types User +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to retrieve objects for a specified object type. + +- `-ObjectIds` parameter specifies the One or more object IDs. +- `-Types` parameter specifies the type of object ID. + +## Parameters + +### -ObjectIds + +One or more object IDs's, separated by commas, for which the objects are retrieved. The IDs are GUIDs, represented as strings. You can specify up to 1,000 IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Types + +Specifies the type of objects that the cmdlet returns. If not specified, the default is directoryObject, which includes all resource types defined in the directory. You can specify any object derived from directoryObject in the collection, such as user, group, and device objects. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPartnerInformation.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPartnerInformation.md new file mode 100644 index 0000000000..3358296f0c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPartnerInformation.md @@ -0,0 +1,135 @@ +--- +title: Get-EntraPartnerInformation +description: This article provides details on the Get-EntraPartnerInformation command. + +ms.topic: reference +ms.date: 09/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraPartnerInformation + +schema: 2.0.0 +--- + +# Get-EntraPartnerInformation + +## Synopsis + +Retrieves company-level information for partners. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraPartnerInformation + [] +``` + +### GetById + +```powershell +Get-EntraPartnerInformation + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraPartnerInformation` cmdlet is used to retrieve partner-specific information. +This cmdlet should only be used for partner tenants. + +## Examples + +### Example 1: Retrieve partner information + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraPartnerInformation +``` + +```Output +PartnerCompanyName : Contoso +companyType : +PartnerSupportTelephones : {12123, +1911} +PartnerSupportEmails : {} +PartnerHelpUrl : http://www.help.contoso.com +PartnerCommerceUrl : +ObjectID : bbbbbbbb-1111-2222-3333-cccccccccccc +PartnerSupportUrl : +``` + +This command retrieves partner-specific information. + +### Example 2: Retrieve partner information with specific TenantId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +$tenantId = (Get-EntraContext).TenantId +Get-EntraPartnerInformation -TenantId $tenantId +``` + +```Output +PartnerCompanyName : Contoso +companyType : +PartnerSupportTelephones : {12123, +1911} +PartnerSupportEmails : {} +PartnerHelpUrl : http://www.help.contoso.com +PartnerCommerceUrl : +ObjectID : bbbbbbbb-1111-2222-3333-cccccccccccc +PartnerSupportUrl : +``` + +This command retrieves partner-specific information. + +`-TenantId` Parameter specifies unique ID of the tenant to perform the operation on. + +## Parameters + +### -TenantId + +The unique ID of the tenant to perform the operation on. +If this is not provided, then the value will default to the tenant of the current user. +This parameter is only applicable to partner users. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Company level information outputs + +- CompanyType: The type of this company (can be partner or regular tenant) +- DapEnabled: Flag to determine if the partner has delegated admin privileges +- PartnerCompanyName: The name of the company +- PartnerSupportTelephones: Support Telephone numbers for the partner +- PartnerSupportEmails: Support E-Mail address for the partner +- PartnerCommerceUrl: URL for the partner's commerce web site +- PartnerSupportUrl: URL for the Partner's support website +- PartnerHelpUrl: URL for the partner's help web site + +## Notes + +## Related Links + +[Set-EntraPartnerInformation](Set-EntraPartnerInformation.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPasswordPolicy.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPasswordPolicy.md new file mode 100644 index 0000000000..60aa59307b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraPasswordPolicy.md @@ -0,0 +1,101 @@ +--- +title: Get-EntraPasswordPolicy +description: This article provides details on the Get-EntraPasswordPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraPasswordPolicy + +schema: 2.0.0 +--- + +# Get-EntraPasswordPolicy + +## Synopsis + +Retrieves the current password policy for the tenant or the specified domain. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraPasswordPolicy + [] +``` + +### GetById + +```powershell +Get-EntraPasswordPolicy + -DomainName + [] +``` + +## Description + +The `Get-EntraPasswordPolicy` cmdlet can be used to retrieve the values associated with the Password Expiry +window or Password Expiry Notification window for a tenant or specified domain. + +When a domain name is specified, it must be a verified domain for the company. + +The work or school account needs to belong to one of the following Microsoft Entra roles: + +- Domain Name Administrator + +## Examples + +### Example 1: Get password policy for a specified domain + +```powershell +Connect-Entra -Scopes 'Domain.Read.All' +Get-EntraPasswordPolicy -DomainName 'contoso.com' +``` + +```Output +NotificationDays ValidityPeriod +---------------- -------------- + 90 180 +``` + +Returns the password policy for the specified domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. + +## Parameters + +### -DomainName + +The fully qualified name of the domain to be retrieved. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..92829fc4c2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraScopedRoleMembership.md @@ -0,0 +1,143 @@ +--- +title: Get-EntraScopedRoleMembership +description: This article provides details on the Get-EntraScopedRoleMembership command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Get-EntraScopedRoleMembership + +## Synopsis + +List Microsoft Entra role assignments with administrative unit scope. + +## Syntax + +```powershell +Get-EntraScopedRoleMembership + -AdministrativeUnitId + [-ScopedRoleMembershipId ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `ObjectId` parameter to retrieve a specific scoped role membership. + +## Examples + +### Example 1: Get Scoped Role Administrator + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMembership = Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} +Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example gets scoped role administrator. You cane use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. + +### Example 2: List scoped administrators for administrative unit by ObjectId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example list scoped administrators with objectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of a scoped role membership. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) + +[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraSubscribedSku.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraSubscribedSku.md new file mode 100644 index 0000000000..6b833bb7c0 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraSubscribedSku.md @@ -0,0 +1,227 @@ +--- +title: Get-EntraSubscribedSku +description: This article provides details on the Get-EntraSubscribedSku command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraSubscribedSku + +schema: 2.0.0 +--- + +# Get-EntraSubscribedSku + +## Synopsis + +Gets subscribed SKUs to Microsoft services. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraSubscribedSku + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraSubscribedSku + -SubscribedSkuId + [-Property ] + [] +``` + +## Description + +The `Get-EntraSubscribedSku` cmdlet gets subscribed SKUs to Microsoft services. + +## Examples + +### Example 1: Get subscribed SKUs + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraSubscribedSku +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +aaaa0000-bb11-2222-33cc-444444dddddd 0000aaaa-11bb-cccc-dd22-eeeeee333333 M365x99297270 User Enabled 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSP... +bbbb1111-cc22-3333-44dd-555555eeeeee 1111bbbb-22cc-dddd-ee33-ffffff444444 M365x99297270 User Enabled 20 bbbbbbbb-1c1c-2d2d-3e3e-444444444444 ENTE... +cccc2222-dd33-4444-55ee-666666ffffff 2222cccc-33dd-eeee-ff44-aaaaaa555555 M365x99297270 User Enabled 2 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTE... +``` + +This example demonstrates how to retrieve subscribed SKUs to Microsoft services. + +### Example 2: Get subscribed SKUs by SubscribedSkuId + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraSubscribedSku -SubscribedSkuId 'abcdefgh-1111-2222-bbbb-cccc33333333_dddddddd-4444-5555-eeee-666666666666' +``` + +```Output +Id AccountId AccountName AppliesTo CapabilityStatus ConsumedUnits SkuId SkuPartNumber +-- --------- ----------- --------- ---------------- ------------- ----- ------- +aaaa0000-bb11-2222-33cc-444444dddddd 0000aaaa-11bb-cccc-dd22-eeeeee333333 M365x99297270 User Enabled 20 aaaaaaaa-0b0b-1c1c-2d2d-333333333333 EMSP... +``` + +This example demonstrates how to retrieve specified subscribed SKUs to Microsoft services. + +- `-SubscribedSkuId` parameter specifies the ID of the SKU (Stock Keeping Unit). + +### Example 3: Get available license plans + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Organization.Read.All' +Get-EntraSubscribedSku | Select-Object -Property Sku*, ConsumedUnits -ExpandProperty PrepaidUnits +``` + +```Output +Enabled : 5 +LockedOut : 0 +Suspended : 0 +Warning : 0 +AdditionalProperties : +SkuId : efccb6f7-5641-4e0e-bd10-b4976e1bf68e +SkuPartNumber : EMS +ConsumedUnits : 3 +``` + +This example demonstrates how to retrieve available license plans. + +### Example 4: Retrieve all users assigned a specific license + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +$sku = Get-EntraSubscribedSku | Where-Object { $_.SkuPartNumber -eq 'DEVELOPERPACK_E5' } +$skuId = $sku.SkuId +$usersWithDeveloperPackE5 = Get-EntraUser -All | Where-Object { + $_.AssignedLicenses -and ($_.AssignedLicenses.SkuId -contains $skuId) +} +$usersWithDeveloperPackE5 | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled, UserType | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AccountEnabled UserType +-- ----------- ----------------- -------------- -------- +cccccccc-2222-3333-4444-dddddddddddd Angel Brown AngelB@contoso.com True Member +dddddddd-3333-4444-5555-eeeeeeeeeeee Avery Smith AveryS@contoso.com True Member +eeeeeeee-4444-5555-6666-ffffffffffff Sawyer Miller SawyerM@contoso.com True Member +``` + +This example demonstrates how to retrieve all users assigned a specific license. + +### Example 5: Get a list of users, their assigned licenses, and licensing source + +```powershell +Connect-Entra -Scopes 'Organization.Read.All','User.Read.All','Group.Read.All' + +# Get all users with specified properties +$Users = Get-EntraUser -All -Property AssignedLicenses, LicenseAssignmentStates, DisplayName, UserPrincipalName, ObjectId + +$SelectedUsers = $Users | Select-Object ObjectId, UserPrincipalName, DisplayName, AssignedLicenses -ExpandProperty LicenseAssignmentStates + +# Group Name lookup +$GroupDisplayNames = @{} + +# Sku Part Number lookup +$SkuPartNumbers = @{} + +# Populate the hashtable with group display names and SKU part numbers +foreach ($User in $SelectedUsers) { + $AssignedByGroup = $User.AssignedByGroup + $SkuId = $User.SkuId + + try { + # Check if the group display name is already in the hashtable + if (-not $GroupDisplayNames.ContainsKey($AssignedByGroup)) { + $Group = Get-EntraGroup -GroupId $AssignedByGroup + $GroupDisplayNames[$AssignedByGroup] = $Group.DisplayName + } + + $User | Add-Member -NotePropertyName 'GroupDisplayName' -NotePropertyValue $GroupDisplayNames[$AssignedByGroup] + } catch { + $User | Add-Member -NotePropertyName 'GroupDisplayName' -NotePropertyValue 'N/A (Direct Assignment)' + } + + try { + # Check if the SKU part number is already in the hashtable + if (-not $SkuPartNumbers.ContainsKey($SkuId)) { + $Sku = Get-EntraSubscribedSku | Where-Object { $_.SkuId -eq $SkuId } | Select-Object -ExpandProperty SkuPartNumber + $SkuPartNumbers[$SkuId] = $Sku + } + + $User | Add-Member -NotePropertyName 'SkuPartNumber' -NotePropertyValue $SkuPartNumbers[$SkuId] + } catch { + $User | Add-Member -NotePropertyName 'SkuPartNumber' -NotePropertyValue 'N/A' + } +} + +$SelectedUsers | Format-Table UserPrincipalName, DisplayName, AssignedByGroup, GroupDisplayName, SkuId, SkuPartNumber, State, Error -AutoSize +``` + +```Output +userPrincipalName displayName assignedByGroup GroupDisplayName skuId SkuPartNumber state error +----------------- ----------- --------------- ---------------- ----- ------------- ----- ----- +averyh@contoso.com Avery Howard cccccccc-2222-3333-4444-dddddddddddd Contoso Team abcdefgh-1111-2222-bbbb-cccc33333333 ENTERPRISEPACK Active None +devont@contoso.com Devon Torres ffffffff-5555-6666-7777-aaaaaaaaaaaa Retail abcdefgh-1111-2222-bbbb-cccc33333333 ENTERPRISEPACK Active None +``` + +This example shows a list of users, their licenses, and the source of the license such as directly assigned or group assigned. + +## Parameters + +### -SubscribedSkuId + +The object ID of the SKU (Stock Keeping Unit). + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraTenantDetail.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraTenantDetail.md new file mode 100644 index 0000000000..21cd6fc850 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Get-EntraTenantDetail.md @@ -0,0 +1,167 @@ +--- +title: Get-EntraTenantDetail +description: This article provides details on the Get-EntraTenantDetail command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraTenantDetail + +schema: 2.0.0 +--- + +# Get-EntraTenantDetail + +## Synopsis + +Gets the details of a tenant. + +## Syntax + +```powershell +Get-EntraTenantDetail + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraTenantDetail` cmdlet gets the details of a tenant in Microsoft Entra ID. + +In delegated scenarios involving work or school accounts, the signed-in user must be assigned either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation: + +- Application Administrator +- Authentication Administrator +- Cloud Application Administrator +- Directory Readers +- Directory Reviewer +- Global Reader +- Helpdesk Administrator +- Security Administrator +- Security Operator +- Security Reader +- Service Support Administrator +- User Administrator +- Privileged Role Administrator + +## Examples + +### Example 1: Get all tenant details + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraTenantDetail -All +``` + +```Output +DisplayName Id TenantType CountryLetterCode VerifiedDomains +----------- -- ---------- ----------------- --------------- +Contoso aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AAD NL {@{Capabilities=Email, OfficeCommunicationsOnline; IsDefault=False; IsInitial=True; Name=contoso.onmicrosoft.com; Type=Mana... +``` + +This example shows how to retrieve all tenant details. + +### Example 2: Get top one tenant details + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraTenantDetail -Top 1 +``` + +```Output +DisplayName Id CountryLetterCode VerifiedDomains +----------- -- ----------------- --------------- +Contoso aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NL {@{Capabilities=Email, OfficeCommunicationsOnline; IsDefault=False; IsInitial=True; Name=contoso.onmicrosoft.com; Type=Managed; Addition…}} +``` + +This example shows how to retrieve details of a top one tenant in Microsoft Entra ID. + +### Example 3: Get directory tenant size quota + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +(Get-EntraTenantDetail).AdditionalProperties.directorySizeQuota +``` + +```Output +Key Value +--- ----- +used 339 +total 50000 +``` + +This example shows how to retrieve the directory tenant size quota. + +A directory quota represents the maximum number of objects allowed in a tenant, including user accounts, app registrations, and groups. Once this limit is reached, attempts to create new objects will result in an error. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraTenantDetail](Set-EntraTenantDetail.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..48707792fa --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAdministrativeUnit.md @@ -0,0 +1,128 @@ +--- +title: New-EntraAdministrativeUnit +description: This article provides details on the New-EntraAdministrativeUnit command. + + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# New-EntraAdministrativeUnit + +## Synopsis + +Creates an administrative unit. + +## Syntax + +```powershell +New-EntraAdministrativeUnit + [-Description ] + -DisplayName + [] +``` + +## Description + +The `New-EntraAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. + +## Examples + +### Example 1: Create an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraAdministrativeUnit -DisplayName 'TestAU' +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc TestAU +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. + +### Example 2: Create an administrative unit using '-Description' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraAdministrativeUnit -DisplayName 'Pacific Administrative Unit' -Description 'Administrative Unit for Pacific region' +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc Pacific Administrative Unit test111 False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-Description` parameter specifies a description for the Administrative unit object. + +## Parameters + +### -Description + +Specifies a description for the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) + +[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAttributeSet.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAttributeSet.md new file mode 100644 index 0000000000..c100eacd0c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraAttributeSet.md @@ -0,0 +1,136 @@ +--- +title: New-EntraAttributeSet +description: This article provides details on the New-EntraAttributeSet command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraAttributeSet + +schema: 2.0.0 +--- + +# New-EntraAttributeSet + +## Synopsis + +Adds a new attribute set. + +## Syntax + +```powershell +New-EntraAttributeSet + [-AttributeSetId ] + [-Description ] + [-MaxAttributesPerSet ] + [] +``` + +## Description + +Adds a new Microsoft Entra ID attribute set object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a single attribute set + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'NewCustomAttributeSet' + Description = 'Attributes for engineering team' + MaxAttributesPerSet = 10 +} + +New-EntraAttributeSet @params +``` + +```Output +Id Description MaxAttributesPerSet +-- ----------- ------------------- +Testing Attributes for engineering team 10 +``` + +This example demonstrates hoe to add a single attribute set. + +- `-Id` parameter specifies the name of the attribute set. +- `-Description` parameter specifies the description for the attribute set. +- `-MaxAttributesPerSet` parameter specifies the maximum number of custom security attributes. + +## Parameters + +### -Description + +Description of the attribute set, up to 128 characters long, including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AttributeSetId + +Name of the attribute set. Unique identifier for the attribute set within a tenant, up to 32 Unicode characters. It can't contain spaces or special characters, is case sensitive, and can't be changed later. Required. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MaxAttributesPerSet + +Maximum number of custom security attributes that can be defined in this attribute set. The default value is null. If not specified, the administrator can add up to 500 active attributes per tenant. This setting can be changed later. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraAttributeSet](Get-EntraAttributeSet.md) + +[Set-EntraAttributeSet](Set-EntraAttributeSet.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..dc706dba2f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.md @@ -0,0 +1,234 @@ +--- +title: New-EntraCustomSecurityAttributeDefinition +description: This article provides details on the New-EntraCustomSecurityAttributeDefinition command. + + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraCustomSecurityAttributeDefinition + +schema: 2.0.0 +--- + +# New-EntraCustomSecurityAttributeDefinition + +## Synopsis + +Create a new customSecurityAttributeDefinition object. + +## Syntax + +```powershell +New-EntraCustomSecurityAttributeDefinition + -IsSearchable + [-Description ] + -IsCollection + -AttributeSet + -Type + -Name + -Status + -UsePreDefinedValuesOnly + [] +``` + +## Description + +The `New-EntraCustomSecurityAttributeDefinition` cmdlet creates a new customSecurityAttributeDefinition object. Specify `IsSearchable`, `IsCollection`, `AttributeSet`, `Type`, `Name`, `Status` and `UsePreDefinedValuesOnly` parameters for create a new custom security attribute definition. + +You can define up to 500 active objects in a tenant. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Add a custom security attribute + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All','CustomSecAttributeDefinition.ReadWrite.All' +$AttributeSet = Get-EntraAttributeSet -Id '' +$params = @{ + Name = 'ProjectTest' + Description = 'Target completion' + Type = 'String' + Status = 'Available' + AttributeSet = $AttributeSet.Id + IsCollection = $False + IsSearchable = $True + UsePreDefinedValuesOnly = $True +} +New-EntraCustomSecurityAttributeDefinition @params +``` + +```Output +Id AttributeSet Description IsCollection IsSearchable Name Status Type UsePreDefinedValuesOnly +-- ------------ ----------- ------------ ------------ ---- ------ ---- ----------------------- +Test_ProjectTest Test Target completion False True ProjectTest Available String False +``` + +This example demonstrates how to add a custom security attribute. + +- `-Name` parameter specifies the name of the custom security attribute. +- `-Description` parameter specifies the description of the custom security attribute. +- `-Type` parameter specifies the data type for the custom security attribute values. +- `-Status` parameter specifies the custom security attribute is active or deactivated. +- `-AttributeSet` parameter specifies the name of attribute set. +- `-IsCollection` parameter specifies the allows multiple values can be assigned to the custom security attribute. +- `-IsSearchable` parameter specifies the custom security attribute values are indexed for searching on objects. +- `-UsePreDefinedValuesOnly` parameter specifies the only predefined values can be assigned to the custom security attribute. + +## Parameters + +### -AttributeSet + +Name of the attribute set. Case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Description of the custom security attribute, up to 128 characters long and including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCollection + +Indicates whether multiple values can be assigned to the custom security attribute. Can't be changed later. If type is set to Boolean, isCollection can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsSearchable + +Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute values. Can't be changed later. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and include Unicode characters. Can't contain spaces or special characters. Can't be changed later. Case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Status + +Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Can't be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsePreDefinedValuesOnly + +Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but can't be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraCustomSecurityAttributeDefinition](Set-EntraCustomSecurityAttributeDefinition.md) + +[Get-EntraCustomSecurityAttributeDefinition](Get-EntraCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDevice.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDevice.md new file mode 100644 index 0000000000..9971ed4234 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDevice.md @@ -0,0 +1,339 @@ +--- +title: New-EntraDevice +description: This article provides details on the New-EntraDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraDevice + +schema: 2.0.0 +--- + +# New-EntraDevice + +## Synopsis + +Creates a device. + +## Syntax + +```powershell +New-EntraDevice + -DisplayName + -DeviceOSType + -AccountEnabled + -DeviceId + -DeviceOSVersion + -AlternativeSecurityIds + [-DevicePhysicalIds ] + [-DeviceTrustType ] + [-DeviceMetadata ] + [-ApproximateLastLogonTimeStamp ] + [-IsManaged ] + [-DeviceObjectVersion ] + [-IsCompliant ] + [-ProfileType ] + [-SystemLabels ] + [] +``` + +## Description + +The `New-EntraDevice` cmdlet creates a device in Microsoft Entra ID. + +The calling user must be in one of the following Microsoft Entra roles: Intune Administrator or Windows 365 Administrator. + +## Examples + +### Example 1: Create a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' + +$params = @{ + AccountEnabled = $true + DisplayName = 'My new device' + AlternativeSecurityIds = $altsecid + DeviceId = $guid + DeviceOSType = 'OS/2' + DeviceOSVersion = '9.3' +} + +New-EntraDevice @params +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb dddddddd-3333-4444-5555-eeeeeeeeeeee My new device +``` + +This command creates a new device. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeSecurityIds + +Specifies alternative security IDs. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApproximateLastLogonTimeStamp + +Specifies last sign-in date time. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the ID of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceMetadata + +The metadata for this device + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectVersion + +Specifies the object version of the device. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSType + +Specifies the operating system type of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSVersion + +Specifies the operating system version of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DevicePhysicalIds + +Specifies the physical ID. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceTrustType + +The trust type for this device + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompliant + +True if the device complies with Mobile Device Management (MDM) policies; otherwise, false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsManaged + +True if the device is managed by a Mobile Device Management (MDM) app such as Intune; otherwise, false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ProfileType + +Specifies profile type of the device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SystemLabels + +Specifies labels for the device. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDevice](Get-EntraDevice.md) + +[Remove-EntraDevice](Remove-EntraDevice.md) + +[Set-EntraDevice](Set-EntraDevice.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDomain.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDomain.md new file mode 100644 index 0000000000..bd007e334b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/New-EntraDomain.md @@ -0,0 +1,158 @@ +--- +title: New-EntraDomain +description: This article provides details on the New-EntraDomain command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraDomain + +schema: 2.0.0 +--- + +# New-EntraDomain + +## Synopsis + +Creates a domain. + +## Syntax + +```powershell +New-EntraDomain + -Name + [-IsDefault ] + [-SupportedServices ] + [] +``` + +## Description + +The `New-EntraDomain` cmdlet creates a domain in Microsoft Entra ID. + +The work or school account needs to belong to at least the Domain Name Administrator role. + +## Examples + +### Example 1: Create a new Domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraDomain -Name testingDemo.com +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified Manufacturer Model PasswordNotificationWindowInDays PasswordValidityPeriodInDays SupportedServices +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- ------------ ----- -------------------------------- ---------------------------- ----------------- +testingDemo.com Managed True False False False False {} +``` + +This example demonstrates how to create a new domain in Microsoft Entra ID. + +### Example 2: Create a new Domain with a list of domain capabilities + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraDomain -Name testingDemo1.com -SupportedServices @('Email', 'OfficeCommunicationsOnline') +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified Manufacturer Model PasswordNotificationWindowInDays PasswordValidityPeriodInDays SupportedServices +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- ------------ ----- -------------------------------- ---------------------------- ----------------- +testingDemo1.com Managed True False False False False {} +``` + +This example demonstrates how to create a new domain with the specified services in Microsoft Entra ID. + +### Example 3: Create a new Domain and make if the default new user creation + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +New-EntraDomain -Name testingDemo2.com -IsDefault $True +``` + +```Output +Id AuthenticationType AvailabilityStatus IsAdminManaged IsDefault IsInitial IsRoot IsVerified Manufacturer Model PasswordNotificationWindowInDays PasswordValidityPeriodInDays SupportedServices +-- ------------------ ------------------ -------------- --------- --------- ------ ---------- ------------ ----- -------------------------------- ---------------------------- ----------------- +testingDemo2.com Managed True False False False False {} +``` + +This example demonstrates how to create a new domain in Microsoft Entra ID and marks it as the default to be used for new user creation. + +## Parameters + +### -IsDefault + +Indicates whether or not this is the default domain that is used for user creation. + +There is only one default domain per company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The fully qualified name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SupportedServices + +The capabilities assigned to the domain. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraDomain](Confirm-EntraDomain.md) + +[Get-EntraDomain](Get-EntraDomain.md) + +[Remove-EntraDomain](Remove-EntraDomain.md) + +[Set-EntraDomain](Set-EntraDomain.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..154c66d3f0 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnit.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraAdministrativeUnit +description: This article provides details on the Remove-EntraAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# Remove-EntraAdministrativeUnit + +## Synopsis + +Removes an administrative unit. + +## Syntax + +```powershell +Remove-EntraAdministrativeUnit + -AdministrativeUnitId + [] +``` + +## Description + +The `Remove-EntraAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. + +To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Remove-EntraAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id +``` + +This command removes the specified administrative unit from Microsoft Entra ID. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..d4d78ed367 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraAdministrativeUnitMember.md @@ -0,0 +1,105 @@ +--- +title: Remove-EntraAdministrativeUnitMember +description: This article provides details on the Remove-EntraAdministrativeUnitMember command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Remove-EntraAdministrativeUnitMember + +## Synopsis + +Removes an administrative unit member. + +## Syntax + +```powershell +Remove-EntraAdministrativeUnitMember + -AdministrativeUnitId + -MemberId + [] +``` + +## Description + +The `Remove-EntraAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. + +To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$adminUnitMember = Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id | Select-Object Id, DisplayName,'@odata.type' | Where-Object {$_.DisplayName -eq 'Saywer Miller'} +Remove-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -MemberId $adminUnitMember.Id +``` + +This command removes a specified member (user or group) from a specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-MemberId` parameter specifies the ID of the administrative unit member. + +## Parameters + +### -MemberId + +Specifies the ID of the administrative unit member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) + +[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraContact.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraContact.md new file mode 100644 index 0000000000..62fa1f0c43 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraContact.md @@ -0,0 +1,79 @@ +--- +title: Remove-EntraContact +description: This article provides details on the Remove-EntraContact command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraContact + +schema: 2.0.0 +--- + +# Remove-EntraContact + +## Synopsis + +Removes a contact. + +## Syntax + +```powershell +Remove-EntraContact + -OrgContactId + [] +``` + +## Description + +The `Remove-EntraContact` removes a contact from Microsoft Entra ID. + +## Examples + +### Example 1: Remove a contact + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All' +$Contact = Get-EntraContact -Filter "DisplayName eq 'Contoso Contact'" +Remove-EntraContact -OrgContactId $Contact.ObjectId +``` + +The example shows how to remove a contact. + +## Parameters + +### -OrgContactId + +Specifies the object ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraContact](Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeletedDirectoryObject.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeletedDirectoryObject.md new file mode 100644 index 0000000000..0d2083b752 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeletedDirectoryObject.md @@ -0,0 +1,96 @@ +--- +title: Remove-EntraDeletedDirectoryObject +description: This article provides details on the Remove-EntraDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Applications-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraDeletedDirectoryObject + +## Synopsis + +Permanently delete a previously deleted directory object. + +## Syntax + +```powershell +Remove-EntraDeletedDirectoryObject + -DirectoryObjectId + [] +``` + +## Description + +The `Remove-EntraDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. + +When a directory object is permanently deleted, it can no longer be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. +- To permanently delete deleted users: `User Administrator`. +- To permanently delete deleted groups: `Groups Administrator`. + +## Examples + +### Example 1: Delete a previously deleted directory object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' +$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraDeletedDirectoryObject -DirectoryObjectId $deletedApplication.Id +``` + +This example demonstrates how to permanently delete a previously deleted directory object by DirectoryObjectId. + +- `-DirectoryObjectId` parameter specifies the Id of the directory object that is permanently deleted. + +## Parameters + +### -DirectoryObjectId + +The DirectoryObjectId of the directory object that is permanently deleted. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraDeletedDirectoryObject](Get-EntraDeletedDirectoryObject.md) + +[Restore-EntraDeletedDirectoryObject](Restore-EntraDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDevice.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDevice.md new file mode 100644 index 0000000000..bbef6c0490 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDevice.md @@ -0,0 +1,85 @@ +--- +title: Remove-EntraDevice +description: This article provides details on the Remove-EntraDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDevice + +schema: 2.0.0 +--- + +# Remove-EntraDevice + +## Synopsis + +Deletes a device. + +## Syntax + +```powershell +Remove-EntraDevice + -DeviceId + [] +``` + +## Description + +The `Remove-EntraDevice` cmdlet removes a device from Microsoft Entra ID. + +The calling user must be in one of the following Microsoft Entra roles: Intune Administrator, Windows 365 Administrator, or Cloud Device Administrator. + +## Examples + +### Example 1: Remove a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +$Device = Get-EntraDevice -Filter "DisplayName eq 'Woodgrove Desktop'" +Remove-EntraDevice -DeviceId $Device.ObjectId +``` + +This command removes the specified device. + +## Parameters + +### -DeviceId + +Specifies the object ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDevice](Get-EntraDevice.md) + +[New-EntraDevice](New-EntraDevice.md) + +[Set-EntraDevice](Set-EntraDevice.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.md new file mode 100644 index 0000000000..77eb8489a7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.md @@ -0,0 +1,101 @@ +--- +title: Remove-EntraDeviceRegisteredOwner +description: This article provides details on the Remove-EntraDeviceRegisteredOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDeviceRegisteredOwner + +schema: 2.0.0 +--- + +# Remove-EntraDeviceRegisteredOwner + +## Synopsis + +Removes the registered owner of a device. + +## Syntax + +```powershell +Remove-EntraDeviceRegisteredOwner + -OwnerId + -DeviceId + [] +``` + +## Description + +The `Remove-EntraDeviceRegisteredOwner` cmdlet removes the registered owner of a device in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$Device = Get-EntraDevice -Top 1 +$Owner = Get-EntraDeviceRegisteredOwner -DeviceId $Device.ObjectId +Remove-EntraDeviceRegisteredOwner -DeviceId $Device.ObjectId -OwnerId $Owner.ObjectId +``` + +This examples shows how to remove the owner of a device. + +## Parameters + +### -DeviceId + +Specifies an object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies an owner ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDeviceRegisteredOwner](Add-EntraDeviceRegisteredOwner.md) + +[Get-EntraDevice](Get-EntraDevice.md) + +[Get-EntraDeviceRegisteredOwner](Get-EntraDeviceRegisteredOwner.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredUser.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredUser.md new file mode 100644 index 0000000000..81f06ccd94 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDeviceRegisteredUser.md @@ -0,0 +1,99 @@ +--- +title: Remove-EntraDeviceRegisteredUser +description: This article provides details on the Remove-EntraDeviceRegisteredUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDeviceRegisteredUser + +schema: 2.0.0 +--- + +# Remove-EntraDeviceRegisteredUser + +## Synopsis + +Removes a registered user from a device. + +## Syntax + +```powershell +Remove-EntraDeviceRegisteredUser + -DeviceId + -UserId + [] +``` + +## Description + +The `Remove-EntraDeviceRegisteredUser` cmdlet removes a registered user from a Microsoft Entra ID device. + +## Examples + +### Example 1: Remove a registered user from a device + +```Powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$Device = Get-EntraDevice -Top 1 +$User = Get-EntraDeviceRegisteredUser -DeviceId $Device.ObjectId +Remove-EntraDeviceRegisteredUser -DeviceId $Device.ObjectId -UserId $User.ObjectId +``` + +This example shows how to remove the registered user from device. + +## Parameters + +### -DeviceId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDeviceRegisteredUser](Add-EntraDeviceRegisteredUser.md) + +[Get-EntraDeviceRegisteredUser](Get-EntraDeviceRegisteredUser.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDirectoryRoleMember.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDirectoryRoleMember.md new file mode 100644 index 0000000000..6a1b180608 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDirectoryRoleMember.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraDirectoryRoleMember +description: This article provides details on the Remove-EntraDirectoryRoleMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDirectoryRoleMember + +schema: 2.0.0 +--- + +# Remove-EntraDirectoryRoleMember + +## Synopsis + +Removes a member of a directory role. + +## Syntax + +```powershell +Remove-EntraDirectoryRoleMember + -DirectoryRoleId + -MemberId + [] +``` + +## Description + +The `Remove-EntraDirectoryRoleMember` cmdlet removes a member from a directory role in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a member from a directory role + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$params = @{ + DirectoryRoleId = 'aaaabbbb-0000-cccc-1111-dddd2222eeee' + MemberId = '11bb11bb-cc22-dd33-ee44-55ff55ff55ff' +} + +Remove-EntraDirectoryRoleMember @params +``` + +This example removes the specified member from the specified role. + +- `-DirectoryRoleId` - specifies the unique identifier (ObjectId) of the directory role from which the member will be removed. + +- `-MemberId` - specifies the unique identifier (MemberId) of the member (user, group, or service principal) that is to be removed from the specified directory role. + +## Parameters + +### -MemberId + +Specifies the object ID of a role member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DirectoryRoleId + +Specifies the object ID of a directory role in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraDirectoryRoleMember](Add-EntraDirectoryRoleMember.md) + +[Get-EntraDirectoryRoleMember](Get-EntraDirectoryRoleMember.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDomain.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDomain.md new file mode 100644 index 0000000000..92ab4439b2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraDomain.md @@ -0,0 +1,91 @@ +--- +title: Remove-EntraDomain +description: This article provides details on the Remove-EntraDomain command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDomain + +schema: 2.0.0 +--- + +# Remove-EntraDomain + +## Synopsis + +Removes a domain. + +## Syntax + +```powershell +Remove-EntraDomain + -Name + [] +``` + +## Description + +The `Remove-EntraDomain` cmdlet removes a domain from Microsoft Entra ID. + +Important: + +- Deleted domains are not recoverable. +- Attempts to delete will fail if there are any resources or objects still dependent on the domain. + +The work or school account needs to belong to at least the `Domain Name Administrator` Microsoft Entra role. + +## Examples + +### Example 1: Remove a domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Remove-EntraDomain -Name Contoso.com +``` + +This command removes a domain from Microsoft Entra ID. + +## Parameters + +### -Name + +Specifies the name of the domain to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraDomain](Confirm-EntraDomain.md) + +[Get-EntraDomain](Get-EntraDomain.md) + +[New-EntraDomain](New-EntraDomain.md) + +[Set-EntraDomain](Set-EntraDomain.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraExternalDomainFederation.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraExternalDomainFederation.md new file mode 100644 index 0000000000..d1ac7b8912 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraExternalDomainFederation.md @@ -0,0 +1,79 @@ +--- +title: Remove-EntraExternalDomainFederation +description: This article provides details on the Remove-EntraExternalDomainFederation command. + + +ms.topic: reference +ms.date: 06/11/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra + +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraExternalDomainFederation + +schema: 2.0.0 +--- + +# Remove-EntraExternalDomainFederation + +## Synopsis + +Delete an externalDomainFederation by external domain name. + +## Syntax + +```powershell +Remove-EntraExternalDomainFederation + -ExternalDomainName + [] +``` + +## Description + +This `Remove-EntraExternalDomainFederation` cmdlet removes an externalDomainFederation by external domain name. + +## Examples + +### Example 1: Deletes an external domain federation setting for a given external domain + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Remove-EntraExternalDomainFederation -ExternalDomainName 'test.com' +``` + +This command deletes an external domain federation setting. + +- `ExternalDomainName` Parameter specifies unique identifer of an externalDomainFederation. + +## Parameters + +### -ExternalDomainName + +The unique identifer of an externalDomainFederation in Microsoft Entra ID + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..817aafaa60 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Remove-EntraScopedRoleMembership.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraScopedRoleMembership +description: This article provides details on the Remove-EntraScopedRoleMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Remove-EntraScopedRoleMembership + +## Synopsis + +Removes a scoped role membership. + +## Syntax + +```powershell +Remove-EntraScopedRoleMembership + -AdministrativeUnitId + -ScopedRoleMembershipId + [] +``` + +## Description + +The `Remove-EntraScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. + +## Examples + +### Example 1: Remove a scoped role membership + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +$roleMembership = Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} +Remove-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id +``` + +This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraScopedRoleMembership` command. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of the scoped role membership to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) + +[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Restore-EntraDeletedDirectoryObject.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Restore-EntraDeletedDirectoryObject.md new file mode 100644 index 0000000000..94a5cc6abc --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Restore-EntraDeletedDirectoryObject.md @@ -0,0 +1,154 @@ +--- +title: Restore-EntraDeletedDirectoryObject +description: This article provides details on the Restore-EntraDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Restore-EntraDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Restore-EntraDeletedDirectoryObject + +## Synopsis + +Restore a previously deleted object. + +## Syntax + +```powershell +Restore-EntraDeletedDirectoryObject + -Id + [] +``` + +## Description + +The `Restore-EntraDeletedDirectoryObject` cmdlet is used to restore previously deleted objects, such as application, group, service principal, administrative unit, or user objects. + +When a group or application is deleted, it is initially soft deleted and can be recovered within the first 30 days. After 30 days, the deleted object is permanently deleted and cannot be recovered. + +**Notes:** + +- Only Unified Groups (also known as Office 365 Groups) can be restored; Security groups cannot be restored. +- Restoring an application does not automatically restore its associated service principal. You must explicitly use this cmdlet to restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles: + +- **To restore deleted applications or service principals:** Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. +- **To restore deleted users:** User Administrator. + - However, to restore users with privileged administrator roles: + - In delegated scenarios, the app must be assigned the `Directory.AccessAsUser.All` delegated permission, and the calling user must also be assigned a higher privileged administrator role. + - In app-only scenarios, in addition to being granted the `User.ReadWrite.All` application permission, the app must be assigned a higher privileged administrator role. +- **To restore deleted groups:** Groups Administrator. + - However, to restore role-assignable groups, the calling user must be assigned the Privileged Role Administrator role. + +## Examples + +### Example 1: Restore a deleted object with ID + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' #administrativeUnit resource +Connect-Entra -Scopes 'Application.ReadWrite.All' #application resource +Connect-Entra -Scopes 'Group.ReadWrite.All' #group resource +Connect-Entra -Scopes 'Application.ReadWrite.All' #servicePrincipal resource +Connect-Entra -Scopes 'User.ReadWrite.All' #user resource +Restore-EntraDeletedDirectoryObject -Id 'dddddddd-3333-4444-5555-eeeeeeeeeeee' +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example shows how to restore a deleted object in Microsoft Entra ID. + +- `-Id` parameter specifies the Id of the directory object to restore. + +### Example 2: Restoring a Soft-Deleted User and Removing Conflicting Proxy Addresses + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +Restore-EntraDeletedDirectoryObject -Id 'dddddddd-3333-4444-5555-eeeeeeeeeeee' -AutoReconcileProxyConflict +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example shows how to restore a deleted object in Microsoft Entra ID. + +- `-Id` parameter specifies the Id of the directory object to restore. +- `-AutoReconcileProxyConflict` parameter removes any conflicting proxy addresses while restoring a soft-deleted user whose one or more proxy addresses are currently used for an active user. + +## Parameters + +### -Id + +The Id of the directory object to restore. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AutoReconcileProxyConflict + +Specifies whether Microsoft Entra ID should remove conflicting proxy addresses when restoring a soft-deleted user, if any of the user's proxy addresses are currently in use by an active user. This parameter applies only when restoring a soft-deleted user. The default value is `false`. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraDeletedApplication](../Applications/Remove-EntraDeletedApplication.md) + +[Restore-EntraDeletedApplication](../Applications/Restore-EntraDeletedApplication.md) + +[Remove-EntraDeletedDirectoryObject](Remove-EntraDeletedDirectoryObject.md) + +[Get-EntraDeletedApplication](../Applications/Get-EntraDeletedApplication.md) + +[Get-EntraDeletedDirectoryObject](Get-EntraDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..c2b5badd45 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAdministrativeUnit.md @@ -0,0 +1,125 @@ +--- +title: Set-EntraAdministrativeUnit +description: This article provides details on the Set-EntraAdministrativeUnit command. + +ms.topic: reference +ms.date: 06/19/2023 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# Set-EntraAdministrativeUnit + +## Synopsis + +Updates an administrative unit. + +## Syntax + +```powershell +Set-EntraAdministrativeUnit + -AdministrativeUnitId + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +The `Set-EntraAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. + +The Privileged Role Administrator is the least privileged role required for this operation. + +## Examples + +### Example 1: Update DisplayName and description + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" +Set-EntraAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -DisplayName 'Pacific Admin Unit' -Description 'Pacific Admin Unit Description' +``` + +This Command update DisplayName of specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-DisplayName` parameter specifies the display name for the administrative unit. +- `-Description` parameter specifies the description for the administrative unit. + +## Parameters + +### -Description + +Specifies a description. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the Id of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) + +[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAttributeSet.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAttributeSet.md new file mode 100644 index 0000000000..a7cb3d520d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraAttributeSet.md @@ -0,0 +1,147 @@ +--- +title: Set-EntraAttributeSet +description: This article provides details on the Set-EntraAttributeSet command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraAttributeSet + +schema: 2.0.0 +--- + +# Set-EntraAttributeSet + +## Synopsis + +Updates an existing attribute set. + +## Syntax + +```powershell +Set-EntraAttributeSet + -AttributeSetId + [-Description ] + [-MaxAttributesPerSet ] + [] +``` + +## DESCRIPTION + +The `Set-EntraAttributeSet` cmdlet updates a Microsoft Entra ID attribute set object specified by its ID. Specify `AttributeSetId` parameter to Update a Microsoft Entra ID attribute set object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. + +Note: Only the Attribute Definition Administrator role is supported for this operation. Ensure the signed-in user is assigned this role. + +You can only update the `description` and `maxAttributesPerSet` properties. + +## Examples + +### Example 1: Update an attribute set + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'Engineering' + Description = 'Attributes for cloud engineering team' +} +Set-EntraAttributeSet @params +``` + +This example update an attribute set. + +- `-AttributeSetId` parameter specifies the name of the attribute set. You can `Get-EntraAttributeSet` to get more details. +- `-Description` parameter specifies the description for the attribute set. + +### Example 2: Update an attribute set using MaxAttributesPerSet + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + AttributeSetId = 'Engineering' + MaxAttributesPerSet = 10 +} +Set-EntraAttributeSet @params +``` + +This example update an attribute set using MaxAttributesPerSet. + +- `-AttributeSetId` parameter specifies the name of the attribute set. You can `Get-EntraAttributeSet` to get more details. +- `-MaxAttributesPerSet` parameter specifies the maximum number of custom security attributes. + +## Parameters + +### -Description + +Description of the attribute set, up to 128 characters long, including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AttributeSetId + +Name of the attribute set. Unique identifier for the attribute set within a tenant. This identifier can be up to 32 characters long and may include Unicode characters. It cannot contain spaces or special characters, and it cannot be changed later. The identifier is case insensitive. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MaxAttributesPerSet + +Maximum number of custom security attributes that can be defined in this attribute set. The default value is null. If not specified, the administrator can add up to 500 active attributes per tenant. This setting can be changed later. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraAttributeSet](New-EntraAttributeSet.md) + +[Get-EntraAttributeSet](Get-EntraAttributeSet.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.md new file mode 100644 index 0000000000..90955315df --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.md @@ -0,0 +1,149 @@ +--- +title: Set-EntraCustomSecurityAttributeDefinition +description: This article provides details on the Set-EntraCustomSecurityAttributeDefinition command. + + +ms.topic: reference +ms.date: 07/11/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraCustomSecurityAttributeDefinition + +schema: 2.0.0 +--- + +# Set-EntraCustomSecurityAttributeDefinition + +## Synopsis + +Update the properties of a customSecurityAttributeDefinition object. + +## Syntax + +```powershell +Set-EntraCustomSecurityAttributeDefinition + -Id + [-Description ] + [-Status ] + [-UsePreDefinedValuesOnly ] + [] +``` + +## Description + +Update the properties of a customSecurityAttributeDefinition object. Specify `Id` parameter to update a custom security attribute definition. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The Attribute Definition Administrator is the only privileged role supported for this operation. + +## Examples + +### Example 1: Update a custom security attribute + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.Read.All', 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + Id = 'Engineering_ProjectDate' + Description = 'Add-description' + Status = 'Available' + UsePreDefinedValuesOnly = $False +} +Set-EntraCustomSecurityAttributeDefinition @params +``` + +This example update a custom security attribute. + +- `-Id` parameter specifies the custom security attribute definition object ID. +- `-Description` parameter specifies the description of the custom security attribute. +- `-Status` parameter specifies the custom security attribute is active or deactivated. +- `-UsePreDefinedValuesOnly` parameter specifies the only predefined values can be assigned to the custom security attribute. + +## Parameters + +### -Description + +Description of the custom security attribute, up to 128 characters long and including Unicode characters. This description can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID custom security attribute definition object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Status + +Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsePreDefinedValuesOnly + +Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but can't be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly can't be set to true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraCustomSecurityAttributeDefinition](Get-EntraCustomSecurityAttributeDefinition.md) + +[New-EntraCustomSecurityAttributeDefinition](New-EntraCustomSecurityAttributeDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md new file mode 100644 index 0000000000..524bb1f0db --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md @@ -0,0 +1,126 @@ +--- +title: Set-EntraCustomSecurityAttributeDefinitionAllowedValue +description: This article provides details on the Set-EntraCustomSecurityAttributeDefinitionAllowedValue command. + +ms.topic: reference +ms.date: 07/11/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue + +schema: 2.0.0 +--- + +# Set-EntraCustomSecurityAttributeDefinitionAllowedValue + +## Synopsis + +Updates an existing custom security attribute definition predefined value. + +## Syntax + +```powershell +Set-EntraCustomSecurityAttributeDefinitionAllowedValue + [-IsActive ] + -CustomSecurityAttributeDefinitionId + -Id [] +``` + +## Description + +The `Set-EntraCustomSecurityAttributeDefinitionAllowedValue` cmdlet update a Microsoft Entra ID custom security attribute definition predefined value object identified by ID. Specify `CustomSecurityAttributeDefinitionId` and `Id` parameter to update a Microsoft Entra ID custom security attribute definition predefined value. + +## Examples + +### Example 1: Update a custom security attribute definition predefined value + +```powershell +Connect-Entra -Scopes 'CustomSecAttributeDefinition.ReadWrite.All' +$params = @{ + CustomSecurityAttributeDefinitionId = 'Engineering_Project' + Id = 'Alpine' + IsActive = $true +} +Set-EntraCustomSecurityAttributeDefinitionAllowedValue @params +``` + +This example update a custom security attribute definition predefined value. + +- `-CustomSecurityAttributeDefinitionId` parameter specifies the custom security attribute definition ID. +- `-Id` parameter specifies the ID of Microsoft Entra ID Object. +- `-IsActive` parameter specifies the predefined value is active or deactivated. + +## Parameters + +### -CustomSecurityAttributeDefinitionId + +The unique identifier of customSecurityAttributeDefinition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value cannot be assigned to any additional supported directory objects. This field is optional. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IsActive + +Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any other supported directory objects. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraCustomSecurityAttributeDefinitionAllowedValue](Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md) + +[Add-EntraCustomSecurityAttributeDefinitionAllowedValue](Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDevice.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDevice.md new file mode 100644 index 0000000000..b22e03c12f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDevice.md @@ -0,0 +1,387 @@ +--- +title: Set-EntraDevice +description: This article provides details on the Set-EntraDevice command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDevice + +schema: 2.0.0 +--- + +# Set-EntraDevice + +## Synopsis + +Updates a device. + +## Syntax + +```powershell +Set-EntraDevice + -DeviceObjectId + [-DevicePhysicalIds ] + [-DeviceOSType ] + [-DeviceTrustType ] + [-DisplayName ] + [-DeviceMetadata ] + [-ApproximateLastLogonTimeStamp ] + [-AccountEnabled ] + [-IsManaged ] + [-DeviceId ] + [-DeviceObjectVersion ] + [-IsCompliant ] + [-DeviceOSVersion ] + [-AlternativeSecurityIds ] + [-ProfileType ] + [-SystemLabels ] + [] +``` + +## Description + +The `Set-EntraDevice` cmdlet updates a device in Microsoft Entra ID. + +The calling user must have at least the Intune Administrator role in Microsoft Entra. A user with the Cloud Device Administrator role can only enable or disable devices, while a user with the Windows 365 Administrator role can only update basic device properties. + +## Examples + +### Example 1: Update a device display name + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DisplayName 'My OS/2 computer' +``` + +This example shows how to update a display name of a specified. + +### Example 2: Update a device alternative security ID + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +$NewId= New-Object Microsoft.Open.AzureAD.Model.AlternativeSecurityId +$NewId.Key =[System.Text.Encoding]::UTF8.GetBytes('test') +$NewId.type = 2 +Set-EntraDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -AlternativeSecurityIds $NewId +``` + +This example shows how to update an alternative security ID of a specified device. + +### Example 3: Update a device account enabled + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -AccountEnabled $true +``` + +This example shows how to update an account enabled of a specified device. + +### Example 4: Update a device OS type + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' +Set-EntraDevice -DeviceObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DeviceOSType Windows +``` + +This example shows how to update an OS type of a specified device. + +### Example 5: Update a device + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All','Device.ReadWrite.All' + +$params = @{ + DeviceObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DeviceMetadata = 'Testdevice' + DeviceObjectVersion = 4 + DevicePhysicalIds = '[GID]:g:1234567890123456' + IsCompliant = $false +} + +Set-EntraDevice @params +``` + +This example shows how to update multiple properties of a specified device. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeSecurityIds + +Specifies alternative security IDs. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApproximateLastLogonTimeStamp + +The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null values) and $orderby. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceId + +Specifies the device ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceMetadata + +The device metadata for this device. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectVersion + +Specifies the object version of the device. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSType + +Specifies the operating system. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceOSVersion + +Specifies the operating system version. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DevicePhysicalIds + +Specifies the physical ID. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceTrustType + +Specifies the device trust type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompliant + +Indicates whether the device is compliant. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsManaged + +Indicates whether the device is managed. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DeviceObjectId + +Specifies the object ID of a device in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ProfileType + +Specifies the profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SystemLabels + +Specifies list of labels applied to the device by the system. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDevice](Get-EntraDevice.md) + +[New-EntraDevice](New-EntraDevice.md) + +[Remove-EntraDevice](Remove-EntraDevice.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncConfiguration.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncConfiguration.md new file mode 100644 index 0000000000..def106ab66 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncConfiguration.md @@ -0,0 +1,144 @@ +--- +title: Set-EntraDirSyncConfiguration +description: This article provides details on the Set-EntraDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDirSyncConfiguration + +schema: 2.0.0 +--- + +# Set-EntraDirSyncConfiguration + +## Synopsis + +Modifies the directory synchronization settings. + +## Syntax + +```powershell +Set-EntraDirSyncConfiguration + -AccidentalDeletionThreshold + [-Force] + [-TenantId ] + [] +``` + +## Description + +The `Set-EntraDirSyncConfiguration` cmdlet modifies the directory synchronization settings. + +## Examples + +### Example 1: Set directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold 600 -Force +``` + +This command sets directory synchronization settings. + +- `-AccidentalDeletionThreshold` Specifies the accidental deletion prevention configuration for a tenant. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Set directory synchronization settings for a Tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$tenantID = (Get-EntraContext).TenantId +$params = @{ + AccidentalDeletionThreshold = 600 + TenantId = $tenantID + Force = $true +} + +Set-EntraDirSyncConfiguration @params +``` + +This command sets directory synchronization settings. + +- `-AccidentalDeletionThreshold` Specifies the accidental deletion prevention configuration for a tenant. +- `-Force` Forces the command to run without asking for user confirmation. +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -AccidentalDeletionThreshold + +Specifies the accidental deletion prevention configuration for a tenant. + +```yaml +Type: System.UInt32 +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: SetAccidentalDeletionThreshold +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.UInt32 + +### System.Guid + +## Outputs + +### System.Object + +## Notes + +- For additional details see [Update onPremisesDirectorySynchronization](https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-update). + +## Related Links + +[Get-EntraDirSyncConfiguration](Get-EntraDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncEnabled.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncEnabled.md new file mode 100644 index 0000000000..4f2933e893 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncEnabled.md @@ -0,0 +1,140 @@ +--- +title: Set-EntraDirSyncEnabled +description: This article provides details on the Set-EntraDirSyncEnabled command. + + +ms.topic: reference +ms.date: 09/27/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDirSyncEnabled + +schema: 2.0.0 +--- + +# Set-EntraDirSyncEnabled + +## Synopsis + +Turns directory synchronization on or off for a company. + +## Syntax + +```powershell +Set-EntraDirSyncEnabled + -EnableDirSync + [-Force] + [-TenantId ] + [] +``` + +## Description + +The `Set-EntraDirSyncEnabled` cmdlet turns directory synchronization on or off for a company. +>[!IMPORTANT] +>It may take up to 72 hours to complete deactivation once you have disabled DirSync through this cmdlet. The time depends on the number of objects that are in your cloud service subscription account. **You cannot cancel the disable action**. It will need to complete before you can take any other action, including re-enabling of DirSync. If you choose to re-enable DirSync, a full synchronization of your synced objects will happen. This may take a considerable time depending on the number of objects in your Microsoft Entra ID. +>[!NOTE] +>If you disable DirSync and you decide to re-enable it, and you have enabled the BlockCloudObjectTakeoverThroughHardMatch feature, OnPrem to cloud object takeover/update for all objects mastered in the Microsoft Entra ID will be blocked. If this is the case and you want to resume syncing Microsoft Entra ID mastered objects with Microsoft Entra ID, set **BlockCloudObjectTakeoverThroughHardMatch** feature to false. + +## Examples + +### Example 1: Turn on directory synchronization + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All' +$params = @{ + EnableDirsync = $True + Force = $True +} +Set-EntraDirSyncEnabled @params +``` + +This example turns on directory synchronization for a company. + +- `-EnableDirsync` Specifies whether to turn on directory synchronization on for your company. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Turn off directory synchronization + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All' +$params = @{ + EnableDirsync = $False + TenantId = 'aaaaaaaa-1111-1111-1111-000000000000' + Force = $True + +} +Set-EntraDirSyncEnabled @params +``` + +This example turns off directory synchronization for a company. + +- `-EnableDirsync` Specifies whether to turn on directory synchronization on for your company. +- `-Force` Forces the command to run without asking for user confirmation. +- `-TenantId` Specifies the unique ID of the tenant on which to perform the operation. + +## Parameters + +### -EnableDirsync + +Specifies whether to turn on directory synchronization on for your company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the unique ID of the tenant on which to perform the operation. +The default value is the tenant of the current user. +This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncFeature.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncFeature.md new file mode 100644 index 0000000000..17cae1031c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDirSyncFeature.md @@ -0,0 +1,187 @@ +--- +title: Set-EntraDirSyncFeature +description: This article provides details on the Set-EntraDirSyncFeature command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDirSyncFeature + +schema: 2.0.0 +--- + +# Set-EntraDirSyncFeature + +## Synopsis + +Used to set identity synchronization features for a tenant. + +## Syntax + +```powershell +Set-EntraDirSyncFeature + -Feature + -Enabled + [-TenantId ] + [-Force] + [] +``` + +## Description + +The `Set-EntraDirSyncFeature` cmdlet sets identity synchronization features for a tenant. + +You can use the following synchronization features with this cmdlet: + +- **EnableSoftMatchOnUpn**: Soft match is the process used to link an object being synced from on-premises for the first time with one that already exists in the cloud. When this feature is enabled, soft match is attempted using the standard logic, based on the primary SMTP address. If a match isn't found based on primary SMTP, then a match is attempted based on UserPrincipalName. Once this feature is enabled, it can't be disabled. +- **PasswordSync**: Used to indicate on-premise password synchronization. +- **SynchronizeUpnForManagedUsers**: Allows for the synchronization of UserPrincipalName updates from on-premises for managed (nonfederated) users that are assigned a license. These updates are blocked if this feature isn't enabled. Once this feature is enabled, it can't be disabled. +- **BlockSoftMatch**: When this feature is enabled, it blocks the soft match feature. Customers are encouraged to enable this feature and keep it enabled until soft matching is required again for their tenancy. This flag should be enabled again after any soft matching is completed and is no longer needed. +- **BlockCloudObjectTakeoverThroughHardMatch**: Used to block cloud object takeover via source anchor hard match. + +Enabling some of these features, such as EnableSoftMatchOnUpn and SynchronizationUpnForManagedUsers, is a permanent operation. +You can't disable these features once they're enabled. + +## Examples + +### Example 1: Enable a feature for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$params = @{ + Feature = 'BlockCloudObjectTakeoverThroughHardMatch' + Enable = $True +} +Set-EntraDirSyncFeature @params +``` + +This command enables the SoftMatchOnUpn feature for the tenant. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. +- `-Force` Forces the command to run without asking for user confirmation. + +### Example 2: Block Soft Matching for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$params = @{ + Feature = 'BlockSoftMatch' + Enable = $True +} + +Set-EntraDirSyncFeature @params +``` + +This command enables the BlockSoftMatch feature for the tenant - effectively blocking the Soft Matching feature in the tenant. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. + +### Example 3: Block Cloud object takeover through Hard Matching for the tenant + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +$params = @{ + Feature = 'BlockCloudObjectTakeoverThroughHardMatch' + Enable = $True +} + +Set-EntraDirSyncFeature @params +``` + +This command enables the BlockCloudObjectTakeoverThroughHardMatch feature for the tenant - effectively blocking the Hard Match object takeover. + +- `-Feature` specifies the directory synchronization feature to turn on or off. +- `-Enable` specifies whether the specified features are turned on for the company. +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -Feature + +The DirSync feature to turn on or off. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Enable + +Indicates whether the specified features are turned on for the company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: False +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -Force + +Forces the command to run without asking for user confirmation. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For additional details see [Update onPremisesDirectorySynchronization](https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-update). +- For the feature list see the [onPremisesDirectorySynchronizationFeature resource type](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature). + +## Related Links + +[Get-EntraDirSyncFeature](Get-EntraDirSyncFeature.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomain.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomain.md new file mode 100644 index 0000000000..646520128a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomain.md @@ -0,0 +1,135 @@ +--- +title: Set-EntraDomain +description: This article provides details on the Set-EntraDomain command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDomain + +schema: 2.0.0 +--- + +# Set-EntraDomain + +## Synopsis + +Updates a domain. + +## Syntax + +```powershell +Set-EntraDomain + -Name + [-IsDefault ] + [-SupportedServices ] + [] +``` + +## Description + +The `Set-EntraDomain` cmdlet updates a verified domain in Microsoft Entra ID. + +The work or school account needs to belong to at least one of the following Microsoft Entra roles: + +- Domain Name Administrator +- Security Administrator +- External Identity Provider Administrator + +## Examples + +### Example 1: Set the domain as the default domain for new user account creation + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Set-EntraDomain -Name Contoso.com -IsDefault $true +``` + +This example demonstrates how to set default domain for new user account in Microsoft Entra ID. + +### Example 2: Set the list of domain capabilities + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' +Set-EntraDomain -Name Contoso.com -SupportedServices @('Email', 'OfficeCommunicationsOnline') +``` + +This example demonstrates how to set domain capabilities for new user account in Microsoft Entra ID. + +## Parameters + +### -IsDefault + +Indicates whether or not this is the default domain that is used for user creation. +There's only one default domain per company. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The fully qualified name of the domain. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SupportedServices + +The capabilities assigned to the domain. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Confirm-EntraDomain](Confirm-EntraDomain.md) + +[Get-EntraDomain](Get-EntraDomain.md) + +[New-EntraDomain](New-EntraDomain.md) + +[Remove-EntraDomain](Remove-EntraDomain.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomainFederationSettings.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomainFederationSettings.md new file mode 100644 index 0000000000..3d03f90ca7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraDomainFederationSettings.md @@ -0,0 +1,290 @@ +--- +title: Set-EntraDomainFederationSettings +description: This article provides details on the Set-EntraDomainFederationSettings command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDomainFederationSettings + +schema: 2.0.0 +--- + +# Set-EntraDomainFederationSettings + +## Synopsis + +Updates settings for a federated domain. + +## Syntax + +```powershell +Set-EntraDomainFederationSettings + -DomainName + [-SigningCertificate ] + [-NextSigningCertificate ] + [-LogOffUri ] + [-PassiveLogOnUri ] + [-ActiveLogOnUri ] + [-IssuerUri ] + [-FederationBrandName ] + [-MetadataExchangeUri ] + [-PreferredAuthenticationProtocol ] + [-SigningCertificateUpdateStatus ] + [-PromptLoginBehavior ] + [] +``` + +## Description + +The `Set-EntraDomainFederationSettings` cmdlet is used to update the settings of a single sign-on domain. + +For delegated scenarios, the calling user must be assigned at least one of the following Microsoft Entra roles: + +- Domain Name Administrator +- External Identity Provider Administrator +- Hybrid Identity Administrator +- Security Administrator + +## Examples + +### Example 1: Set the PromptLoginBehavior + +```powershell +Connect-Entra -Scopes 'Domain.ReadWrite.All' + +$params = @{ + DomainName = 'contoso.com' + PreferredAuthenticationProtocol = 'WsFed' + PromptLoginBehavior = 'TranslateToFreshPasswordAuth' # Or 'NativeSupport' or 'Disabled', depending on the requirement +} +Set-EntraDomainFederationSettings @params +``` + +This command updates the `PromptLoginBehavior` to either `TranslateToFreshPasswordAuth`, `NativeSupport`, or `Disabled`. These possible values are described: + +- `TranslateToFreshPasswordAuth` - means the default Microsoft Entra ID behavior of translating `prompt=login` to `wauth=https://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password` and `wfresh=0`. +- `NativeSupport` - means that the `prompt=login` parameter is sent as is to ADFS. +- `Disabled` - means that only wfresh=0 is sent to ADFS + +Use the `Get-EntraDomainFederationSettings -DomainName | Format-List *` to get the values for `PreferredAuthenticationProtocol` and `PromptLoginBehavior` for the federated domain. + +- `-DomainName` parameter specifies the fully qualified domain name to retrieve. +- `-PreferredAuthenticationProtocol` parameter specifies the preferred authentication protocol. +- `-PromptLoginBehavior` parameter specifies the prompt sign-in behavior. + +## Parameters + +### -DomainName + +The fully qualified domain name (FQDN) to update. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -SigningCertificate + +The current certificate used to sign tokens passed to the Microsoft Entra ID Identity platform. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NextSigningCertificate + +The next token signing certificate that will be used to sign tokens when the primary signing certificate expires. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -LogOffUri + +The URL clients are redirected to when they sign out of Microsoft Entra ID services. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PassiveLogOnUri + +The URL that web-based clients will be directed to when signing in to Microsoft Entra ID services. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ActiveLogOnUri + +A URL that specifies the end point used by active clients when authenticating with domains set up for single sign-on (also known as identity federation) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 6 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IssuerUri + +The unique identifier of the domain in the Microsoft Entra ID Identity platform derived from the federation server. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 7 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FederationBrandName + +The name of the string value shown to users when signing in to Microsoft Entra ID. +We recommend that customers use something that is familiar to +users such as "Contoso Inc." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 8 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MetadataExchangeUri + +The URL that specifies the metadata exchange end point used for authentication from rich client applications such as Lync Online. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 9 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PreferredAuthenticationProtocol + +Specifies the preferred authentication protocol. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 10 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SigningCertificateUpdateStatus + +Specifies the update status of the signing certificate. + +```yaml +Type: System.Object +Parameter Sets: (All) +Aliases: + +Required: False +Position: 11 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PromptLoginBehavior + +Specifies the prompt login behavior. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 12 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraDomainFederationSettings](Get-EntraDomainFederationSettings.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraPartnerInformation.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraPartnerInformation.md new file mode 100644 index 0000000000..e3b3abd089 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraPartnerInformation.md @@ -0,0 +1,242 @@ +--- +title: Set-EntraPartnerInformation +description: This article provides details on the Set-EntraPartnerInformation command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraPartnerInformation + +schema: 2.0.0 +--- + +# Set-EntraPartnerInformation + +## Synopsis + +Sets company information for partners. + +## Syntax + +```powershell +Set-EntraPartnerInformation + [-CompanyType ] + [-PartnerCompanyName ] + [-PartnerSupportTelephones ] + [-PartnerSupportEmails ] + [-PartnerCommerceUrl ] + [-PartnerSupportUrl ] + [-PartnerHelpUrl ] + [-TenantId ] + [] +``` + +## Description + +The `Set-EntraPartnerInformation` cmdlet is used by partners to set partner-specific properties. + +These properties can view by all tenants that the partner has access to. + +## Examples + +### Example 1: Update the help URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraPartnerInformation -PartnerHelpUrl 'http://www.help.contoso.com' +``` + +This example shows how to update the help URL. + +### Example 2: Update the Support URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraPartnerInformation -PartnerSupportUrl 'http://www.test1.com' +``` + +This example shows how to update the support URL. + +### Example 3: Update the Commerce URL + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraPartnerInformation -PartnerCommerceUrl 'http://www.test1.com' +``` + +This example shows how to update the commerce URL. + +### Example 4: Update the SupportEmails + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraPartnerInformation -PartnerSupportEmails 'contoso@example.com' +``` + +This example shows how to update the support email addresses. + +### Example 5: Update the SupportTelephones + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$tenantId = (Get-EntraContext).TenantId +$params = @{ + PartnerSupportTelephones = '234234234' + TenantId = $tenantId +} +Set-EntraPartnerInformation @params +``` + +This example shows how to update support telephone numbers. + +## Parameters + +### -PartnerCommerceUrl + +Specifies the URL for the partner's commerce website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerHelpUrl + +Specifies the URL for the partner's Help website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportEmails + +Specifies the support email address for the partner. + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportTelephones + +Specifies the support telephone numbers for the partner. + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerSupportUrl + +Specifies the URL for the partner's support website. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -TenantId + +Specifies the unique ID of the tenant on which to perform the operation. +The default value is the tenant of the current user. +This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -CompanyType + +Specifies the partner's company type. + +```yaml +Type: CompanyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -PartnerCompanyName + +Specifies the partner's company name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPartnerInformation](Get-EntraPartnerInformation.md) diff --git a/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraTenantDetail.md b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraTenantDetail.md new file mode 100644 index 0000000000..d5c3e895dd --- /dev/null +++ b/module/docs/entra-powershell-v1.0/DirectoryManagement/Set-EntraTenantDetail.md @@ -0,0 +1,216 @@ +--- +title: Set-EntraTenantDetail +description: This article provides details on the Set-EntraTenantDetail command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraTenantDetail + +schema: 2.0.0 +--- + +# Set-EntraTenantDetail + +## Synopsis + +Set contact details for a tenant. + +## Syntax + +```powershell +Set-EntraTenantDetail + [-PrivacyProfile ] + [-MarketingNotificationEmails ] + [-TechnicalNotificationMails ] + [-SecurityComplianceNotificationMails ] + [-SecurityComplianceNotificationPhones ] + [] +``` + +## Description + +This cmdlet is used to set various contact details for a tenant. + +For delegated scenarios, the signed-in user must have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Privileged Role Administrator +- User Administrator +- Helpdesk Administrator + +## Examples + +### Example 1: Set contact details for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$params = @{ + MarketingNotificationEmails = @('amy@contoso.com', 'henry@contoso.com') + SecurityComplianceNotificationMails = @('john@contoso.com', 'mary@contoso.com') + SecurityComplianceNotificationPhones = @('1-555-625-9999', '1-555-233-5544') + TechnicalNotificationMails = 'peter@contoso.com' +} + +Set-EntraTenantDetail @params +``` + +This example demonstrates how to set various contact details for a tenant. + +- `-MarketingNotificationEmails` parameter indicates the email addresses that are used to send marketing notification emails. +- `-SecurityComplianceNotificationMails` parameter indicates the email addresses that are used to send security compliance emails. +- `-SecurityComplianceNotificationPhones` parameter specifies the phone numbers that are used for security compliance. +- `-TechnicalNotificationMails` parameter indicates the email addresses that are used for technical notification emails. + +### Example 2: Set MarketingNotificationEmails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraTenantDetail -MarketingNotificationEmails @('amy@contoso.com','henry@contoso.com') +``` + +This example demonstrates how to set MarketingNotificationEmails detail for a tenant. + +- `-MarketingNotificationEmails` parameter indicates the email addresses that are used to send marketing notification emails. + +### Example 3: Set SecurityComplianceNotificationMails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraTenantDetail -SecurityComplianceNotificationMails @('john@contoso.com','mary@contoso.com') +``` + +This example demonstrates how to set SecurityComplianceNotificationMails detail for a tenant. + +- `-SecurityComplianceNotificationMails` parameter indicates the email addresses that are used to send security compliance emails. + +### Example 4: Set -SecurityComplianceNotificationPhones for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraTenantDetail -SecurityComplianceNotificationPhones @('1-555-625-9999', '1-555-233-5544') +``` + +This example demonstrates how to set MarketingNotificationEmails detail for a tenant. + +- `-SecurityComplianceNotificationPhones` parameter specifies the phone numbers that are used for security compliance. + +### Example 5: Set TechnicalNotificationMails for a tenant + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +Set-EntraTenantDetail -TechnicalNotificationMails 'peter@contoso.com' +``` + +This example demonstrates how to set TechnicalNotificationMails detail for a tenant. + +- `-TechnicalNotificationMails` parameter indicates the email addresses that are used for technical notification emails. + +## Parameters + +### -MarketingNotificationEmails + +The email addresses that are used to send marketing notification emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityComplianceNotificationMails + +The email addresses that are used to send security compliance emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityComplianceNotificationPhones + +One or more phone numbers that are used for security compliance. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TechnicalNotificationMails + +The email addresses that are used for technical notification emails. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrivacyProfile + +Represents a company's privacy profile, which includes a privacy statement URL and a contact person for questions regarding the privacy statement. + +```yaml +Type: PrivacyProfile +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +- For more details see [Update organization](https://learn.microsoft.com/graph/api/organization-update). + +## Related Links + +[Get-EntraTenantDetail](Get-EntraTenantDetail.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleAssignment.md b/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleAssignment.md new file mode 100644 index 0000000000..09b58f225f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleAssignment.md @@ -0,0 +1,282 @@ +--- +title: Get-EntraDirectoryRoleAssignment +description: This article provides details on the Get-EntraDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraDirectoryRoleAssignment + +## Synopsis + +Get a Microsoft Entra ID roleAssignment. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDirectoryRoleAssignment + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetValue + +```powershell +Get-EntraDirectoryRoleAssignment + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDirectoryRoleAssignment + -UnifiedRoleAssignmentId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDirectoryRoleAssignment` cmdlet gets information about role assignments in Microsoft Entra ID. To get a role assignment, specify the `UnifiedRoleAssignmentId` parameter. Specify the `SearchString` or `Filter` parameter to find a particular role assignment. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: + +- microsoft.directory/roleAssignments/standard/read (least privileged) +- microsoft.directory/roleAssignments/allProperties/read +- microsoft.directory/roleAssignments/allProperties/allTasks + +The least privileged roles for this operation, from least to most privileged, are: + +- Directory Readers +- Global Reader +- Privileged Role Administrator + +## Examples + +### Example 1: Get role assignments + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments in Microsoft Entra ID. + +### Example 2: Get role assignments using 'All' parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment -All +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets all the role assignments in Microsoft Entra ID. + +### Example 3: Get role assignments by Id + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId '00001111-aaaa-2222-bbbb-3333cccc4444' +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments using specified roleAssignment Id. + +- `UnifiedRoleAssignmentId` parameter specifies the roleAssignment object ID. + +### Example 4: Get role assignments filter by principalId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment -Filter "principalId eq 'aaaaaaaa-bbbb-cccc-1111-222222222222'" +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments containing the specified principalId. + +### Example 5: Get role assignments filter by roleDefinitionId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment -Filter "roleDefinitionId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +22223333-cccc-4444-dddd-5555eeee6666 cccccccc-dddd-eeee-3333-444444444444 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +33334444-dddd-5555-eeee-6666ffff7777 dddddddd-eeee-ffff-4444-555555555555 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +44445555-eeee-6666-ffff-7777aaaa8888 eeeeeeee-ffff-aaaa-5555-666666666666 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets the role assignments containing the specified roleDefinitionId. + +### Example 6: Get top two role assignments + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleAssignment -Top 2 +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +00001111-aaaa-2222-bbbb-3333cccc4444 aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-cccc-dddd-2222-333333333333 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command gets top two role assignments. + +## Parameters + +### -UnifiedRoleAssignmentId + +The unique identifier of a Microsoft Entra ID roleAssignment object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleAssignment + +## Notes + +`Get-EntraRoleAssignment` is an alias for `Get-EntraDirectoryRoleAssignment`. + +## Related Links + +[New-EntraDirectoryRoleAssignment](New-EntraDirectoryRoleAssignment.md) + +[Remove-EntraDirectoryRoleAssignment](Remove-EntraDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleDefinition.md b/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleDefinition.md new file mode 100644 index 0000000000..b8692bf1b6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/Get-EntraDirectoryRoleDefinition.md @@ -0,0 +1,273 @@ +--- +title: Get-EntraDirectoryRoleDefinition +description: This article provides details on the Get-EntraDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Get-EntraDirectoryRoleDefinition + +## Synopsis + +Gets information about role definitions in Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDirectoryRoleDefinition + [-All] + [-Top ] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraDirectoryRoleDefinition + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDirectoryRoleDefinition + -UnifiedRoleDefinitionId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDirectoryRoleDefinition` cmdlet gets information about role definitions in Microsoft Entra ID. To get a role definition, specify the `UnifiedRoleDefinitionId` parameter. Specify the `SearchString` or `Filter` parameter to find particular role definition. + +In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: + +- microsoft.directory/roleAssignments/standard/read (least privileged) +- microsoft.directory/roleAssignments/allProperties/read +- microsoft.directory/roleAssignments/allProperties/allTasks + +The least privileged roles for this operation, from least to most privileged, are: + +- Directory Readers +- Global Reader +- Privileged Role Administrator + +## Examples + +### Example 1: Get all role definitions + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleDefinition +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Guest User 10dae51f-b6af-4016-8d66-8c2a99b929b3 10dae51f-b6af-4016-8d66-8c2a99b929b3 Default role for guest users. Can read a limited set of directory information. +Restricted Guest User 2af84b1e-32c8-42b7-82bc-daa82404023b 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. +``` + +This command returns all the role definitions present. + +### Example 2: Get a role definition by UnifiedRoleDefinitionId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId '1a327991-10cb-4266-877a-998fb4df78ec' +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Restricted Guest User 2af84b1e-32c8-42b7-82bc-daa82404023b 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. +``` + +This command returns a specified role definition. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. + +### Example 3: Filter role definitions by display name + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleDefinition -Filter "startsWith(displayName, 'Restricted')" +``` + +```Output +DisplayName Id TemplateId Description +----------- -- ---------- ----------- +Restricted Guest User 2af84b1e-32c8-42b7-82bc-daa82404023b 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. +``` + +This command return all the role definitions containing the specified display name. + +### Example 4: Get top two role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleDefinition -Top 2 +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +Restricted Guest User 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 2af84b1e-32c8-42b7-82bc-daa82404023b Restricted role for guest users. Can read a limited set of directory information. True True +``` + +This command return top two the role definitions in Microsoft Entra DirectoryRoleId. + +### Example 5: Filter role definitions by display name + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory','EntitlementManagement.Read.All' +Get-EntraDirectoryRoleDefinition -SearchString 'Global' + ``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +Global Administrator 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 62e90394-69f5-4237-9190-012177145e10 Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identit… +Global Reader 11bb11bb-cc22-dd33-ee44-55ff55ff55ff f2ef992c-3afb-46b9-b7cf-a126ee74c451 Can read everything that a Global Administrator can, but not update anything. +``` + +This command return all the role definitions containing the specified display name. + +## Parameters + +### -UnifiedRoleDefinitionId + +Specifies the UnifiedRoleDefinitionId of the role definition. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records that this cmdlet gets. The default value is 100. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter string to match a set of role definitions. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +`Get-EntraRoleDefinition` is an alias for `Get-EntraDirectoryRoleDefintion`. + +## Related Links + +[New-EntraDirectoryRoleDefinition](New-EntraDirectoryRoleDefinition.md) + +[Remove-EntraDirectoryRoleDefinition](Remove-EntraDirectoryRoleDefinition.md) + +[Set-EntraDirectoryRoleDefinition](Set-EntraDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleAssignment.md b/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleAssignment.md new file mode 100644 index 0000000000..f8d0af8d75 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleAssignment.md @@ -0,0 +1,136 @@ +--- +title: New-EntraDirectoryRoleAssignment +description: This article provides details on the New-EntraDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraDirectoryRoleAssignment + +## Synopsis + +Create a new Microsoft Entra ID roleAssignment. + +## Syntax + +```powershell +New-EntraDirectoryRoleAssignment + -PrincipalId + -RoleDefinitionId + [-DirectoryScopeId ] + [] +``` + +## Description + +The `New-EntraDirectoryRoleAssignment` cmdlet creates a new Microsoft Entra role assignment. + +## Examples + +### Example 1: Create a new Microsoft Entra ID role assignment + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory','EntitlementManagement.ReadWrite.All' +$params = @{ + RoleDefinitionId = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + PrincipalId = 'aaaaaaaa-bbbb-cccc-1111-222222222222' + DirectoryScopeId = '/' + } + +New-EntraDirectoryRoleAssignment @params +``` + +```Output +Id PrincipalId RoleDefinitionId DirectoryScopeId AppScopeId +-- ----------- ---------------- ---------------- ---------- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u aaaaaaaa-bbbb-cccc-1111-222222222222 a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 / +``` + +This command creates a new role assignment in Microsoft Entra ID. + +- `-RoleDefinitionId` parameter specifies the ID of the role definition that you want to assign. Role definitions describe the permissions that are granted to users or groups by the role. This is the Identifier of the `unifiedRoleDefinition` the assignment is for. + +- `-PrincipalId` parameter specifies the ID of the principal (user, group, or service principal) to whom the role is being assigned. + +- `-DirectoryScopeId` parameter specifies the scope of the directory over which the role assignment is effective. The '/' value typically represents the root scope, meaning the role assignment is applicable across the entire directory. + +## Parameters + +### -DirectoryScopeId + +Specifies the scope for the role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies the principal for role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleDefinitionId + +Specifies the role definition for role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleAssignment + +## Notes + +`New-EntraRoleAssignment` is an alias for `New-EntraDirectoryRoleAssignment`. + +## Related Links + +[Get-EntraDirectoryRoleAssignment](Get-EntraDirectoryRoleAssignment.md) + +[Remove-EntraDirectoryRoleAssignment](Remove-EntraDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleDefinition.md b/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleDefinition.md new file mode 100644 index 0000000000..e3432a4c05 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/New-EntraDirectoryRoleDefinition.md @@ -0,0 +1,330 @@ +--- +title: New-EntraDirectoryRoleDefinition +description: This article provides details on the New-EntraDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# New-EntraDirectoryRoleDefinition + +## Synopsis + +Create a new Microsoft Entra ID roleDefinition. + +## Syntax + +```powershell +New-EntraDirectoryRoleDefinition + [-TemplateId ] + -DisplayName + -RolePermissions + [-Description ] + [-Version ] + -IsEnabled + [-ResourceScopes ] + [] +``` + +## Description + +Create a new Microsoft Entra ID roleDefinition object. + +## Examples + +### Example 1: Creates a new role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' +} + +New-EntraDirectoryRoleDefinition @params +``` + +```Output + +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 93ff7659-04bd-4d97-8add-b6c992cce98e False False + +``` + +This command creates a new role definition in Microsoft Entra ID. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. + +### Example 2: Creates a new role definition with Description parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + Description = 'Role Definition demo' +} + +New-EntraDirectoryRoleDefinition @params +``` + +```Output + +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 e14cb8e2-d696-4756-bd7f-c7df25271f3d Role Definition demo False False + +``` + +This command creates a new role definition with Description parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Description` parameter specifies the description for the role definition. + +### Example 3: Creates a new role definition with ResourceScopes parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + ResourceScopes = '/' +} + +New-EntraDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 2bc29892-ca2e-457e-b7c0-03257a0bcd0c False False + +``` + +This command creates a new role definition with ResourceScopes parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-ResourceScopes` parameter specifies the resource scopes for the role definition. + +### Example 4: Creates a new role definition with TemplateId parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + TemplateId = '4dd5aa9c-cf4d-4895-a993-740d342802b9' +} + +New-EntraDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 4dd5aa9c-cf4d-4895-a993-740d342802b9 False False + +``` + +This command creates a new role definition with TemplateId parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-TemplateId` parameter specifies the template ID for the role definition. + +### Example 5: Creates a new role definition with Version parameter + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") +$params = @{ + RolePermissions = $RolePermissions + IsEnabled = $false + DisplayName = 'MyRoleDefinition' + Version = '2' +} + +New-EntraDirectoryRoleDefinition @params +``` + +```Output +DisplayName Id TemplateId Description IsBuiltIn IsEnabled +----------- -- ---------- ----------- --------- --------- +MyRoleDefinition a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 b69d16e9-b3f9-4289-a87f-8f796bd9fa28 False False + +``` + +This command creates a new role definition with Version parameter. + +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Version` parameter specifies the version for the role definition. + +## Parameters + +### -Description + +Specifies a description for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies whether the role definition is enabled. Flag indicating if the role is enabled for assignment. If false, the role isn't available for assignment. Read-only when `isBuiltIn` is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceScopes + +Specifies the resource scopes for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RolePermissions + +Specifies permissions for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TemplateId + +Specifies the template ID for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Version + +Specifies version for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition + +## Notes + +`New-EntraRoleDefinition` is an alias for `New-EntraDirectoryRoleDefintion`. + +## Related Links + +[Get-EntraDirectoryRoleDefinition](Get-EntraDirectoryRoleDefinition.md) + +[Remove-EntraDirectoryRoleDefinition](Remove-EntraDirectoryRoleDefinition.md) + +[Set-EntraDirectoryRoleDefinition](Set-EntraDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleAssignment.md b/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleAssignment.md new file mode 100644 index 0000000000..351dfc8123 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleAssignment.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraDirectoryRoleAssignment +description: This article provides details on the Remove-EntraDirectoryRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDirectoryRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraDirectoryRoleAssignment + +## Synopsis + +Delete a Microsoft Entra ID roleAssignment. + +## Syntax + +```powershell +Remove-EntraDirectoryRoleAssignment + -UnifiedRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraDirectoryRoleAssignment` cmdlet removes a role assignment from Microsoft Entra ID. + +## Examples + +### Example 1: Remove a role assignment + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory','EntitlementManagement.ReadWrite.All' +Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId Y1vFBcN4i0e3ngdNDocmngJAWGnAbFVAnJQyBBLv1lM-1 +``` + +This example removes the specified role assignment from Microsoft Entra ID. + +- `-Id` parameter specifies the role assignment ID. + +## Parameters + +### -UnifiedRoleAssignmentId + +The unique identifier of an object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Remove-EntraRoleAssignment` is an alias for `Remove-EntraDirectoryRoleAssignment`. + +## Related Links + +[Get-EntraDirectoryRoleAssignment](Get-EntraDirectoryRoleAssignment.md) + +[New-EntraDirectoryRoleAssignment](New-EntraDirectoryRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleDefinition.md b/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleDefinition.md new file mode 100644 index 0000000000..2e82dc662f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/Remove-EntraDirectoryRoleDefinition.md @@ -0,0 +1,93 @@ +--- +title: Remove-EntraDirectoryRoleDefinition +description: This article provides details on the Remove-EntraDirectoryRoleDefinition command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Remove-EntraDirectoryRoleDefinition + +## Synopsis + +Delete a Microsoft Entra ID Directory roleDefinition object. + +## Syntax + +```powershell +Remove-EntraDirectoryRoleDefinition + -UnifiedRoleDefinitionId + [] +``` + +## Description + +Delete a Microsoft Entra ID Directory roleDefinition object by ID. + +You can't delete built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. + +## Examples + +### Example 1: Remove a specified role definition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 +``` + +This example demonstrates how to remove the specified role definition from Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. + +## Parameters + +### -UnifiedRoleDefinitionId + +The unique identifier of an object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Remove-EntraRoleDefinition` is an alias for `Remove-EntraDirectoryRoleDefintion`. + +## Related Links + +[Get-EntraDirectoryRoleDefinition](Get-EntraDirectoryRoleDefinition.md) + +[New-EntraDirectoryRoleDefinition](New-EntraDirectoryRoleDefinition.md) + +[Set-EntraDirectoryRoleDefinition](Set-EntraDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/Governance/Set-EntraDirectoryRoleDefinition.md b/module/docs/entra-powershell-v1.0/Governance/Set-EntraDirectoryRoleDefinition.md new file mode 100644 index 0000000000..42b8ba48a8 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Governance/Set-EntraDirectoryRoleDefinition.md @@ -0,0 +1,267 @@ +--- +title: Set-EntraDirectoryRoleDefinition +description: This article provides details on the Set-EntraDirectoryRoleDefinition command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Governance-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraDirectoryRoleDefinition + +schema: 2.0.0 +--- + +# Set-EntraDirectoryRoleDefinition + +## Synopsis + +Update an existing Microsoft Entra ID roleDefinition. + +## Syntax + +```powershell +Set-EntraDirectoryRoleDefinition + [-TemplateId ] + [-DisplayName ] + [-RolePermissions ] + -UnifiedRoleDefinitionId + [-Description ] + [-Version ] + [-IsEnabled ] + [-ResourceScopes ] + [] +``` + +## Description + +Updates a Microsoft Entra roleDefinition object identified by ID. You can't update built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. + +## Examples + +### Example 1: Update an roleDefinition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraDirectoryRoleDefinition -Filter "DisplayName eq ''" +Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId $roleDefinition.Id -DisplayName 'UpdatedDisplayName' +``` + +This example updates the specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-DisplayName` parameter specifies the display name for the role definition. + +### Example 2: Update an roleDefinition with Description + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraDirectoryRoleDefinition -Filter "DisplayName eq ''" +Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId $roleDefinition.Id -Description 'MYROLEUPDATE1S' +``` + +This example updates the Description of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-Description` parameter specifies the description for the role definition. + +### Example 3: Update an roleDefinition with IsEnabled + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraDirectoryRoleDefinition -Filter "DisplayName eq ''" +Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId $roleDefinition.Id -IsEnabled $true +``` + +This example updates the IsEnabled of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-IsEnabled` parameter specifies whether the role definition is enabled. + +### Example 4: Update an roleDefinition + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$roleDefinition = Get-EntraDirectoryRoleDefinition -Filter "DisplayName eq ''" +$RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission +$RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/standard/read") +$params = @{ + UnifiedRoleDefinitionId = $roleDefinition.Id + Description = 'Update' + DisplayName = 'Update' + ResourceScopes = '/' + IsEnabled = $false + RolePermissions = $RolePermissions + TemplateId = '54d418b2-4cc0-47ee-9b39-e8f84ed8e073' + Version = 2 +} + +Set-EntraDirectoryRoleDefinition @params +``` + +This example updates the RolePermissions, TemplateId, TemplateId, ResourceScopes of specified role definition in Microsoft Entra ID. + +- `-UnifiedRoleDefinitionId` parameter specifies the roleDefinition object ID. +- `-RolePermissions` parameter specifies the permissions for the role definition. +- `-IsEnabled` parameter specifies whether the role definition is enabled. +- `-DisplayName` parameter specifies the display name for the role definition. +- `-Description` parameter specifies the description for the role definition. +- `-ResourceScopes` parameter specifies the resource scopes for the role definition. +- `-TemplateId` parameter specifies the template ID for the role definition. +- `-Version` parameter specifies the version for the role definition. + +## Parameters + +### -UnifiedRoleDefinitionId + +Specifies the roleDefinition object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Description + +Specifies a description for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the role definition. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies whether the role definition is enabled. Flag indicating if the role is enabled for assignment. If false, the role is not available for assignment. Read-only when `isBuiltIn` is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceScopes + +Specifies the resource scopes for the role definition. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RolePermissions + +Specifies permissions for the role definition. List of permissions included in the role. Read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TemplateId + +Specifies the template ID for the role definition. A custom template ID can be set when `isBuiltIn` is `false`. This ID is typically used to keep the same identifier across different directories. It is read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Version + +Specifies version for the role definition. Indicates version of the role definition. Read-only when `isBuiltIn` is `true`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +`Set-EntraRoleDefinition` is an alias for `Set-EntraDirectoryRoleDefintion`. + +## Related Links + +[Get-EntraDirectoryRoleDefinition](Get-EntraDirectoryRoleDefinition.md) + +[New-EntraDirectoryRoleDefinition](New-EntraDirectoryRoleDefinition.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupMember.md new file mode 100644 index 0000000000..226696a777 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupMember.md @@ -0,0 +1,109 @@ +--- +title: Add-EntraGroupMember +description: This article explains the Add-EntraGroupMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraGroupMember + +schema: 2.0.0 +--- + +# Add-EntraGroupMember + +## Synopsis + +Adds a member to a group. + +## Syntax + +```powershell +Add-EntraGroupMember + -GroupId + -RefObjectId + [] +``` + +## Description + +The Add-EntraGroupMember cmdlet adds a member to a group. + +In delegated scenarios, the signed-in user needs a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/members/update` permission. The minimum roles required for this operation, excluding role-assignable groups, are: + +- Group owners +- Directory Writers +- Groups Administrator +- User Administrator + +## Examples + +### Example 1: Add a member to a group + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Contoso Marketing Group'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +Add-EntraGroupMember -GroupId $group.Id -RefObjectId $user.Id +``` + +This example demonstrates how to add a member to a group. + +- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add a member. +- `-RefObjectId` - Specifies the unique identifier (Object ID) of the member to be added to the group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupMember](Get-EntraGroupMember.md) + +[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupOwner.md new file mode 100644 index 0000000000..ff787973b4 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Add-EntraGroupOwner.md @@ -0,0 +1,109 @@ +--- +title: Add-EntraGroupOwner +description: This article explains the Add-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraGroupOwner + +schema: 2.0.0 +--- + +# Add-EntraGroupOwner + +## Synopsis + +Adds an owner to a group. + +## Syntax + +```powershell +Add-EntraGroupOwner + -GroupId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraGroupOwner` cmdlet adds an owner to a Microsoft Entra ID group. Specify the `GroupId` and `RefObjectId` parameters to add an owner to a group. + +In delegated scenarios, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The minimum roles required for this operation are: + +- Group owners +- User Administrator +- Directory Writers +- Groups Administrator + +## Examples + +### Example 1: Add an owner to a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +Add-EntraGroupOwner -GroupId $group.Id -RefObjectId $user.Id +``` + +This example demonstrates how to add an owner to a group. + +- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add an owner. +- `-RefObjectId` - Specifies the unique identifier (Object ID) of the owner to be added to the group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupOwner](Get-EntraGroupOwner.md) + +[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Add-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Groups/Add-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..db8d28494b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Add-EntraLifecyclePolicyGroup.md @@ -0,0 +1,107 @@ +--- +title: Add-EntraLifecyclePolicyGroup +description: This article provides details on the Add-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Add-EntraLifecyclePolicyGroup + +## Synopsis + +Adds a group to a lifecycle policy. + +## Syntax + +```powershell +Add-EntraLifecyclePolicyGroup + -GroupId + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Add-EntraLifecyclePolicyGroup` cmdlet adds a group to a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1: Add a group to the lifecycle policy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraGroupLifecyclePolicy | Select-Object -First 1 +Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id +``` + +This example adds a group to the lifecycle policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy add to the group. +- `-GroupId` parameter specifies the ID of the group add to the Lifecycle Policy. + +## Parameters + +### -GroupId + +Specifies the ID of an Office365 group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) + +[Remove-EntraLifecyclePolicyGroup](Remove-EntraLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraDeletedGroup.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraDeletedGroup.md new file mode 100644 index 0000000000..e626d08b98 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraDeletedGroup.md @@ -0,0 +1,293 @@ +--- +title: Get-EntraDeletedGroup +description: This article provides details on the Get-EntraDeletedGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeletedGroup + +schema: 2.0.0 +--- + +# Get-EntraDeletedGroup + +## Synopsis + +Retrieves soft-deleted groups in Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDeletedGroup + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraDeletedGroup + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDeletedGroup + -GroupId + [-All] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraDeletedGroup + [-All] + [-SearchString ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraDeletedGroup` cmdlet retrieves soft-deleted groups from the directory. Deleted groups can be recovered within 30 days, after which they are permanently deleted. + +Soft delete currently applies only to Unified Groups (Office 365 Groups). + +## Examples + +### Example 1: Get deleted groups in the directory + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the Microsoft Entra ID. + +### Example 2: Get deleted groups in the directory using All parameter + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -All +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the directory, using All parameter. + +### Example 3: Get top two deleted groups + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -Top 2 +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +``` + +This cmdlet retrieves top two deleted groups in the directory. + +### Example 4: Get deleted groups containing string 'test2' + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -SearchString 'test2' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, containing the specified string. + +### Example 5: Get deleted groups filter by display name + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -Filter "displayName eq 'test21'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, having the specified display name. + +### Example 6: Get deleted group by GroupId + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -GroupId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves the deleted group specified by GroupId. + +- `-GroupId` parameter specifies the deleted group GroupId. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The GroupId of the deleted group to be retrieved. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroup.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroup.md new file mode 100644 index 0000000000..dffb8fec94 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroup.md @@ -0,0 +1,310 @@ +--- +title: Get-EntraGroup +description: This article explains the Get-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroup + +schema: 2.0.0 +--- + +# Get-EntraGroup + +## Synopsis + +Gets a group. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraGroup + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraGroup + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraGroup + -GroupId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroup` cmdlet gets a group in Microsoft Entra ID. Specify the `ObjectId` parameter to get a specific group. + +## Examples + +### Example 1: Get all groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup +``` + +```Output +DisplayName Id MailNickname Description +----------- -- ------------ ----------- +SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName +SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName +testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 +My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group +SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName +``` + +This example demonstrates how to get all groups from Microsoft Entra ID. + +### Example 2: Get a specific group by using an GroupId + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" +Get-EntraGroup -GroupId $group.Id +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneaglegroup Crimson Eagle Group {Unified} +``` + +This example demonstrates how to retrieve specific group by providing ID. + +### Example 3: Get top five groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -Top 5 +``` + +```Output +DisplayName Id MailNickname Description +----------- -- ------------ ----------- +Contoso Group hhhhhhhh-3333-5555-3333-qqqqqqqqqqqq contosogroup Contoso Group +Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneagle Crimson Eagle Group +Bold Falcon tttttttt-0000-3333-9999-mmmmmmmmmmmm boldfalcon Bold Falcon Group +Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda +Misty Fox kkkkkkkk-3333-5555-1111-nnnnnnnnnnnn mistyfox Misty Fox Group +``` + +This example demonstrates how to get top five groups. + +### Example 4: Get a group by DisplayName + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda {Unified} +``` + +In this example, we retrieve group using the Display Name. + +### Example 5: Get groups that contain a search string + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -SearchString 'New' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +New Sparkling Deer bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq newsparklingdeer New Sparkling Deer Group {Unified} +New Golden Fox xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb newgoldenfox New Golden Fox {DynamicMembership} +``` + +This example demonstrates how to retrieve groups that include the text new in their display names from Microsoft Entra ID. + +### Example 6: Listing ownerless groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraGroup -All +$groupsWithoutOwners = foreach ($group in $allGroups) { + $owners = Get-EntraGroupOwner -ObjectId $group.Id + if ($owners.Count -eq 0) { + $group + } +} +$groupsWithoutOwners | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without owners. By identifying ownerless groups, IT admins can improve overall governance and operational efficiency. + +### Example 7: Listing empty groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraGroup -All +$groupsWithoutMembers = foreach ($group in $allGroups) { + $members = Get-EntraGroupMember -ObjectId $group.Id + if ($members.Count -eq 0) { + $group + } +} +$groupsWithoutMembers | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without members. By identifying memberless groups, IT admins can identify and clean up unused or obsolete groups that no longer serve a purpose. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The unique identifier of a group in Microsoft Entra ID (GroupId) + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraGroup](New-EntraGroup.md) + +[Remove-EntraGroup](Remove-EntraGroup.md) + +[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..4a6740f0fe --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupAppRoleAssignment.md @@ -0,0 +1,183 @@ +--- +title: Get-EntraGroupAppRoleAssignment +description: This article provides details on the Get-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraGroupAppRoleAssignment + +## Synopsis + +Gets a group application role assignment. + +## Syntax + +```powershell +Get-EntraGroupAppRoleAssignment + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupAppRoleAssignment` cmdlet gets a group application role assignment in Microsoft Entra ID. Specify the `GroupId` parameter to get a group application role assignment. + +## Examples + +### Example 1: Retrieve application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -SearchString 'Contoso marketing' +Get-EntraGroupAppRoleAssignment -GroupId $group.Id +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves the application role assignments of a group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 2: Retrieve all application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -SearchString 'Contoso marketing' +Get-EntraGroupAppRoleAssignment -GroupId $group.Id -All +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves all application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 3: Retrieve top two application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -SearchString 'Contoso marketing' +Get-EntraGroupAppRoleAssignment -GroupId $group.Id -Top 2 +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +``` + +This example retrieves top two application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) + +[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..8ca5557c8f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupLifecyclePolicy.md @@ -0,0 +1,135 @@ +--- +title: Get-EntraGroupLifecyclePolicy +description: This article provides details on the Get-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Get-EntraGroupLifecyclePolicy + +## Synopsis + +Retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraGroupLifecyclePolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupLifecyclePolicy` command retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. Specify the `-GroupLifecyclePolicyId` parameter to get the group lifecycle policy. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Examples + +### Example 1: Retrieve all groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraGroupLifecyclePolicy +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +eeeeeeee-4444-5555-6666-ffffffffffff example@contoso.com 200 Selected +``` + +This example demonstrates how to retrieve the properties and relationships of all groupLifecyclePolicies in Microsoft Entra ID. + +### Example 2: Retrieve properties of an groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} +Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 Selected +``` + +This command is used to retrieve a specific Microsoft Group Lifecycle Policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupMember.md new file mode 100644 index 0000000000..fa8a65e2f5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupMember.md @@ -0,0 +1,218 @@ +--- +title: Get-EntraGroupMember +description: This article provides details on the Get-EntraGroupMember command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupMember + +schema: 2.0.0 +--- + +# Get-EntraGroupMember + +## Synopsis + +Gets a member of a group. + +## Syntax + +```powershell +Get-EntraGroupMember + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupMember` cmdlet gets a member of a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a member of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: `microsoft.directory/groups/members/read`, `microsoft.directory/groups/members/limitedRead`, or `microsoft.directory/groups/hiddenMembers/read` (for hidden members). The following least privileged roles support this operation: + +- Group owners +- "Member" users +- "Guest" users (with limited read permissions) +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator (includes hidden members) +- Exchange Administrator (includes hidden members) +- SharePoint Administrator (includes hidden members) +- Intune Administrator (includes hidden members) +- Teams Administrator (includes hidden members) +- Yammer Administrator (includes hidden members) + +To list members of a hidden group, the `Member.Read.Hidden` permission is also required. + +## Examples + +### Example 1: Retrieve and Select Group Member Properties + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Select-Object Id, DisplayName, '@odata.type' +``` + +```Output +Id DisplayName @odata.type +------------------------------------ ----------------- ------------------------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee Sawyer Miller #microsoft.graph.user +eeeeeeee-4444-5555-6666-ffffffffffff Alex Wilber #microsoft.graph.user +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb My Application #microsoft.graph.servicePrincipal +cccccccc-8888-9999-0000-dddddddddddd Contoso Group #microsoft.graph.group +``` + +This example retrieves the members of a specified group by its `GroupId` and selects only the `Id`, `DisplayName` and `@odata.type` properties for each member. + +- `-GroupId` specifies the ID of a group. + +### Example 2: Get two group member + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroupMember -GroupId $group.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +cccccccc-8888-9999-0000-dddddddddddd +dddddddd-9999-0000-1111-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve top two groups from Microsoft Entra ID. + +- `-GroupId` specifies the ID of a group. + +### Example 3: Get all members within a group by group ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroupMember -GroupId $group.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +cccccccc-8888-9999-0000-dddddddddddd +``` + +This example retrieves all members within a group by group ID. + +- `-GroupId` specifies the ID of a group. + +### Example 4: Get a group member by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroupMember -GroupId $group.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This example demonstrates how to retrieve group member by ID. + +- `-GroupId` Specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupMember](Add-EntraGroupMember.md) + +[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupOwner.md new file mode 100644 index 0000000000..138104a6bd --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupOwner.md @@ -0,0 +1,189 @@ +--- +title: Get-EntraGroupOwner +description: This article provides details on the Get-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupOwner + +schema: 2.0.0 +--- + +# Get-EntraGroupOwner + +## Synopsis + +Gets an owner of a group. + +## Syntax + +```powershell +Get-EntraGroupOwner + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupOwner` cmdlet gets an owner of a group in Microsoft Entra ID. Specify `GroupId` parameter gets an owner of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/owners/read` permission. The following least privileged roles support this operation: + +- Group owners +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator + +## Examples + +### Example 1: Get a group owner by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Select-Object Id, DisplayName, '@odata.type' +``` + +```Output +id displayName @odata.type +-- ----------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Adele Vance #microsoft.graph.user +``` + +This example demonstrates how to retrieve the owner of a specific group. + +- `-GroupId` Parameter specifies the ID of a group. + +### Example 2: Gets all group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroupOwner -GroupId $group.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve the all owner of a specific group. + +- `-GroupId` Parameter specifies the ID of a group. + +### Example 3: Gets two group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraGroupOwner -GroupId $group.Id -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve the top two owners of a specific group. + +- `-GroupId` parameter specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupOwner](Add-EntraGroupOwner.md) + +[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupPermissionGrant.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupPermissionGrant.md new file mode 100644 index 0000000000..5bf584c8ce --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraGroupPermissionGrant.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraGroupPermissionGrant +description: This article provides details on the Get-EntraGroupPermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupPermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraGroupPermissionGrant + +## Synopsis + +Retrieves a list of permission grants consented to for a group. + +## Syntax + +```powershell +Get-EntraGroupPermissionGrant + -GroupId + [-Property ] + [] +``` + +## Description + +Retrieves a list of permission grants consented to for a group. + +## Examples + +### Example 1: List existing permission grants for the group + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupPermissionGrant -GroupId 'CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3' +``` + +```Output + Id : CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3 + ClientId : 00001111-aaaa-2222-bbbb-3333cccc4444 + ClientAppId : 44445555-eeee-6666-ffff-7777aaaa8888 + ResourceAppId : bbbb1111-cc22-3333-44dd-555555eeeeee + PermissionType : Application + Permission : Member.Read.Group +``` + +This cmdlet list existing permission grants for the specified group. + +## Parameters + +### -GroupId + +The unique identifier of group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.GetMSGroupPermissionGrantsResponse + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..e25c93b999 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraLifecyclePolicyGroup.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraLifecyclePolicyGroup +description: This article provides details on the Get-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Get-EntraLifecyclePolicyGroup + +## Synopsis + +Retrieves the lifecycle policy object to which a group belongs. + +## Syntax + +```powershell +Get-EntraLifecyclePolicyGroup + -GroupId + [-Property ] + [] +``` + +## Description + +The `Get-EntraLifecyclePolicyGroup` retrieves the lifecycle policy object to which a group belongs. Specify the `-GroupId` parameter to get the lifecycle policy object to which a group belongs. + +## Examples + +### Example 1: Retrieve lifecycle policy object + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraLifecyclePolicyGroup -GroupId $group.Id +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +bbbbbbbb-1111-2222-3333-cccccccccccc admingroup@contoso.com 200 All +``` + +This example demonstrates how to retrieve lifecycle policy object by Id in Microsoft Entra ID. + +- `-GroupId` - specifies the ID of a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/Get-EntraObjectSetting.md b/module/docs/entra-powershell-v1.0/Groups/Get-EntraObjectSetting.md new file mode 100644 index 0000000000..4991052d1b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Get-EntraObjectSetting.md @@ -0,0 +1,259 @@ +--- +title: Get-EntraObjectSetting +description: This article provides details on the Get-EntraObjectSetting command. + + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraObjectSetting +schema: 2.0.0 +--- + +# Get-EntraObjectSetting + +## Synopsis + +Gets an object setting. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraObjectSetting + [-Top ] + [-All] + -TargetType + -TargetObjectId + [] +``` + +### GetById + +```powershell +Get-EntraObjectSetting + -Id [-All] + -TargetType + -TargetObjectId + [] +``` + +## Description + +The `Get-EntraObjectSetting` cmdlet retrieves an object setting from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 2: Retrieve a specific object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +$setting = Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id | Where-Object {$_.displayName -eq 'Group.Unified.Guest'} +Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Id $setting.Id +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves Specific object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. +- `-Id` Parameter specifies the ID of a settings object. + +### Example 3: Retrieve top one object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Top 1 +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves top one object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 4: Retrieve all object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -All +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves all records of object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 5: Retrieve user object settings + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$user = Get-EntraUser -UserId 'AdeleV@Contoso.com' +Get-EntraObjectSetting -TargetType 'Users' -TargetObjectId $user.Id +``` + +```Output +Id ContributionToContentDiscoveryAsOrganizationDisabled ContributionToContentDiscoveryDisabled +-- ---------------------------------------------------- -------------------------------------- + False False +``` + +This command retrieves user object setting. + +- `-TargetType` Parameter specifies the user target type. +- `-TargetObjectId` Parameter specifies the ID of the user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a settings object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the ID of the target object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the target type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/New-EntraGroup.md b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroup.md new file mode 100644 index 0000000000..fb98f748d8 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroup.md @@ -0,0 +1,346 @@ +--- +title: New-EntraGroup +description: This article provides details on the New-EntraGroup command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroup + +schema: 2.0.0 +--- + +# New-EntraGroup + +## Synopsis + +Creates a Microsoft Entra ID group. + +## Syntax + +```powershell +New-EntraGroup + -DisplayName + [-GroupTypes ] + -SecurityEnabled + [-Description ] + -MailEnabled + -MailNickname + [-Visibility ] + [-IsAssignableToRole ] + [] +``` + +## Description + +The `New-EntraGroup` cmdlet creates a Microsoft Entra ID group. Specify the `DisplayName`, `MailNickname`, `MailEnabled` and `SecurityEnabled` parameters for creating a Microsoft Entra ID group. + +For information about creating dynamic groups, see: [Using attributes to create advanced rules](https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership). + +**Notes on permissions:** + +- To create the group with users as owners or members, the app must have at least the `User.Read.All` permission. +- To create the group with other service principals as owners or members, the app must have at least the `Application.Read.All` permission. +- To create the group with either users or service principals as owners or members, the app must have at least the `Directory.Read.All` permission. + +## Examples + +### Example 1: Create a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True +} + +New-EntraGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq helpDeskAdminGroup {} +``` + +This example demonstrates how to create the new group. + +### Example 2: Create a group with Description parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group' + MailEnabled = $false + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $true + Description = 'Group assignable to role' +} + +New-EntraGroup @params +``` + +```Output + +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group zzzzzzzz-6666-8888-9999-pppppppppppp helpDeskAdminGroup Group assignable to role {} + +``` + +This example demonstrates how to create the new group with description parameter. + +### Example 3: Create a group with IsAssignableToRole parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + Description = 'Group assignable to role' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + IsAssignableToRole = $True +} + +New-EntraGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 vvvvvvvv-8888-9999-0000-jjjjjjjjjjjj helpDeskAdminGroup Group assignable to role {} +``` + +This example demonstrates how to create the new group with IsAssignableToRole parameter. + +### Example 4: Create a group with Visibility parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group2' + Description = 'Group assignable to role' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup' + SecurityEnabled = $True + Visibility = 'Private' +} + +New-EntraGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group2 gggggggg-0000-4444-3333-llllllllllll helpDeskAdminGroup Group assignable to role {} +``` + +This example demonstrates how to create the new group with Visibility parameter. + +### Example 5: Create a group with GroupTypes parameter + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' +$params = @{ + DisplayName = 'HelpDesk admin group3' + Description = 'group des' + MailEnabled = $False + MailNickname = 'helpDeskAdminGroup1' + SecurityEnabled = $True + GroupTypes = 'Unified' +} + +New-EntraGroup @params +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +HelpDesk admin group3 xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb helpDeskAdminGroup1 group des {Unified} +``` + +This example demonstrates how to create the new group with GroupTypes parameter. + +## Parameters + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailEnabled + +Specifies whether this group is mail enabled. + +Currently, you can't create mail enabled groups in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. +If MailEnabled is $False, you must still specify a mail nickname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Specifies whether the group is security enabled. +For security groups, this value must be $True. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a unified or dynamic group. + +Notes: + +- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +This parameter determines the visibility of the group's content and members list. + +This parameter can take one of the following values: + +- "Public" - Anyone can view the contents of the group +- "Private" - Only members can view the content of the group +- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value is "Public". + +Notes: + +- This parameter is only valid for groups that have the groupType set to "Unified". +- If a group has this attribute set to "HiddenMembership", it can't be changed later. +- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) + +[Remove-EntraGroup](Remove-EntraGroup.md) + +[Set-EntraGroup](Set-EntraGroup.md) + +[Using attributes to create advanced rules](https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership) diff --git a/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..f5f5947a7d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupAppRoleAssignment.md @@ -0,0 +1,147 @@ +--- +title: New-EntraGroupAppRoleAssignment +description: This article provides details on the New-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraGroupAppRoleAssignment + +## Synopsis + +Assign a group of users to an application role. + +## Syntax + +```powershell +New-EntraGroupAppRoleAssignment + -GroupId + -PrincipalId + -AppRoleId + -ResourceId + [] +``` + +## Description + +The `New-EntraGroupAppRoleAssignment` cmdlet assigns a group of users to an application role in Microsoft Entra ID. + +## Examples + +### Example 1: Assign a group of users to an application + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "Displayname eq 'Box'" +$group = Get-EntraGroup -SearchString 'Contoso Global' +New-EntraGroupAppRoleAssignment -GroupId $group.Id -PrincipalId $group.Id -ResourceId $servicePrincipal.Id -AppRoleId $servicePrincipal.Approles[1].Id +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + AaBbCcDdEeFfGgHhIiJjKkLlMmNnOo1 00000000-0000-0000-0000-000000000000 3/13/2024 4:41:43 AM Contoso Team aaaaaaaa-bbbb-cccc-1111-222222222222 +3/13/2024 4:45:00 AM BbCcDdEeFfGgHhIiJjKkLlMmNnOoPp2 00000000-0000-0000-0000-000000000000 3/13/2024 4:45:00 AM Finance Group bbbbbbbb-cccc-dddd-2222-333333333333 +``` + +This example demonstrates how to assign a group of users to an application role in Microsoft Entra ID. + +- `GroupId`: The ID of the group to which you're assigning the app role. +- `PrincipalId`: The ID of the group to which you're assigning the app role. +- `ResourceId`: The ID of the resource service Principal, which has defined the app role. +- `AppRoleId`: The ID of the appRole (defined on the resource service principal) to assign to the group. + +## Parameters + +### -AppRoleId + +Specifies the ID of the app role (defined on the resource service principal) to assign. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies the principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The unique identifier (ID) for the resource service principal for which the assignment is made. +Required on create. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) + +[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..ae9b213bf4 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/New-EntraGroupLifecyclePolicy.md @@ -0,0 +1,133 @@ +--- +title: New-EntraGroupLifecyclePolicy +description: This article provides details on the New-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# New-EntraGroupLifecyclePolicy + +## Synopsis + +Creates a new groupLifecyclePolicy. + +## Syntax + +```powershell +New-EntraGroupLifecyclePolicy + -ManagedGroupTypes + -GroupLifetimeInDays + -AlternateNotificationEmails + [] +``` + +## Description + +Creates a new groupLifecyclePolicy in Microsoft Entra ID. + +## Examples + +### Example 1: Creates a new groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes 'Selected' -AlternateNotificationEmails 'example@contoso.com' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb example@contoso.com 99 Selected +``` + +This example creates a new groupLifecyclePolicy with a group lifetime of 99 days for a selected set of Office 365 groups. Renewal notification emails are sent to for groups without owners. + +- `-GroupLifetimeInDays` parameter specifies the number of days a group can exist before it needs to be renewed. +- `-ManagedGroupTypes` parameter allows the admin to select which office 365 groups the policy applies to. +- `-AlternateNotificationEmails` parameter specifies notification emails for group. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups without owners are sent to these email addresses, separated by a ';'. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +This parameter allows the admin to select which Office 365 groups the policy applies to. +'None' creates the policy in a disabled state. +'All' applies the policy to every Office 365 group in the tenant. +'Selected' allows the admin to choose specific Office 365 groups to which the policy applies. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) + +[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroup.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroup.md new file mode 100644 index 0000000000..d402d22ccd --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroup.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraGroup +description: This article provides details on the Remove-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroup + +schema: 2.0.0 +--- + +# Remove-EntraGroup + +## Synopsis + +Removes a group. + +## Syntax + +```powershell +Remove-EntraGroup + -GroupId + [] +``` + +## Description + +The `Remove-EntraGroup` cmdlet removes a group from Microsoft Entra ID. Specify the `GroupId` parameter removes a group. + +Unified Group can be restored withing 30 days after deletion using the `Restore-EntraBetaDeletedDirectoryObject` cmdlet. Security groups can't be restored after deletion. + +**Notes on permissions:** + +The following conditions apply for apps to delete role-assignable groups: + +- For delegated scenarios, the app must be assigned the `RoleManagement.ReadWrite.Directory` delegated permission, and the calling user must be the creator of the group or be assigned at least the Privileged Role Administrator Microsoft Entra role. +- For app-only scenarios, the calling app must be the owner of the group or be assigned the `RoleManagement.ReadWrite.Directory` application permission or be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Remove a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" | Remove-EntraGroup +``` + +This example demonstrates how to remove a group in Microsoft Entra ID. + +- `GroupId` parameter specifies the group ID . + +## Parameters + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroup](New-EntraGroup.md) + +[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..fd24852b18 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupAppRoleAssignment.md @@ -0,0 +1,100 @@ +--- +title: Remove-EntraGroupAppRoleAssignment +description: This article provides details on the Remove-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraGroupAppRoleAssignment + +## Synopsis + +Delete a group application role assignment. + +## Syntax + +```powershell +Remove-EntraGroupAppRoleAssignment + -AppRoleAssignmentId + -GroupId +[] +``` + +## Description + +The `Remove-EntraGroupAppRoleAssignment` cmdlet removes a group application role assignment from Microsoft Entra ID. + +## Examples + +### Example 1: Remove group app role assignment + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "displayName eq 'Contoso Marketing'" +$appRoleAssignment = Get-EntraGroupAppRoleAssignment -GroupId $group.Id | Where-Object {$_.ResourceDisplayName -eq 'Box'} +Remove-EntraGroupAppRoleAssignment -GroupId $group -AppRoleAssignmentId $appRoleAssignment.Id +``` + +This example demonstrates how to remove the specified group application role assignment. +GroupId - Specifies the object ID of a group. +AppRoleAssignmentId - Specifies the object ID of the group application role assignment. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the object ID of the group application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) + +[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..a9b64ca762 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupLifecyclePolicy.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraGroupLifecyclePolicy +description: This article provides details on the Remove-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Remove-EntraGroupLifecyclePolicy + +## Synopsis + +Deletes a groupLifecyclePolicies object + +## Syntax + +```powershell +Remove-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Remove-EntraGroupLifecyclePolicy` command deletes a groupLifecyclePolicies object in Microsoft Entra ID. Specify `Id` parameter deletes the groupLifecyclePolicies object. + +## Examples + +### Example 1: Remove a groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} | Remove-EntraGroupLifecyclePolicy +``` + +This example demonstrates how to delete the groupLifecyclePolicies object that has the specified ID. You can use `Get-EntraGroupLifecyclePolicy` to get Id details. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) + +[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupMember.md new file mode 100644 index 0000000000..d4da0640d7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupMember.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraGroupMember +description: This article provides details on the Remove-EntraGroupMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupMember + +schema: 2.0.0 +--- + +# Remove-EntraGroupMember + +## Synopsis + +Removes a member from a group. + +## Syntax + +```powershell +Remove-EntraGroupMember + -GroupId + -MemberId + [] +``` + +## Description + +The `Remove-EntraGroupMember` cmdlet removes a member from a group in Microsoft Entra ID. Specify the `ObjectId` and `MemberId` parameters to remove a member from a group. + +## Examples + +### Example 1: Remove a member + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$groupMember = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Where-Object {$_.displayName -eq 'Adele Vance'} +Remove-EntraGroupMember -GroupId $group.Id -MemberId $groupMember.Id +``` + +This command removes the specified member from the specified group. + +- `GroupId` - Specifies the object ID of a group in Microsoft Entra ID. + +- `MemberId` - Specifies the ID of the member to remove. + +## Parameters + +### -MemberId + +Specifies the ID of the member to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupMember](Add-EntraGroupMember.md) + +[Get-EntraGroupMember](Get-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupOwner.md new file mode 100644 index 0000000000..dd60446a69 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraGroupOwner.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraGroupOwner +description: This article provides details on the Remove-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupOwner + +schema: 2.0.0 +--- + +# Remove-EntraGroupOwner + +## Synopsis + +Removes an owner from a group. + +## Syntax + +```powershell +Remove-EntraGroupOwner + -OwnerId + -GroupId + [] +``` + +## Description + +The `Remove-EntraGroupOwner` cmdlet removes an owner from a group in Microsoft Entra ID. Specify the `GroupId` and `OwnerId` parameters to remove an owner from a group. + +## Examples + +### Example 1: Remove an owner + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$groupOwner = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Where-Object {$_.displayName -eq 'Adele Vance'} +Remove-EntraGroupOwner -GroupId $group.Id -OwnerId $groupOwner.Id +``` + +This example demonstrates how to remove an owner from a group in Microsoft Entra ID. + +- `GroupId` - Specifies the ID of a group in Microsoft Entra ID. + +- `OwnerId` - Specifies the ID of an owner. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of an owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Add-EntraGroupOwner](Add-EntraGroupOwner.md) + +[Get-EntraGroupOwner](Get-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Remove-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..42c00f6f39 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Remove-EntraLifecyclePolicyGroup.md @@ -0,0 +1,113 @@ +--- +title: Remove-EntraLifecyclePolicyGroup +description: This article provides details on the Remove-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Remove-EntraLifecyclePolicyGroup + +## Synopsis + +Removes a group from a lifecycle policy. + +## Syntax + +```powershell +Remove-EntraLifecyclePolicyGroup + -GroupId + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Remove-EntraLifecyclePolicyGroup` cmdlet removes a group from a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1: Remove lifecycle policy group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraLifecyclePolicyGroup -Id $group.Id +Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id +``` + +```Output +Value +----- +True +``` + +This example demonstrates how to remove a group from a lifecycle policy in Microsoft Entra ID with specified Id and groupId. + +- `-GroupLifecyclePolicyId` parameter specifies the lifecycle policy object ID. +- `-GroupId` parameter specifies the ID of Office365 group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) + +[Add-EntraLifecyclePolicyGroup](Add-EntraLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Reset-EntraLifeCycleGroup.md b/module/docs/entra-powershell-v1.0/Groups/Reset-EntraLifeCycleGroup.md new file mode 100644 index 0000000000..8cf30cba9e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Reset-EntraLifeCycleGroup.md @@ -0,0 +1,85 @@ +--- +title: Reset-EntraLifeCycleGroup +description: This article provides details on the Reset-EntraLifeCycleGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Reset-EntraLifeCycleGroup + +schema: 2.0.0 +--- + +# Reset-EntraLifeCycleGroup + +## Synopsis + +Renews a group by updating the RenewedDateTime property on a group to the current DateTime. + +## Syntax + +```powershell +Reset-EntraLifeCycleGroup + -Id + [] +``` + +## Description + +The `Reset-EntraLifeCycleGroup` renews a group by updating the RenewedDateTime property on a group to the current DateTime. +When a group is renewed, the group expiration is extended by the number of days defined in the policy. + +## Examples + +### Example 1: Renew a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" +Reset-EntraLifeCycleGroup -Id $group.Id +``` + +This example demonstrates how to renew a specified group. + +- `-Id` - Specifies the group Object ID. + +## Parameters + +### -Id + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsContactIsMemberOf.md b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsContactIsMemberOf.md new file mode 100644 index 0000000000..7598a68945 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsContactIsMemberOf.md @@ -0,0 +1,101 @@ +--- +title: Select-EntraGroupIdsContactIsMemberOf +description: This article provides details on the Select-EntraGroupIdsContactIsMemberOf command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsContactIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsContactIsMemberOf + +## Synopsis + +Get groups in which a contact is a member. + +## Syntax + +```powershell +Select-EntraGroupIdsContactIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsContactIsMemberOf` cmdlet gets groups in Microsoft Entra ID in which a contact is a member. + +## Examples + +### Example 1: Get groups in which a contact is a member + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All,Group.Read.All' +$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$group.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Sales and Marketing'").Id +$contact = Get-EntraContact -Filter "displayName eq 'Contoso Admin'" +Select-EntraGroupIdsContactIsMemberOf -ObjectId $contact.Id -GroupIdsForMembershipCheck $group +``` + +This example demonstrates how to get groups in which a contact is a member. + +- `-ObjectId` parameter specifies the contact Object ID. +- `-GroupIdsForMembershipCheck` parameter specifies the group Object ID. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the object ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraContact](../DirectoryManagement/Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsGroupIsMemberOf.md b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsGroupIsMemberOf.md new file mode 100644 index 0000000000..b8bb5256b1 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsGroupIsMemberOf.md @@ -0,0 +1,101 @@ +--- +title: Select-EntraGroupIdsGroupIsMemberOf +description: This article provides details on the Select-EntraGroupIdsGroupIsMemberOf command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsGroupIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsGroupIsMemberOf + +## Synopsis + +Gets group IDs that a group is a member of. + +## Syntax + +```powershell +Select-EntraGroupIdsGroupIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsGroupIsMemberOf` cmdlet gets the groups that a specified group is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a group + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$groupObject = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$groupObject.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Tailspin Toys'").Id +$group = Get-EntraGroup -Filter "displayName eq 'sg-Legal'" +Select-EntraGroupIdsGroupIsMemberOf -ObjectId $group.Id -GroupIdsForMembershipCheck $groupObject +``` + +This example gets the group membership of a group identified by $GroupId. Use `Get-EntraGroup` cmdlet to obtain group `ObjectId` value. + +- `-ObjectId` parameter specifies the group ID. +- `-GroupIdsForMembershipCheck` Specifies an array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsUserIsMemberOf.md b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsUserIsMemberOf.md new file mode 100644 index 0000000000..92c652ba9d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Select-EntraGroupIdsUserIsMemberOf.md @@ -0,0 +1,106 @@ +--- +title: Select-EntraGroupIdsUserIsMemberOf +description: This article provides details on the Select-EntraGroupIdsUserIsMemberOf command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsUserIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsUserIsMemberOf + +## Synopsis + +Selects the groups that a user is a member of. + +## Syntax + +```powershell +Select-EntraGroupIdsUserIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsUserIsMemberOf` cmdlet selects the groups that a user is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a user + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$myGroup = Get-EntraGroup -Filter "DisplayName eq ''" +$UserId = 'SawyerM@contoso.com' +$groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$groups.GroupIds = $myGroup.Id +Select-EntraGroupIdsUserIsMemberOf -ObjectId 'SawyerM@contoso.com' -GroupIdsForMembershipCheck $groups +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example retrieves the group membership of a group for a user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-GroupIdsForMembershipCheck` parameter specifies the group Object Ids. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroup.md b/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroup.md new file mode 100644 index 0000000000..6ff634d4b9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroup.md @@ -0,0 +1,286 @@ +--- +title: Set-EntraGroup +description: This article provides details on the Set-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraGroup + +schema: 2.0.0 +--- + +# Set-EntraGroup + +## Synopsis + +Sets the properties for an existing Microsoft Entra ID group. + +## Syntax + +```powershell +Set-EntraGroup + -GroupId + [-DisplayName ] + [-GroupTypes ] + [-SecurityEnabled ] + [-Description ] + [-MailEnabled ] + [-MailNickname ] + [-Visibility ] + [-IsAssignableToRole ] + [] +``` + +## Description + +The `Set-EntraGroup` cmdlet sets the properties for an existing Microsoft Entra ID group. Specify the `GroupId` parameter to set the properties for an existing Microsoft Entra ID group. + +## Examples + +### Example 1: Update a group display name + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" +Set-EntraGroup -GroupId $group.Id -DisplayName 'Global HelpDesk Team Leaders' +``` + +This command updates the display name of a specified group in Microsoft Entra ID. + +### Example 2: Update a group description + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" | Set-EntraGroup -Description 'HelpDesk Team Leaders Global' +``` + +This example demonstrates how to update a group description. + +### Example 3: Update a group mail nickname + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Set-EntraGroup -GroupId $group.Id -MailNickName 'newnickname' +``` + +This command updates the mail nickname of a specified group in Microsoft Entra ID. + +### Example 4: Update a group security enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Set-EntraGroup -GroupId $group.Id -SecurityEnabled $True +``` + +This command updates the security enabled of a specified group in Microsoft Entra ID. + +### Example 5: Update a group mail enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Set-EntraGroup -GroupId $group.Id -MailEnabled $False +``` + +This example demonstrates how to update a group main enabled. + +### Example 6: Update a property for a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Set-EntraGroup -GroupId $group.Id -Visibility 'Private' -GroupTypes 'DynamicMembership' -IsAssignableToRole $True +``` + +This example demonstrates how to update a property for an existing Microsoft Entra ID group. + +## Parameters + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a dynamic group. +To create a dynamic group, specify a value of DynamicMembership. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MailEnabled + +Indicates whether this group is mail enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Indicates whether the group is security enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +Specifies the visibility of the group's content and members list. +This parameter can take one of the following values: + +* "Public": Anyone can view the contents of the group. +* "Private": Only members can view the content of the group. +* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value is "Public." + +Notes: + +* This parameter is only valid for groups that have the groupType set to "Unified." +* If a group has this attribute set to "HiddenMembership," it can't be changed later. +* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroup](New-EntraGroup.md) + +[Remove-EntraGroup](Remove-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..df28ef319e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Groups/Set-EntraGroupLifecyclePolicy.md @@ -0,0 +1,154 @@ +--- +title: Set-EntraGroupLifecyclePolicy +description: This article provides details on the Set-EntraGroupLifecyclePolicy command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Groups-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Set-EntraGroupLifecyclePolicy + +## Synopsis + +Updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-AlternateNotificationEmails ] + [-GroupLifetimeInDays ] + [-ManagedGroupTypes ] + [] +``` + +## Description + +The `Set-EntraGroupLifecyclePolicy` command updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Examples + +### Example 1: Updates group lifecycle policy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} +Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id -GroupLifetimeInDays 200 -AlternateNotificationEmails 'example@contoso.com' -ManagedGroupTypes 'All' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 All +``` + +This example updates the specified groupLifecyclePolicy in Microsoft Entra ID. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy to be modified. +- `-GroupLifetimeInDays` parameter specifies the lifetime of the groups in the policy to 200 days. The GroupLifetimeInDays represents the number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the number of days defined. +- `-AlternateNotificationEmails` parameter specifies the email address that receives notifications about the policy. Multiple email address can be defined by separating email address with a semicolon. +- `-ManagedGroupTypes` parameter specifies which office 365 groups the policy applies to. Possible values are `All`, `Selected`, or `None`. +In this case, 'All' suggests that the policy manages all types of groups. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups that have no owners are sent to these email addresses. +List of email addresses separated by a ";". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +Allows the admin to select which office 365 groups the policy applies to. + +- "None" will create the policy in a disabled state. +- "All" will apply the policy to every Office 365 group in the tenant. +- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) + +[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md deleted file mode 100644 index f7b908e12c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -title: Add-EntraAdministrativeUnitMember -description: This article provides details on the Add-EntraAdministrativeUnitMember command. - - -ms.topic: reference -ms.date: 07/19/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Add-EntraAdministrativeUnitMember - -## Synopsis - -Adds an administrative unit member. - -## Syntax - -```powershell -Add-EntraAdministrativeUnitMember - -RefObjectId - -AdministrativeUnitId - [] -``` - -## Description - -The `Add-EntraAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. - -Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. - -To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add user as an administrative unit member - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -Add-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -RefObjectId $user.Id -``` - -This example demonstrates adding an administrative unit member. Use `Get-EntraAdministrativeUnit` to find the administrative unit ID and `Get-EntraUser` to find the user ID. - -- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of a Microsoft Entra ID administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the unique ID of the specific Microsoft Entra ID object that are as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) -[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) -[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md deleted file mode 100644 index ade1fccbd6..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Add-EntraApplicationOwner -description: This article provides details on the Add-EntraApplicationOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraApplicationOwner - -schema: 2.0.0 ---- - -# Add-EntraApplicationOwner - -## Synopsis - -Adds an owner to an application. - -## Syntax - -```powershell -Add-EntraApplicationOwner - -ApplicationId - -RefObjectId - [] -``` - -## Description - -The `Add-EntraApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. - -## Examples - -### Example 1: Add a user as an owner to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -Add-EntraApplicationOwner -ApplicationId $application.Id -RefObjectId $user.Id -``` - -This example demonstrates how to add an owner to an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the ID of an application. -- `-RefObjectId` parameter specifies the ID of a user. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) - -[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md deleted file mode 100644 index e1b21e4c97..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md +++ /dev/null @@ -1,109 +0,0 @@ ---- -title: Add-EntraGroupMember -description: This article explains the Add-EntraGroupMember command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraGroupMember - -schema: 2.0.0 ---- - -# Add-EntraGroupMember - -## Synopsis - -Adds a member to a group. - -## Syntax - -```powershell -Add-EntraGroupMember - -GroupId - -RefObjectId - [] -``` - -## Description - -The Add-EntraGroupMember cmdlet adds a member to a group. - -In delegated scenarios, the signed-in user needs a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/members/update` permission. The minimum roles required for this operation, excluding role-assignable groups, are: - -- Group owners -- Directory Writers -- Groups Administrator -- User Administrator - -## Examples - -### Example 1: Add a member to a group - -```powershell -Connect-Entra -Scopes 'GroupMember.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Contoso Marketing Group'" -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -Add-EntraGroupMember -GroupId $group.Id -RefObjectId $user.Id -``` - -This example demonstrates how to add a member to a group. - -- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add a member. -- `-RefObjectId` - Specifies the unique identifier (Object ID) of the member to be added to the group. - -## Parameters - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroupMember](Get-EntraGroupMember.md) - -[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md deleted file mode 100644 index 4a5865231f..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md +++ /dev/null @@ -1,109 +0,0 @@ ---- -title: Add-EntraGroupOwner -description: This article explains the Add-EntraGroupOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraGroupOwner - -schema: 2.0.0 ---- - -# Add-EntraGroupOwner - -## Synopsis - -Adds an owner to a group. - -## Syntax - -```powershell -Add-EntraGroupOwner - -GroupId - -RefObjectId - [] -``` - -## Description - -The `Add-EntraGroupOwner` cmdlet adds an owner to a Microsoft Entra ID group. Specify the `GroupId` and `RefObjectId` parameters to add an owner to a group. - -In delegated scenarios, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The minimum roles required for this operation are: - -- Group owners -- User Administrator -- Directory Writers -- Groups Administrator - -## Examples - -### Example 1: Add an owner to a group - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -Add-EntraGroupOwner -GroupId $group.Id -RefObjectId $user.Id -``` - -This example demonstrates how to add an owner to a group. - -- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add an owner. -- `-RefObjectId` - Specifies the unique identifier (Object ID) of the owner to be added to the group. - -## Parameters - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroupOwner](Get-EntraGroupOwner.md) - -[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md deleted file mode 100644 index 1e72083837..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -title: Add-EntraLifecyclePolicyGroup -description: This article provides details on the Add-EntraLifecyclePolicyGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup - -schema: 2.0.0 ---- - -# Add-EntraLifecyclePolicyGroup - -## Synopsis - -Adds a group to a lifecycle policy. - -## Syntax - -```powershell -Add-EntraLifecyclePolicyGroup - -GroupId - -GroupLifecyclePolicyId - [] -``` - -## Description - -The `Add-EntraLifecyclePolicyGroup` cmdlet adds a group to a lifecycle policy in Microsoft Entra ID. - -## Examples - -### Example 1: Add a group to the lifecycle policy - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" -$policy = Get-EntraGroupLifecyclePolicy | Select-Object -First 1 -Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id -``` - -This example adds a group to the lifecycle policy. - -- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy add to the group. -- `-GroupId` parameter specifies the ID of the group add to the Lifecycle Policy. - -## Parameters - -### -GroupId - -Specifies the ID of an Office365 group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupLifecyclePolicyId - -Specifies the ID of the lifecycle policy object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) - -[Remove-EntraLifecyclePolicyGroup](Remove-EntraLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md deleted file mode 100644 index bba71d44a5..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md +++ /dev/null @@ -1,130 +0,0 @@ ---- -title: Add-EntraScopedRoleMembership -description: This article provides details on the Add-EntraScopedRoleMembership command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership - -schema: 2.0.0 ---- - -# Add-EntraScopedRoleMembership - -## Synopsis - -Assign a Microsoft Entra role with an administrative unit scope. - -## Syntax - -```powershell -Add-EntraScopedRoleMembership - -AdministrativeUnitId - [-RoleObjectId ] - [-RoleMemberInfo ] - [] -``` - -## Description - -The `Add-EntraScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. - -For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add a scoped role membership to an administrative unit - -```powershell -Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo -$roleMember.Id = $user.Id -Add-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -RoleObjectId $role.Id -RoleMemberInfo $roleMember -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -The example shows how to add a user to the specified role within the specified administrative unit. - -- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. -- `-RoleObjectId` Parameter specifies the ID of a directory role. -- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RoleMemberInfo - -Specifies a RoleMemberInfo object. - -```yaml -Type: System.RoleMemberInfo -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -RoleObjectId - -Specifies the ID of a directory role. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) - -[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md deleted file mode 100644 index 28f741fc66..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md +++ /dev/null @@ -1,105 +0,0 @@ ---- -title: Add-EntraServicePrincipalOwner -description: This article provides details on the Add-EntraServicePrincipalOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner - -schema: 2.0.0 ---- - -# Add-EntraServicePrincipalOwner - -## Synopsis - -Adds an owner to a service principal. - -## Syntax - -```powershell -Add-EntraServicePrincipalOwner - -ServicePrincipalId - -RefObjectId - [] -``` - -## Description - -The `Add-EntraServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Add a user as an owner to a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$owner = Get-EntraUser -UserId 'SawyerM@contoso.com' -Add-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -RefObjectId $owner.Id -``` - -This example demonstrates how to add an owner to a service principal. - -- `-ServicePrincipalId` parameter specifies the service principal ID. -- `-RefObjectId` parameter specifies the user object ID. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -RefObjectId - -Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) - -[Get-EntraUser](Get-EntraUser.md) - -[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md deleted file mode 100644 index f4232506c7..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md +++ /dev/null @@ -1,193 +0,0 @@ ---- -title: Get-EntraAdministrativeUnitMember -description: This article provides details on the Get-EntraAdministrativeUnitMember command. - - -ms.topic: reference -ms.date: 07/30/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Get-EntraAdministrativeUnitMember - -## Synopsis - -Gets a member of an administrative unit. - -## Syntax - -```powershell -Get-EntraAdministrativeUnitMember - -AdministrativeUnitId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. - -In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: - -- Directory Readers: Read basic properties on administrative units -- Global Reader: Read all properties of administrative units, including members -- Privileged Role Administrator: Create and manage administrative units (including members) - -## Examples - -### Example 1: Get an administrative unit member by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example returns the list of administrative unit members from specified administrative unit AdministrativeUnitId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -### Example 2: Get all administrative unit members by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example returns the list of all administrative unit members from specified administrative unit AdministrativeUnitId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -### Example 3: Get top three administrative unit members by AdministrativeUnitId - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" -Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -Top 3 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -``` - -This example returns top three administrative unit members from specified administrative unit AdministrativeUnitId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) - -[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md deleted file mode 100644 index 54a338d235..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Get-EntraApplicationExtensionProperty -description: This article provides details on the Get-EntraApplicationExtensionProperty command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty - -schema: 2.0.0 ---- - -# Get-EntraApplicationExtensionProperty - -## Synopsis - -Gets application extension properties. - -## Syntax - -```powershell -Get-EntraApplicationExtensionProperty - -ApplicationId - [-Property ] - [] -``` - -## Description - -The `Get-EntraApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. - -## Examples - -### Example 1: Get extension properties - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraApplicationExtensionProperty -ApplicationId $application.Id -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ------------- ---------------------- ---- ------------- - aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} -``` - -This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraApplication` to get application ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -## Parameters - -### -ApplicationId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) - -[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md deleted file mode 100644 index 678d724f9c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md +++ /dev/null @@ -1,89 +0,0 @@ ---- -title: Get-EntraApplicationKeyCredential -description: This article provides details on the Get-EntraApplicationKeyCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential - -schema: 2.0.0 ---- - -# Get-EntraApplicationKeyCredential - -## Synopsis - -Gets the key credentials for an application. - -## Syntax - -```powershell -Get-EntraApplicationKeyCredential - -ObjectId - [] -``` - -## Description - -The `Get-EntraApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. - -## Examples - -### Example 1: Get key credentials - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Get-EntraApplicationKeyCredential -ObjectId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage -------------------- ----------- ----------- --- ----- ------------- ---- ----- -{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify -``` - -This command gets the key credentials for the specified application. - -`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -ObjectId - -Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraApplication` for more details. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) - -[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md deleted file mode 100644 index 0fb6c15102..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md +++ /dev/null @@ -1,137 +0,0 @@ ---- -title: Get-EntraApplicationLogo -description: This article provides details on the Get-EntraApplicationLogo command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationLogo - -schema: 2.0.0 ---- - -# Get-EntraApplicationLogo - -## Synopsis - -Retrieve the logo of an application. - -## Syntax - -```powershell -Get-EntraApplicationLogo - -ApplicationId - [-FileName ] - [-View ] - [-FilePath ] - [] -``` - -## Description - -The `Get-EntraApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. - -## Examples - -### Example 1: Get an application logo for an application by ID - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraApplicationLogo -ApplicationId $application.Id -FilePath 'D:\outfile1.jpg' -``` - -This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. - -## Parameters - -### -FileName - -If provided, the application logo is saved to the file using the specified file name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -FilePath - -If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -The ApplicationId of the application for which the logo is to be retrieved. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -View - -If set to $true, the application's logo is displayed in a new window on the screen. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -### System.Boolean - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Set-EntraApplicationLogo](Set-EntraApplicationLogo.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md deleted file mode 100644 index d023a42ca0..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md +++ /dev/null @@ -1,212 +0,0 @@ ---- -title: Get-EntraApplicationOwner -description: This article provides details on the Get-EntraApplicationOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationOwner - -schema: 2.0.0 ---- - -# Get-EntraApplicationOwner - -## Synopsis - -Gets the owner of an application. - -## Syntax - -```powershell -Get-EntraApplicationOwner - -ApplicationId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. - -## Examples - -### Example 1: Get the owner of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraApplicationOwner -ApplicationId $application.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -``` - -This example demonstrates how to get the owners of an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -### Example 2: Get the details about the owner of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -SearchString '' -$applicationOwners = Get-EntraApplicationOwner -ObjectId $application.ObjectId -$ownerDetails = $applicationOwners | ForEach-Object { - $ownerDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id - [PSCustomObject]@{ - displayName = $ownerDetail.displayName - Id = $ownerDetail.Id - UserPrincipalName = $ownerDetail.UserPrincipalName - UserType = $ownerDetail.UserType - accountEnabled = $ownerDetail.accountEnabled - } -} -$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize -``` - -```Output -displayName Id UserPrincipalName UserType accountEnabled ------------ -- ----------------- -------- -------------- -Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True -Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True -``` - -This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. - -### Example 3: Get all owners of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraApplicationOwner -ApplicationId $application.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -``` - -This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -### Example 4: Get top two owners of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraApplicationOwner -ApplicationId $application.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -``` - -This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) - -[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md deleted file mode 100644 index acc350cb4c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Get-EntraApplicationPasswordCredential -description: This article provides details on the Get-EntraApplicationPasswordCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential - -schema: 2.0.0 ---- - -# Get-EntraApplicationPasswordCredential - -## Synopsis - -Gets the password credential for an application. - -## Syntax - -```powershell -Get-EntraApplicationPasswordCredential - -ApplicationId - [-Property ] - [] -``` - -## Description - -The `Get-EntraApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. - -## Examples - -### Example 1: Get password credential for specified application - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Get-EntraApplicationPasswordCredential -ApplicationId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- -{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 -``` - -This example shows how to retrieve the password credential for specified application. - -- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -ApplicationId - -The ApplicationId of the application for which to get the password credential. Use `Get-EntraApplication` for more details. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md deleted file mode 100644 index d8db5c820a..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md +++ /dev/null @@ -1,167 +0,0 @@ ---- -title: Get-EntraApplicationServiceEndpoint -description: This article provides details on the Get-EntraApplicationServiceEndpoint command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint - -schema: 2.0.0 ---- - -# Get-EntraApplicationServiceEndpoint - -## Synopsis - -Retrieve the service endpoint of an application. - -## Syntax - -```powershell -Get-EntraApplicationServiceEndpoint - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. - -The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. - -Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. - -## Examples - -### Example 1: Retrieve the application service endpoint by ID - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -``` - -This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -### Example 2: Get all service endpoints - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -All -``` - -This example demonstrates how to retrieve all service endpoints of a specified application. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -### Example 3: Get top five service endpoints - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Contoso Helpdesk App'" -Get-EntraApplicationServiceEndpoint -ServicePrincipalId $servicePrincipal.Id -Top 5 -``` - -This example demonstrates how to retrieve five service endpoints of a specified application. - -`-ServicePrincipalId` parameter specifies the ID of an application object in Microsoft Entra ID. - -## Parameters - -### -All - -Return all service endpoints. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the object ID of the application for which the service endpoint is retrieved. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of results that are returned. -The default is 100. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md deleted file mode 100644 index 3ad0d410fc..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md +++ /dev/null @@ -1,174 +0,0 @@ ---- -title: Get-EntraApplicationTemplate -description: This article provides details on the Get-EntraApplicationTemplate command. - - -ms.topic: reference -ms.date: 07/17/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationTemplate -schema: 2.0.0 ---- - -# Get-EntraApplicationTemplate - -## Synopsis - -Retrieve a list of applicationTemplate objects. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraApplicationTemplate - [-Filter ] - [-All] - [-Top ] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraApplicationTemplate - -Id - [] -``` - -## Description - -The `Get-EntraApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. - -## Examples - -### Example 1. Gets a list of application template objects - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraApplicationTemplate -``` - -This command gets all the application template objects - -### Example 2. Gets an application template object - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$applicationTemplate = Get-EntraApplicationTemplate -Filter "DisplayName eq 'Dynamics CRM Online'" -Get-EntraApplicationTemplate -Id $applicationTemplate.Id -``` - -```Output -Id Categories Description --- ---------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses -``` - -This command gets an application template object for the given id. - -- `-Id` Specifies the unique identifier of an application template. - -## Parameters - -### -Id - -The unique identifier of an application template. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.ApplicationTemplate - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md deleted file mode 100644 index 640ed63b0e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md +++ /dev/null @@ -1,179 +0,0 @@ ---- -title: Get-EntraAuditDirectoryLog -description: This article provides details on the Get-EntraAuditDirectoryLog command. - - -ms.topic: reference -ms.date: 07/01/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: -schema: 2.0.0 ---- - -# Get-EntraAuditDirectoryLog - -## Synopsis - -Get directory audit logs. - -## Syntax - -```powershell -Get-EntraAuditDirectoryLog -[-All] -[-Top ] -[-Filter ] -[] -``` - -## Description - -The `Get-EntraAuditDirectoryLog` cmdlet gets a Microsoft Entra ID audit log. - -Retrieve audit logs from Microsoft Entra ID, covering logs from various services such as user, app, device, and group management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (SSPR and admin resets), and self-service group management. - -## Examples - -### Example 1: Get all logs - -```powershell - Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' - Get-EntraAuditDirectoryLog -All -``` - -```Output -Id ActivityDateTime ActivityDisplayName Category CorrelationId --- ---------------- ------------------- -------- ------------- -Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd -Directory_bbbbbbbb-1111-2222-3333-cccccccccccc 17/07/2024 07:31:54 Update user UserManagement bbbb1111-cc22-3333-44dd-555555eeeeee -SSGM_cccccccc-2222-3333-4444-dddddddddddd 17/07/2024 07:13:08 GroupsODataV4_GetgroupLifecyclePolicies GroupManagement cccc2222-dd33-4444-55ee-666666ffffff - -``` - -This command gets all audit logs. - -### Example 2: Get first n logs - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' -Get-EntraAuditDirectoryLog -Top 1 -``` - -```Output -Id ActivityDateTime ActivityDisplayName Category CorrelationId LoggedB - yServic - e --- ---------------- ------------------- -------- ------------- ------- -Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb_8IAPT_617717139 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd Core... - -``` - -This example returns the first N logs. - -### Example 3: Get audit logs containing a given ActivityDisplayName - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' -Get-EntraAuditDirectoryLog -Filter "ActivityDisplayName eq 'Update rollout policy of feature'" -Top 1 -``` - -```Output -Id ActivityDateTime ActivityDisplayName Category CorrelationId --- ---------------- ------------------- -------- ------------- -Application Proxy_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 16/07/2024 05:13:49 Update rollout policy of feature Authentication aaaa0000-bb11-2222-33cc-444444dddddd -``` - -This command shows how to get audit logs by ActivityDisplayName. - -### Example 4: Get all audit logs with a given result - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' -Get-EntraAuditDirectoryLog -Filter "result eq 'failure'" -All -``` - -This command shows how to get audit logs by the result. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Top - -The maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Filter - -The OData v4.0 filter statement. -Controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Get-EntraAuditDirectoryLogs` is an alias for `Get-EntraAuditDirectoryLog`. - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md deleted file mode 100644 index 5f710b7c0d..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md +++ /dev/null @@ -1,213 +0,0 @@ ---- -title: Get-EntraAuditSignInLog -description: This article provides details on the Get-EntraAuditSignInLog command. - - -ms.topic: reference -ms.date: 07/15/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: -schema: 2.0.0 ---- - -# Get-EntraAuditSignInLog - -## Synopsis - -Get audit logs of sign-ins. - -## Syntax - -```powershell -Get-EntraAuditSignInLog - [-SignInId] - [-All] - [-Top ] - [-Filter ] - [] -``` - -## Description - -The `Get-EntraAuditSignInLog` cmdlet gets the Microsoft Entra ID sign-in log. - -In addition to delegated permissions, the signed-in user must belong to at least one of the following Microsoft Entra roles to read sign-in reports: - -- Global Reader -- Reports Reader -- Security Administrator -- Security Operator -- Security Reader - -## Examples - -### Example 1: Get all logs - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -Get-EntraAuditSignInLog -All -``` - -```Output -Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol --- -------------- ----- ------------------------ ------------------------- ---------------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none -bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none -cccccccc-2222-3333-4444-dddddddddddd Azure Active Directory PowerShell 22223333-cccc-4444-dddd-5555eeee6666 {} none -dddddddd-3333-4444-5555-eeeeeeeeeeee Azure Active Directory PowerShell 33334444-dddd-5555-eeee-6666ffff7777 {} none -``` - -This example returns all audit logs of sign-ins. - -### Example 2: Get the first two logs - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -Get-EntraAuditSignInLog -Top 2 -``` - -```Output -Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol --- -------------- ----- ------------------------ ------------------------- ---------------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none -bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none -``` - -This example returns the first two audit logs of sign-ins. - -### Example 3: Get audit logs containing a given AppDisplayName - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -Get-EntraAuditSignInLog -Filter "AppDisplayName eq 'Graph Explorer'" -Top 1 -``` - -```Output -Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol --- -------------- ----- ------------------------ ------------------------- ---------------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 -``` - -This example demonstrates how to retrieve sign-in logs by AppDisplayName. - -### Example 4: Get all sign-in logs between dates - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -Get-EntraAuditSignInLog -Filter "createdDateTime ge 2024-07-01T00:00:00Z and createdDateTime le 2024-07-14T23:59:59Z" -``` - -This example shows how to retrieve sign-in logs between dates. - -### Example 5: List failed sign-ins for a user - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" -$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize -``` - -This example demonstrates how to retrieve failed sign-ins for a user. - -## Parameters - -### -SignInId - -Specifies unique ID of the Audit Log. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Top - -The maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Filter - -The OData v4.0 filter statement. -Controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Get-EntraAuditSignInLogs` is an alias for `Get-EntraAuditSignInLog`. - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md deleted file mode 100644 index b2b4820947..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md +++ /dev/null @@ -1,192 +0,0 @@ ---- -title: Get-EntraContract -description: This article provides details on the Get-EntraContract command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraContract - -schema: 2.0.0 ---- - -# Get-EntraContract - -## Synopsis - -Gets a contract. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraContract - [-Top ] - [-All] - [-Filter ] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraContract - -ContractId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraContract` cmdlet gets a contract information associated to a partner tenant. - -In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user - -## Examples - -### Example 1: Get all contracts in the directory - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraContract -``` - -This command gets all contracts in the Microsoft Entra ID. - -### Example 2: Get top two contracts in the directory - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraContract -Top 2 -``` - -This command gets top two contracts in the Microsoft Entra ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ContractId - -Specifies the ID of a contract. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -The contract object contains the following attributes: - -`contractType` - type of the contract. - -Possible values are: - -**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. -They resell and support their customers. -**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. -**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. - -`customerContextId` - unique identifier for the customer tenant referenced by this partnership. - -Corresponds to the ObjectId property of the customer tenant's TenantDetail object. - -`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. - -`deletionTimestamp` - this property isn't valid for contracts and always returns null. - -`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. - -`objectType` - a string that identifies the object type. The value is always `Contract`. - -`ContractId` - the unique identifier for the partnership. - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md deleted file mode 100644 index f6a4c492a1..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md +++ /dev/null @@ -1,293 +0,0 @@ ---- -title: Get-EntraDeletedGroup -description: This article provides details on the Get-EntraDeletedGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDeletedGroup - -schema: 2.0.0 ---- - -# Get-EntraDeletedGroup - -## Synopsis - -Retrieves soft-deleted groups in Microsoft Entra ID. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraDeletedGroup - [-Top ] - [-All] - [-Filter ] - [-Property ] - [] -``` - -### GetByValue - -```powershell -Get-EntraDeletedGroup - [-SearchString ] - [-All] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraDeletedGroup - -GroupId - [-All] - [-Property ] - [] -``` - -### GetVague - -```powershell -Get-EntraDeletedGroup - [-All] - [-SearchString ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraDeletedGroup` cmdlet retrieves soft-deleted groups from the directory. Deleted groups can be recovered within 30 days, after which they are permanently deleted. - -Soft delete currently applies only to Unified Groups (Office 365 Groups). - -## Examples - -### Example 1: Get deleted groups in the directory - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} -test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} -test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} -``` - -This cmdlet retrieves all recoverable deleted groups in the Microsoft Entra ID. - -### Example 2: Get deleted groups in the directory using All parameter - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -All -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} -test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} -test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} -``` - -This cmdlet retrieves all recoverable deleted groups in the directory, using All parameter. - -### Example 3: Get top two deleted groups - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -Top 2 -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} -``` - -This cmdlet retrieves top two deleted groups in the directory. - -### Example 4: Get deleted groups containing string 'test2' - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -SearchString 'test2' -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} -test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} -test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} -``` - -This cmdlet retrieves deleted groups in the directory, containing the specified string. - -### Example 5: Get deleted groups filter by display name - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -Filter "displayName eq 'test21'" -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -``` - -This cmdlet retrieves deleted groups in the directory, having the specified display name. - -### Example 6: Get deleted group by GroupId - -```powershell -Connect-Entra -Scopes 'Group.Read.All' -Get-EntraDeletedGroup -GroupId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} -``` - -This cmdlet retrieves the deleted group specified by GroupId. - -- `-GroupId` parameter specifies the deleted group GroupId. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -GroupId - -The GroupId of the deleted group to be retrieved. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SearchString - -Specifies a search string. - -```yaml -Type: System.String -Parameter Sets: GetVague -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md deleted file mode 100644 index cd6d8ca440..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -title: Get-EntraDirSyncConfiguration -description: This article provides details on the Get-EntraDirSyncConfiguration command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration - -schema: 2.0.0 ---- - -# Get-EntraDirSyncConfiguration - -## Synopsis - -Gets the directory synchronization settings. - -## Syntax - -```powershell -Get-EntraDirSyncConfiguration - [-TenantId ] - [] -``` - -## Description - -The `Get-EntraDirSyncConfiguration` cmdlet gets the directory synchronization settings. See [configuration settings](https://learn.microsoft.com/graph/api/resources/onpremisesaccidentaldeletionprevention#properties) details. - -For delegated scenarios, the user needs to be assigned the Global Administrator role. - -## Examples - -### Example 1: Get directory synchronization settings - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' -Get-EntraDirSyncConfiguration -``` - -```Output -AccidentalDeletionThreshold DeletionPreventionType ---------------------------- ---------------------- - 500 enabledForCount -``` - -This example gets directory synchronization settings. - -### Example 2: Get directory synchronization settings by TenantId - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' -$tenant = Get-EntraTenantDetail -Get-EntraDirSyncConfiguration -TenantId $tenant.Id -``` - -```Output -AccidentalDeletionThreshold DeletionPreventionType ---------------------------- ---------------------- - 500 enabledForCount -``` - -This example gets directory synchronization settings by TenantId. - -- `-TenantId` Specifies the unique ID of the tenant. - -## Parameters - -### -TenantId - -The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] - -## Outputs - -## Notes - -## Related Links - -[Set-EntraDirSyncConfiguration](Set-EntraDirSyncConfiguration.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md deleted file mode 100644 index 6ef66b16ba..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md +++ /dev/null @@ -1,153 +0,0 @@ ---- -title: Get-EntraDirSyncFeature -description: This article provides details on the Get-EntraDirSyncFeature command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDirSyncFeature - -schema: 2.0.0 ---- - -# Get-EntraDirSyncFeature - -## Synopsis - -Checks the status of directory synchronization features for a tenant. - -## Syntax - -```powershell -Get-EntraDirSyncFeature - [-TenantId ] - [-Feature ] - [] -``` - -## Description - -The `Get-EntraDirSyncFeature` cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status. - -For delegated scenarios, the user needs to be assigned the Global Administrator role. - -Some of the features that can be used with this cmdlet include: - -- **DeviceWriteback** -- **DirectoryExtensions** -- **DuplicateProxyAddressResiliency** -- **DuplicateUPNResiliency** -- **EnableSoftMatchOnUpn** -- **PasswordSync** -- **SynchronizeUpnForManagedUsers** -- **UnifiedGroupWriteback** -- **UserWriteback** - -To view all supported features, see the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). - -## Examples - -### Example 1: Return a list of all directory synchronization features - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' -Get-EntraDirSyncFeature -``` - -```Output -Enabled DirSyncFeature -------- -------------- - False BlockCloudObjectTakeoverThroughHardMatch - False BlockSoftMatch - False BypassDirSyncOverrides - False CloudPasswordPolicyForPasswordSyncedUsers - False ConcurrentCredentialUpdate - True ConcurrentOrgIdProvisioning - False DeviceWriteback - False DirectoryExtensions - False FopeConflictResolution - False GroupWriteBack - False PasswordSync - False PasswordWriteback - True QuarantineUponProxyAddressesConflict - True QuarantineUponUpnConflict - True SoftMatchOnUpn - True SynchronizeUpnForManagedUsers - False UnifiedGroupWriteback - False UserForcePasswordChangeOnLogon - False UserWriteback -``` - -This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). - -### Example 2: Return the PasswordSync feature status - -```powershell -Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' -Get-EntraDirSyncFeature -Feature 'PasswordSync' -``` - -```Output -Enabled DirSyncFeature -------- -------------- - False PasswordSync -``` - -This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. - -- `-Feature` specifies the directory synchronization feature to check the status of. - -## Parameters - -### -TenantId - -The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Feature - -The directory sync feature to check. See the [complete feature list](https://learn.microsoft.com/graph/api/resources/onpremisesdirectorysynchronizationfeature#properties). - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Set-EntraDirSyncFeature](Set-EntraDirSyncFeature.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md deleted file mode 100644 index ad0512439e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md +++ /dev/null @@ -1,310 +0,0 @@ ---- -title: Get-EntraGroup -description: This article explains the Get-EntraGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroup - -schema: 2.0.0 ---- - -# Get-EntraGroup - -## Synopsis - -Gets a group. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraGroup - [-Top ] - [-All] - [-Filter ] - [-Property ] - [] -``` - -### GetByValue - -```powershell -Get-EntraGroup - [-SearchString ] - [-All] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraGroup - -GroupId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraGroup` cmdlet gets a group in Microsoft Entra ID. Specify the `ObjectId` parameter to get a specific group. - -## Examples - -### Example 1: Get all groups - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -Get-EntraGroup -``` - -```Output -DisplayName Id MailNickname Description ------------ -- ------------ ----------- -SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName -SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName -testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 -My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group -SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName -``` - -This example demonstrates how to get all groups from Microsoft Entra ID. - -### Example 2: Get a specific group by using an GroupId - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" -Get-EntraGroup -GroupId $group.Id -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneaglegroup Crimson Eagle Group {Unified} -``` - -This example demonstrates how to retrieve specific group by providing ID. - -### Example 3: Get top five groups - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -Get-EntraGroup -Top 5 -``` - -```Output -DisplayName Id MailNickname Description ------------ -- ------------ ----------- -Contoso Group hhhhhhhh-3333-5555-3333-qqqqqqqqqqqq contosogroup Contoso Group -Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneagle Crimson Eagle Group -Bold Falcon tttttttt-0000-3333-9999-mmmmmmmmmmmm boldfalcon Bold Falcon Group -Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda -Misty Fox kkkkkkkk-3333-5555-1111-nnnnnnnnnnnn mistyfox Misty Fox Group -``` - -This example demonstrates how to get top five groups. - -### Example 4: Get a group by DisplayName - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda {Unified} -``` - -In this example, we retrieve group using the Display Name. - -### Example 5: Get groups that contain a search string - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -Get-EntraGroup -SearchString 'New' -``` - -```Output -DisplayName Id MailNickname Description GroupTypes ------------ -- ------------ ----------- ---------- -New Sparkling Deer bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq newsparklingdeer New Sparkling Deer Group {Unified} -New Golden Fox xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb newgoldenfox New Golden Fox {DynamicMembership} -``` - -This example demonstrates how to retrieve groups that include the text new in their display names from Microsoft Entra ID. - -### Example 6: Listing ownerless groups - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$allGroups = Get-EntraGroup -All -$groupsWithoutOwners = foreach ($group in $allGroups) { - $owners = Get-EntraGroupOwner -ObjectId $group.Id - if ($owners.Count -eq 0) { - $group - } -} -$groupsWithoutOwners | Format-Table DisplayName, Id, GroupTypes -``` - -```Output -DisplayName Id GroupTypes ------------ -- ---------- -My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} -HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} -``` - -This example demonstrates how to retrieve groups without owners. By identifying ownerless groups, IT admins can improve overall governance and operational efficiency. - -### Example 7: Listing empty groups - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$allGroups = Get-EntraGroup -All -$groupsWithoutMembers = foreach ($group in $allGroups) { - $members = Get-EntraGroupMember -ObjectId $group.Id - if ($members.Count -eq 0) { - $group - } -} -$groupsWithoutMembers | Format-Table DisplayName, Id, GroupTypes -``` - -```Output -DisplayName Id GroupTypes ------------ -- ---------- -My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} -HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} -``` - -This example demonstrates how to retrieve groups without members. By identifying memberless groups, IT admins can identify and clean up unused or obsolete groups that no longer serve a purpose. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -GroupId - -The unique identifier of a group in Microsoft Entra ID (GroupId) - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SearchString - -Specifies a search string. - -```yaml -Type: System.String -Parameter Sets: GetValue -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraGroup](New-EntraGroup.md) - -[Remove-EntraGroup](Remove-EntraGroup.md) - -[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md deleted file mode 100644 index 342f9d743d..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md +++ /dev/null @@ -1,183 +0,0 @@ ---- -title: Get-EntraGroupAppRoleAssignment -description: This article provides details on the Get-EntraGroupAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment - -schema: 2.0.0 ---- - -# Get-EntraGroupAppRoleAssignment - -## Synopsis - -Gets a group application role assignment. - -## Syntax - -```powershell -Get-EntraGroupAppRoleAssignment - -GroupId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraGroupAppRoleAssignment` cmdlet gets a group application role assignment in Microsoft Entra ID. Specify the `GroupId` parameter to get a group application role assignment. - -## Examples - -### Example 1: Retrieve application role assignments of a group - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -SearchString 'Contoso marketing' -Get-EntraGroupAppRoleAssignment -GroupId $group.Id -``` - -```Output -ObjectId ResourceDisplayName PrincipalDisplayName --------- ------------------- -------------------- -MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR -MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR -MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR -``` - -This example retrieves the application role assignments of a group. - -- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. - -### Example 2: Retrieve all application role assignments of a group - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -SearchString 'Contoso marketing' -Get-EntraGroupAppRoleAssignment -GroupId $group.Id -All -``` - -```Output -ObjectId ResourceDisplayName PrincipalDisplayName --------- ------------------- -------------------- -MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR -MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR -MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR -``` - -This example retrieves all application role assignments of the specified group. - -- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. - -### Example 3: Retrieve top two application role assignments of a group - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -SearchString 'Contoso marketing' -Get-EntraGroupAppRoleAssignment -GroupId $group.Id -Top 2 -``` - -```Output -ObjectId ResourceDisplayName PrincipalDisplayName --------- ------------------- -------------------- -MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR -MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR -``` - -This example retrieves top two application role assignments of the specified group. - -- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroup](Get-EntraGroup.md) - -[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) - -[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md deleted file mode 100644 index ec61a0e1e7..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md +++ /dev/null @@ -1,135 +0,0 @@ ---- -title: Get-EntraGroupLifecyclePolicy -description: This article provides details on the Get-EntraGroupLifecyclePolicy command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy - -schema: 2.0.0 ---- - -# Get-EntraGroupLifecyclePolicy - -## Synopsis - -Retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. -If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraGroupLifecyclePolicy - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraGroupLifecyclePolicy - -GroupLifecyclePolicyId - [-Property ] - [] -``` - -## Description - -The `Get-EntraGroupLifecyclePolicy` command retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. Specify the `-GroupLifecyclePolicyId` parameter to get the group lifecycle policy. -If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. - -## Examples - -### Example 1: Retrieve all groupLifecyclePolicies - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraGroupLifecyclePolicy -``` - -```Output -Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes --- --------------------------- ------------------- ----------------- -eeeeeeee-4444-5555-6666-ffffffffffff example@contoso.com 200 Selected -``` - -This example demonstrates how to retrieve the properties and relationships of all groupLifecyclePolicies in Microsoft Entra ID. - -### Example 2: Retrieve properties of an groupLifecyclePolicy - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} -Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id -``` - -```Output -Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes --- --------------------------- ------------------- ----------------- -ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 Selected -``` - -This command is used to retrieve a specific Microsoft Group Lifecycle Policy. - -- `-GroupLifecyclePolicyId` parameter specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. - -## Parameters - -### -GroupLifecyclePolicyId - -Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md deleted file mode 100644 index ff3f1cfb0c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md +++ /dev/null @@ -1,218 +0,0 @@ ---- -title: Get-EntraGroupMember -description: This article provides details on the Get-EntraGroupMember command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupMember - -schema: 2.0.0 ---- - -# Get-EntraGroupMember - -## Synopsis - -Gets a member of a group. - -## Syntax - -```powershell -Get-EntraGroupMember - -GroupId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraGroupMember` cmdlet gets a member of a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a member of a group. - -In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: `microsoft.directory/groups/members/read`, `microsoft.directory/groups/members/limitedRead`, or `microsoft.directory/groups/hiddenMembers/read` (for hidden members). The following least privileged roles support this operation: - -- Group owners -- "Member" users -- "Guest" users (with limited read permissions) -- Directory Readers -- Directory Writers -- Groups Administrator -- User Administrator (includes hidden members) -- Exchange Administrator (includes hidden members) -- SharePoint Administrator (includes hidden members) -- Intune Administrator (includes hidden members) -- Teams Administrator (includes hidden members) -- Yammer Administrator (includes hidden members) - -To list members of a hidden group, the `Member.Read.Hidden` permission is also required. - -## Examples - -### Example 1: Retrieve and Select Group Member Properties - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Select-Object Id, DisplayName, '@odata.type' -``` - -```Output -Id DisplayName @odata.type ------------------------------------- ----------------- ------------------------------- -dddddddd-3333-4444-5555-eeeeeeeeeeee Sawyer Miller #microsoft.graph.user -eeeeeeee-4444-5555-6666-ffffffffffff Alex Wilber #microsoft.graph.user -aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb My Application #microsoft.graph.servicePrincipal -cccccccc-8888-9999-0000-dddddddddddd Contoso Group #microsoft.graph.group -``` - -This example retrieves the members of a specified group by its `GroupId` and selects only the `Id`, `DisplayName` and `@odata.type` properties for each member. - -- `-GroupId` specifies the ID of a group. - -### Example 2: Get two group member - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroupMember -GroupId $group.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -cccccccc-8888-9999-0000-dddddddddddd -dddddddd-9999-0000-1111-eeeeeeeeeeee -``` - -This example demonstrates how to retrieve top two groups from Microsoft Entra ID. - -- `-GroupId` specifies the ID of a group. - -### Example 3: Get all members within a group by group ID - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroupMember -GroupId $group.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -dddddddd-3333-4444-5555-eeeeeeeeeeee -eeeeeeee-4444-5555-6666-ffffffffffff -aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb -bbbbbbbb-7777-8888-9999-cccccccccccc -cccccccc-8888-9999-0000-dddddddddddd -``` - -This example retrieves all members within a group by group ID. - -- `-GroupId` specifies the ID of a group. - -### Example 4: Get a group member by ID - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroupMember -GroupId $group.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-7777-8888-9999-cccccccccccc -``` - -This example demonstrates how to retrieve group member by ID. - -- `-GroupId` Specifies the ID of a group. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraGroupMember](Add-EntraGroupMember.md) - -[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md deleted file mode 100644 index cdbfe48d7e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md +++ /dev/null @@ -1,189 +0,0 @@ ---- -title: Get-EntraGroupOwner -description: This article provides details on the Get-EntraGroupOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupOwner - -schema: 2.0.0 ---- - -# Get-EntraGroupOwner - -## Synopsis - -Gets an owner of a group. - -## Syntax - -```powershell -Get-EntraGroupOwner - -GroupId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraGroupOwner` cmdlet gets an owner of a group in Microsoft Entra ID. Specify `GroupId` parameter gets an owner of a group. - -In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/owners/read` permission. The following least privileged roles support this operation: - -- Group owners -- Directory Readers -- Directory Writers -- Groups Administrator -- User Administrator - -## Examples - -### Example 1: Get a group owner by ID - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Select-Object Id, DisplayName, '@odata.type' -``` - -```Output -id displayName @odata.type --- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Adele Vance #microsoft.graph.user -``` - -This example demonstrates how to retrieve the owner of a specific group. - -- `-GroupId` Parameter specifies the ID of a group. - -### Example 2: Gets all group owners - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroupOwner -GroupId $group.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -dddddddd-3333-4444-5555-eeeeeeeeeeee -``` - -This example demonstrates how to retrieve the all owner of a specific group. - -- `-GroupId` Parameter specifies the ID of a group. - -### Example 3: Gets two group owners - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraGroupOwner -GroupId $group.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example demonstrates how to retrieve the top two owners of a specific group. - -- `-GroupId` parameter specifies the ID of a group. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraGroupOwner](Add-EntraGroupOwner.md) - -[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md deleted file mode 100644 index db05f4a19e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Get-EntraLifecyclePolicyGroup -description: This article provides details on the Get-EntraLifecyclePolicyGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup - -schema: 2.0.0 ---- - -# Get-EntraLifecyclePolicyGroup - -## Synopsis - -Retrieves the lifecycle policy object to which a group belongs. - -## Syntax - -```powershell -Get-EntraLifecyclePolicyGroup - -GroupId - [-Property ] - [] -``` - -## Description - -The `Get-EntraLifecyclePolicyGroup` retrieves the lifecycle policy object to which a group belongs. Specify the `-GroupId` parameter to get the lifecycle policy object to which a group belongs. - -## Examples - -### Example 1: Retrieve lifecycle policy object - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraLifecyclePolicyGroup -GroupId $group.Id -``` - -```Output -Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes --- --------------------------- ------------------- ----------------- -bbbbbbbb-1111-2222-3333-cccccccccccc admingroup@contoso.com 200 All -``` - -This example demonstrates how to retrieve lifecycle policy object by Id in Microsoft Entra ID. - -- `-GroupId` - specifies the ID of a group. - -## Parameters - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md deleted file mode 100644 index 7989dcceb3..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md +++ /dev/null @@ -1,193 +0,0 @@ ---- -title: Get-EntraOAuth2PermissionGrant -description: This article provides details on the Get-EntraOAuth2PermissionGrant Command. - - -ms.topic: reference -ms.date: 10/16/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant - -schema: 2.0.0 ---- - -# Get-EntraOAuth2PermissionGrant - -## Synopsis - -Gets OAuth2PermissionGrant entities. - -## Syntax - -```powershell -Get-EntraOAuth2PermissionGrant - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraOAuth2PermissionGrant` cmdlet gets OAuth2PermissionGrant entities in Microsoft Entra ID. - -In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: - -- Application Administrator -- Application Developer -- Cloud Application Administrator -- Directory Writers -- Privileged Role Administrator -- User Administrator -- Directory Readers -- Global Reader - -## Examples - -### Example 1: Get the OAuth2 permission grants - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraOAuth2PermissionGrant -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All -C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read -E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read -H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read -``` - -This command gets the OAuth2 permission grants. - -### Example 2: Get all the OAuth2 permission grants - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraOAuth2PermissionGrant -All -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All -C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read -E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read -H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read -``` - -This command gets all the OAuth2 permission grants. - -### Example 3: Get OAuth2 permission grants for a user in a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" -Get-EntraOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List -``` - -```Output -ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 -ClientId : 22223333-cccc-4444-dddd-5555eeee6666 -ConsentType : Principal -Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 -PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222 -ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 -Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All -AdditionalProperties : {} -``` - -This example gets the OAuth2 permission grants for a user in a service principal. - - -### Example 4: Get top 2 OAuth2 permission grants record - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraOAuth2PermissionGrant -Top 2 -``` - -```output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All -C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read -``` - -This command retrieves the top 2 OAuth2 permission grant records. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) - -[New-EntraOAuth2PermissionGrant](New-EntraOauth2PermissionGrant.md) - -[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md deleted file mode 100644 index cea3e290c0..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md +++ /dev/null @@ -1,259 +0,0 @@ ---- -title: Get-EntraObjectSetting -description: This article provides details on the Get-EntraObjectSetting command. - - -ms.topic: reference -ms.date: 07/03/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraObjectSetting -schema: 2.0.0 ---- - -# Get-EntraObjectSetting - -## Synopsis - -Gets an object setting. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraObjectSetting - [-Top ] - [-All] - -TargetType - -TargetObjectId - [] -``` - -### GetById - -```powershell -Get-EntraObjectSetting - -Id [-All] - -TargetType - -TargetObjectId - [] -``` - -## Description - -The `Get-EntraObjectSetting` cmdlet retrieves an object setting from Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve object setting from Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -``` - -```Output -Id DisplayName TemplateId --- ----------- ---------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa -``` - -This command retrieves object setting from Microsoft Entra ID. - -- `-TargetType` Parameter specifies the target type. -- `-TargetObjectId` Parameter specifies the ID of the target object. - -### Example 2: Retrieve a specific object setting from Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -$setting = Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id | Where-Object {$_.displayName -eq 'Group.Unified.Guest'} -Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Id $setting.Id -``` - -```Output -Id DisplayName TemplateId --- ----------- ---------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa -``` - -This command retrieves Specific object setting from Microsoft Entra ID. - -- `-TargetType` Parameter specifies the target type. -- `-TargetObjectId` Parameter specifies the ID of the target object. -- `-Id` Parameter specifies the ID of a settings object. - -### Example 3: Retrieve top one object setting from Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Top 1 -``` - -```Output -Id DisplayName TemplateId --- ----------- ---------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa -``` - -This command retrieves top one object setting from Microsoft Entra ID. - -- `-TargetType` Parameter specifies the target type. -- `-TargetObjectId` Parameter specifies the ID of the target object. - -### Example 4: Retrieve all object setting from Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -All -``` - -```Output -Id DisplayName TemplateId --- ----------- ---------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa -``` - -This command retrieves all records of object setting from Microsoft Entra ID. - -- `-TargetType` Parameter specifies the target type. -- `-TargetObjectId` Parameter specifies the ID of the target object. - -### Example 5: Retrieve user object settings - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$user = Get-EntraUser -UserId 'AdeleV@Contoso.com' -Get-EntraObjectSetting -TargetType 'Users' -TargetObjectId $user.Id -``` - -```Output -Id ContributionToContentDiscoveryAsOrganizationDisabled ContributionToContentDiscoveryDisabled --- ---------------------------------------------------- -------------------------------------- - False False -``` - -This command retrieves user object setting. - -- `-TargetType` Parameter specifies the user target type. -- `-TargetObjectId` Parameter specifies the ID of the user. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Id - -Specifies the ID of a settings object. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -TargetObjectId - -Specifies the ID of the target object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -TargetType - -Specifies the target type. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md deleted file mode 100644 index 393349ba13..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md +++ /dev/null @@ -1,143 +0,0 @@ ---- -title: Get-EntraScopedRoleMembership -description: This article provides details on the Get-EntraScopedRoleMembership command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership - -schema: 2.0.0 ---- - -# Get-EntraScopedRoleMembership - -## Synopsis - -List Microsoft Entra role assignments with administrative unit scope. - -## Syntax - -```powershell -Get-EntraScopedRoleMembership - -AdministrativeUnitId - [-ScopedRoleMembershipId ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `ObjectId` parameter to retrieve a specific scoped role membership. - -## Examples - -### Example 1: Get Scoped Role Administrator - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMembership = Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} -Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example gets scoped role administrator. You cane use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. - -### Example 2: List scoped administrators for administrative unit by ObjectId - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -``` - -```Output -Id AdministrativeUnitId RoleId --- -------------------- ------ -dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example list scoped administrators with objectId. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ScopedRoleMembershipId - -Specifies the ID of a scoped role membership. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) - -[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md deleted file mode 100644 index bda3b2f1d0..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md +++ /dev/null @@ -1,370 +0,0 @@ ---- -title: Get-EntraServicePrincipal -description: This article provides details on the Get-EntraServicePrincipal command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipal - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipal - -## Synopsis - -Gets a service principal. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraServicePrincipal - [-Top ] - [-All] - [-Filter ] - [-Property ] - [] -``` - -### GetVague - -```powershell -Get-EntraServicePrincipal - [-SearchString ] - [-All] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraServicePrincipal - -ServicePrincipalId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve all service principal from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -``` - -```Output -ObjectId AppId DisplayName --------- ----- ----------- -bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 Demo App -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 Demo Two App -dddddddd-3333-4444-5555-eeeeeeeeeeee 33334444-dddd-5555-eeee-6666ffff7777 ProjectWorkManagement -``` - -This example retrieves all service principals from the directory. - -### Example 2: Retrieve a service principal by ServicePrincipalId - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This command retrieves specific service principal. - -- `-ServicePrincipalId` Parameter specifies the ID of a service principal. - -### Example 3: Retrieve all service principals from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -All -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application -ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application -``` - -This example retrieves all service principals from the directory. - -### Example 4: Retrieve top two service principal from the directory - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Top 2 -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application -``` - -This command retrieves top two service principals from the directory. - -### Example 5: Get a service principal by display name - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This example gets a service principal by its display name. - -### Example 6: Retrieve a list of all service principal, which has a display name that contains "Helpdesk Application" - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -SearchString 'Helpdesk Application' -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application -``` - -This example gets a list of service principal, which has the specified display name. - -### Example 7: Retrieve all Enterprise apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application -``` - -This example demonstrates how to retrieve all enterprise apps. - -### Example 8: Retrieve all App proxy apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application -``` - -This example demonstrates how to retrieve all app proxy apps. - -### Example 9: Retrieve all disabled apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Filter "accountEnabled eq false" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all disabled apps. - -### Example 10: Retrieve all Global Secure Access apps - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all Global secure access apps. - -### Example 11: List all applications without user assignment - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -Get-EntraServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application -``` - -This example demonstrates how to retrieve all applications without user assignment. - -### Example 12: List all SAML application details - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" -$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize -``` - -```Output -Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses --- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- -00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} -``` - -This example demonstrates how to retrieve all SAML application details. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SearchString - -Specifies a search string. - -```yaml -Type: System.String -Parameter Sets: GetVague -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) - -[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md deleted file mode 100644 index efcd5b2178..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md +++ /dev/null @@ -1,194 +0,0 @@ ---- -title: Get-EntraServicePrincipalAppRoleAssignedTo -description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignedTo command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalAppRoleAssignedTo - -## Synopsis - -Gets app role assignments for this app or service, granted to users, groups and other service principals. - -## Syntax - -```powershell -Get-EntraServicePrincipalAppRoleAssignedTo - -ServicePrincipalId - [-All ] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups and other service principals. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Retrieve the app role assignments - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -``` - -This example shows how to get app role assignments for an app or service, granted to users, groups and other service principals. - -- The first command gets the ID of a service principal and stores it in the $ServicePrincipalId variable. - -- The second command gets the app role assignments for the service principal granted to users, groups and other service principals. - -### Example 2: Get all app role assignments - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -All -``` - -```output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId ---------------- -- --------- --------------- -------------------- ----------- - 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 -``` - -This command gets the all app role assignments for the service principal granted to users, groups and other service principals. - -### Example 3: Get five app role assignments - -```powershell -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $servicePrincipal.Id -Top 5 -``` - -```Output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId ---------------- -- --------- --------------- -------------------- ----------- - 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 -``` - -This command gets the five app role assignments for the service principal granted to users, groups and other service principals. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] - -## Outputs - -### System.Object - -## Notes - -`Get-EntraServiceAppRoleAssignedTo` is an alias for `Get-EntraServicePrincipalAppRoleAssignedTo`. - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md deleted file mode 100644 index 5f2ce83f4a..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,195 +0,0 @@ ---- -title: Get-EntraServicePrincipalAppRoleAssignment -description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalAppRoleAssignment - -## Synopsis - -Gets a service principal application role assignment. - -## Syntax - -```powershell -Get-EntraServicePrincipalAppRoleAssignment - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Retrieve the application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ---------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- - 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 29-02-2024 05:53:00 Ask HR aaaaaaaa-bbbb-cccc-1111-222222222222 Group M365 License Manager -``` - -This command gets application role assignments for specified service principal. - -- The first command gets the ID of a service principal by using the Get-EntraServicePrincipal (./Get-EntraServicePrincipal.md) cmdlet. The command stores the ID in the $ServicePrincipalId variable. - -- The second command gets the application role assignments for the service principal in identified by $ServicePrincipalId. - -### Example 2: Retrieve all application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId ---------------- -- --------- --------------- -------------------- ----------- - 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 -``` - -This command gets all application role assignments for specified service principal. - -### Example 3: Retrieve the top five application role assignments for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -Top 3 -``` - -```Output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId ---------------- -- --------- --------------- -------------------- ----------- - 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 - 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 -``` - -This command gets three application role assignments for specified service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -The maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Get-EntraServiceAppRoleAssignment` is an alias for `Get-EntraServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) - -[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md deleted file mode 100644 index 73683275d2..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md +++ /dev/null @@ -1,155 +0,0 @@ ---- -title: Get-EntraServicePrincipalCreatedObject -description: This article provides details on the Get-EntraServicePrincipalCreatedObject command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalCreatedObject - -## Synopsis - -Get objects created by a service principal. - -## Syntax - -```powershell -Get-EntraServicePrincipalCreatedObject - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the objects that created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -``` - -This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraServicePrincipal` to get service principal ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 2: Retrieve the all objects created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -All -``` - -This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 3: Retrieve the top two objects created by a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $servicePrincipal.Id -Top 2 -``` - -This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md deleted file mode 100644 index 7e95132340..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md +++ /dev/null @@ -1,194 +0,0 @@ ---- -title: Get-EntraServicePrincipalDelegatedPermissionClassification -description: This article provides details on the Get-EntraServicePrincipalDelegatedPermissionClassification command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalDelegatedPermissionClassification - -## Synopsis - -Retrieve the delegated permission classification objects on a service principal. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - [-Filter ] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - -Id - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. - -## Examples - -### Example 1: Get a list of delegated permission classifications - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile -``` - -This command retrieves all delegated permission classifications from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. - -### Example 2: Get a delegated permission classifications - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$permissionClassification = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" -Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -``` - -This command retrieves the delegated permission classification by Id from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. -- `-Id` parameter specifies the delegated permission classification object Id. - -### Example 3: Get a delegated permission classification with filter - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Filter "PermissionName eq 'Sites.Read.All'" -``` - -```Output -Id Classification PermissionId PermissionName --- -------------- ------------ -------------- -bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All -``` - -This command retrieves the filtered delegated permission classifications from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. -- `-Id` parameter specifies the delegated permission classification object Id. - -## Parameters - -### -ServicePrincipalId - -The unique identifier of a service principal object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Id - -The unique identifier of a delegated permission classification object ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Filter - -The OData v4.0 filter statement. -Controls which objects are returned. - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.DelegatedPermissionClassification - -## Notes - -## Related Links - -[Remove-EntraServicePrincipalDelegatedPermissionClassification](Remove-EntraServicePrincipalDelegatedPermissionClassification.md) - -[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md deleted file mode 100644 index 82b772ea8f..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Get-EntraServicePrincipalKeyCredential -description: This article provides details on the Get-EntraServicePrincipalKeyCredential Command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalKeyCredential - -## Synopsis - -Get key credentials for a service principal. - -## Syntax - -```powershell -Get-EntraServicePrincipalKeyCredential - -ServicePrincipalId - [] -``` - -## Description - -The `Get-EntraServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the key credential of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage -------------------- ----------- ----------- --- ----- ------------- ---- ----- - 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign -``` - -This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal object Id. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of the application for which to get the password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) - -[Remove-EntraServicePrincipalKeyCredential](Remove-EntraServicePrincipalKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md deleted file mode 100644 index 111ed5bfd0..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md +++ /dev/null @@ -1,178 +0,0 @@ ---- -title: Get-EntraServicePrincipalMembership -description: This article provides details on the Get-EntraServicePrincipalMembership command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalMembership - -## Synopsis - -Get a service principal membership. - -## Syntax - -```powershell -Get-EntraServicePrincipalMembership - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalMembership -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -``` - -This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal ID. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 2: Retrieve all memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -22223333-cccc-4444-dddd-5555eeee6666 -33334444-dddd-5555-eeee-6666ffff7777 -``` - -This command gets all memberships of a specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -### Example 3: Retrieve top two memberships of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.Id -Top 2 -``` - -```Output -Id DeletedDateTime --- --------------- -11112222-aaaa-3333-bbbb-4444cccc5555 -22223333-cccc-4444-dddd-5555eeee6666 - -``` - -This command gets top two memberships of a specified service principal. - -- `-ServicePrincipalId` parameter specifies the service principal ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md deleted file mode 100644 index bbb20d7771..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md +++ /dev/null @@ -1,171 +0,0 @@ ---- -title: Get-EntraServicePrincipalOAuth2PermissionGrant -description: This article provides details on the Get-EntraServicePrincipalOAuth2PermissionGrant command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalOAuth2PermissionGrant - -## Synopsis - -Gets an oAuth2PermissionGrant object. - -## Syntax - -```powershell -Get-EntraServicePrincipalOAuth2PermissionGrant --ServicePrincipalId -[-All] -[-Top ] -[-Property ] -[] -``` - -## Description - -The `Get-EntraServicePrincipalOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -``` - -```output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -``` - -This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. - -### Example 2: Get all OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals A1bC2dE3f... openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... -``` - -This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. - -### Example 3: Get two OAuth2 permission grants of a service principal - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $servicePrincipal.Id -Top 2 -``` - -```Output -Id ClientId ConsentType PrincipalId ResourceId Scope --- -------- ----------- ----------- ---------- ----- -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... -``` - -This example demonstrates how to get top two oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md deleted file mode 100644 index 67ff6305ae..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md +++ /dev/null @@ -1,176 +0,0 @@ ---- -title: Get-EntraServicePrincipalOwnedObject -description: This article provides details on the Get-EntraServicePrincipalOwnedObject Command. - - -ms.topic: reference -ms.date: 07/22/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalOwnedObject - -## Synopsis - -Gets an object owned by a service principal. - -## Syntax - -```powershell -Get-EntraServicePrincipalOwnedObject - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the owned objects of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -The command retrieves the owned objects of a service principal. - -- `-ServicePrincipalId` Parameter specifies the ID of a service principal. - -### Example 2: Retrieve the all owned objects of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id -All -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -cccccccc-2222-3333-4444-dddddddddddd -``` - -This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal Id. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 3: Retrieve top one owned object of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $servicePrincipal.Id -Top 1 -``` - -```Output -Id DeletedDateTime --- --------------- -bbbbbbbb-1111-2222-3333-cccccccccccc -``` - -This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md deleted file mode 100644 index 388473b24d..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md +++ /dev/null @@ -1,181 +0,0 @@ ---- -title: Get-EntraServicePrincipalOwner -description: This article provides details on the Get-EntraServicePrincipalOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalOwner - -## Synopsis - -Get the owner of a service principal. - -## Syntax - -```powershell -Get-EntraServicePrincipalOwner - -ServicePrincipalId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the owner of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This example gets the owners of a specified service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -### Example 2: Retrieve all the owners of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -All -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This command gets all the owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -### Example 3: Retrieve top two owners of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -Top 2 -``` - -```Output -Id userPrincipalName displayName @odata.type --- ----------------- ----------- ----------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@Contoso.com Alex Wilber #microsoft.graph.user -bbbbbbbb-1111-2222-3333-cccccccccccc ChristieC@Contoso.com Christie Cline #microsoft.graph.user -``` - -This command gets top two owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md deleted file mode 100644 index 622b426ddf..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: Get-EntraServicePrincipalPasswordCredential -description: This article provides details on the Get-EntraServicePrincipalPasswordCredential Command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# Get-EntraServicePrincipalPasswordCredential - -## Synopsis - -Get credentials for a service principal. - -## Syntax - -```powershell -Get-EntraServicePrincipalPasswordCredential - -ServicePrincipalId - [] -``` - -## Description - -The `Get-EntraServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Retrieve the password credential of a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 - 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 - 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 -``` - -This example retrieves the password credentials for specified service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of the service principal for which to get password credentials. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) - -[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md deleted file mode 100644 index b0b93e6c34..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md +++ /dev/null @@ -1,429 +0,0 @@ ---- -title: Get-EntraUser -description: This article provides details on the Get-EntraUser command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraUser - -schema: 2.0.0 ---- - -# Get-EntraUser - -## Synopsis - -Gets a user. - -## Syntax - -### GetQuery (Default) - -```powershell -Get-EntraUser - [-Filter ] - [-All] - [-Top ] - [-Property ] - [] -``` - -### GetByValue - -```powershell -Get-EntraUser - [-SearchString ] - [-All] - [-Property ] - [] -``` - -### GetById - -```powershell -Get-EntraUser - -UserId - [-All] - [-Property ] - [] -``` - -## Description - -The `Get-EntraUser` cmdlet gets a user from Microsoft Entra ID. - -## Examples - -### Example 1: Get top three users - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -Top 3 -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -Angel Brown cccccccc-2222-3333-4444-dddddddddddd AngelB@contoso.com AngelB@contoso.com -Avery Smith dddddddd-3333-4444-5555-eeeeeeeeeeee AveryS@contoso.com AveryS@contoso.com -Sawyer Miller eeeeeeee-4444-5555-6666-ffffffffffff SawyerM@contoso.com SawyerM@contoso.com -``` - -This example demonstrates how to get top three users from Microsoft Entra ID. - -### Example 2: Get a user by ID - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -UserId 'SawyerM@contoso.com' -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc sawyerm@tenant.com sawyerm@tenant.com -``` - -This command gets the specified user. - -- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. - -### Example 3: Search among retrieved users - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -SearchString 'New' -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -New User88 bbbbbbbb-1111-2222-3333-cccccccccccc demo99@tenant.com -New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com -``` - -This cmdlet gets all users that match the value of SearchString against the first characters in DisplayName or UserPrincipalName. - -### Example 4: Get a user by userPrincipalName - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -Filter "userPrincipalName eq 'SawyerM@contoso.com'" -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -Sawyer Miller cccccccc-2222-3333-4444-dddddddddddd SawyerM@contoso.com -``` - -This command gets the specified user. - -### Example 5: Get a user by MailNickname - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -Filter "startswith(MailNickname,'Ada')" -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -Mark Adams bbbbbbbb-1111-2222-3333-cccccccccccc Adams@contoso.com Adams@contoso.com -``` - -In this example, we retrieve all users whose MailNickname starts with Ada. - -### Example 6: Get SignInActivity of a User - -```powershell -Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' -Get-EntraUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -Property Id, DisplayName, UserPrincipalName -ExpandProperty 'SignInActivity' -``` - -```Output -lastNonInteractiveSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa -lastSignInRequestId : cccccccc-2222-3333-4444-dddddddddddd -lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM -lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM -lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa -lastSignInDateTime : 9/7/2024 9:15:41 AM -id : aaaaaaaa-bbbb-cccc-1111-222222222222 -displayName : Sawyer Miller -userPrincipalName : SawyerM@contoso.com -``` - -This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. - -### Example 7: List users with disabled accounts - -```powershell -Connect-Entra -Scopes 'User.Read.All' -Get-EntraUser -Filter "accountEnabled eq false" | Select-Object DisplayName, Id, Mail, UserPrincipalName -``` - -```Output -DisplayName Id Mail UserPrincipalName ------------ -- ---- ----------------- -New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com -``` - -This example demonstrates how to retrieve all users with disabled accounts. - -### Example 8: List users based in a specific country - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$usersInCanada = Get-EntraUser -Filter "Country eq 'Canada'" -$usersInCanada | Select-Object Id, DisplayName, UserPrincipalName, OfficeLocation, Country | Format-Table -AutoSize -``` - -```Output -Id DisplayName UserPrincipalName OfficeLocation Country --- ----------- ----------------- -------------- ------- -cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com 23/2102 Canada -``` - -This example demonstrates how to retrieve all users based in Canada. - -### Example 9: List user count per department - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$departmentCounts = Get-EntraUser -All | Group-Object -Property Department | Select-Object Name, @{Name="MemberCount"; Expression={$_.Count}} -$departmentCounts | Format-Table Name, MemberCount -AutoSize -``` - -```Output -Name MemberCount ----- ----------- - 7 -Engineering 2 -Executive Management 1 -Finance 1 -HR 1 -``` - -This example demonstrates how to retrieve user count in each department. - -### Example 10: List disabled users with active licenses - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$disabledUsersWithLicenses = Get-EntraUser -Filter "accountEnabled eq false" -All | Where-Object { - $_.AssignedLicenses -ne $null -and $_.AssignedLicenses.Count -gt 0 -} -$disabledUsersWithLicenses | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled | Format-Table -AutoSize -``` - -```Output -Id DisplayName UserPrincipalName AccountEnabled --- ----------- ----------------- -------------- -cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com False -``` - -This example demonstrates how to retrieve disabled users with active licenses. - -### Example 11: Retrieve guest users with active licenses - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All -$guestUsersWithLicenses = foreach ($guest in $guestUsers) { - if ($guest.AssignedLicenses.Count -gt 0) { - [pscustomobject]@{ - Id = $guest.Id - DisplayName = $guest.DisplayName - UserPrincipalName = $guest.UserPrincipalName - AssignedLicenses = ($guest.AssignedLicenses | ForEach-Object { $_.SkuId }) -join ", " - } - } -} -$guestUsersWithLicenses | Format-Table Id, DisplayName, UserPrincipalName, AssignedLicenses -AutoSize -``` - -```Output -Id DisplayName UserPrincipalName AssignedLicenses --- ----------- ----------------- ---------------- -cccccccc-2222-3333-4444-dddddddddddd Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com c42b9cae-ea4f-4ab7-9717-81576235ccac -``` - -This example demonstrates how to retrieve guest users with active licenses. - -### Example 12: Retrieve users without managers - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$allUsers = Get-EntraUser -All -$usersWithoutManagers = foreach ($user in $allUsers) { - $manager = Get-EntraUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue - if (-not $manager) { - [pscustomobject]@{ - Id = $user.Id - DisplayName = $user.DisplayName - UserPrincipalName = $user.UserPrincipalName - } - } -} -$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize -``` - -```Output -Id DisplayName UserPrincipalName --- ----------- ----------------- -cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com -bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com -``` - -This example demonstrates how to retrieve users without managers. - -### Example 13: List failed sign-ins for a user - -```powershell -Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' -$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" -$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize -``` - -This example demonstrates how to retrieve failed sign-ins for a user. - -### Example 14: List all guest users - -```powershell -Connect-Entra -Scopes 'User.Read.All' -$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All -$guestUsers | Select-Object DisplayName, UserPrincipalName, Id, createdDateTime, creationType, accountEnabled, UserState | Format-Table -AutoSize -``` - -```Output -DisplayName UserPrincipalName Id CreatedDateTime CreationType AccountEnabled UserState ------------ ----------------- -- --------------- ------------ -------------- --------- -Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com bbbbbbbb-1111-2222-3333-cccccccccccc 9/13/2024 6:37:33 PM Invitation True Accepted -``` - -This example demonstrates how to retrieve list all guest users. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Filter - -Specifies an OData v4.0 filter statement. -This parameter controls which objects are returned. -Details on querying with OData can be [found here](https://learn.microsoft.com/graph/aad-advanced-queries?tabs=powershell). - -```yaml -Type: System.String -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -UserId - -Specifies the ID (as a User Principal Name (UPN) or UserId) of a user in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: GetById -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SearchString - -Specifies a search string. - -```yaml -Type: System.String -Parameter Sets: GetValue -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: GetQuery -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned. - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraUser](New-EntraUser.md) - -[Remove-EntraUser](Remove-EntraUser.md) - -[Set-EntraUser](Set-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md deleted file mode 100644 index f09862a9c3..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md +++ /dev/null @@ -1,185 +0,0 @@ ---- -title: Get-EntraUserOAuth2PermissionGrant -description: This article provides details on the Get-EntraUserOAuth2PermissionGrant command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant - -schema: 2.0.0 ---- - -# Get-EntraUserOAuth2PermissionGrant - -## Synopsis - -Gets an oAuth2PermissionGrant object. - -## Syntax - -```powershell -Get-EntraUserOAuth2PermissionGrant - -UserId - [-All] - [-Top ] - [-Property ] - [] -``` - -## Description - -The `Get-EntraUserOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for the specified user in Microsoft Entra ID. Specify `UserId` parameter to retrieve an oAuth2PermissionGrant object. - -In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation. - -- Application Administrator -- Application Developer -- Cloud Application Administrator -- Directory Writers -- Privileged Role Administrator -- User Administrator -- Directory Readers -- Global Reader -- Guest Inviter - -## Examples - -### Example 1: Retrieve the OAuth2 permission grants for a user using object ID parameter - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -``` - -```Output -Id ClientId ConsentType ExpiryTime --- -------- ----------- ---------- -HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... -9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... -``` - -This example retrieves the OAuth2 permission grants for a user using object ID parameter. - -- `-UserId` parameter specifies the user ID. - -### Example 2: Retrieve the OAuth2 permission grants for a user using All parameter - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -All -``` - -```Output -Id ClientId ConsentType ExpiryTime --- -------- ----------- ---------- -HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... -9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... -``` - -This example retrieves the OAuth2 permission grants for a user using All parameter. - -- `-ObjectId` parameter specifies the user ID. - -### Example 3: Retrieve top one OAuth2 permission grant - -```powershell -Connect-Entra -Scopes 'Directory.Read.All' -Get-EntraUserOAuth2PermissionGrant -ObjectId 'SawyerM@contoso.com' -Top 1 -``` - -```Output -Id ClientId ConsentType ExpiryTime --- -------- ----------- ---------- -HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... -``` - -This Example Retrieve top one the OAuth2 permission grant in Microsoft Entra ID. - -- `-UserId` parameter specifies the user ID. - -## Parameters - -### -All - -List all pages. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -UserId - -Specifies the ID (as a User Principal Name or ObjectId) of a user in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Top - -Specifies the maximum number of records to return. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Property - -Specifies properties to be returned - -```yaml -Type: System.String[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraUser](Get-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md deleted file mode 100644 index 62b2ede469..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md +++ /dev/null @@ -1,128 +0,0 @@ ---- -title: New-EntraAdministrativeUnit -description: This article provides details on the New-EntraAdministrativeUnit command. - - -ms.topic: reference -ms.date: 07/25/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraAdministrativeUnit - -schema: 2.0.0 ---- - -# New-EntraAdministrativeUnit - -## Synopsis - -Creates an administrative unit. - -## Syntax - -```powershell -New-EntraAdministrativeUnit - [-Description ] - -DisplayName - [] -``` - -## Description - -The `New-EntraAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. - -In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. - -## Examples - -### Example 1: Create an administrative unit - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -New-EntraAdministrativeUnit -DisplayName 'TestAU' -``` - -```Output -DeletedDateTime Id Description DisplayName Visibility ---------------- -- ----------- ----------- ---------- - bbbbbbbb-1111-2222-3333-cccccccccccc TestAU -``` - -This example demonstrates how to create an administrative unit. - -- `-DisplayName` parameter specifies the display name for the Administrative unit object. - -### Example 2: Create an administrative unit using '-Description' parameter - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -New-EntraAdministrativeUnit -DisplayName 'Pacific Administrative Unit' -Description 'Administrative Unit for Pacific region' -``` - -```Output -DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility ---------------- -- ----------- ----------- ---------------------------- ---------- - bbbbbbbb-1111-2222-3333-cccccccccccc Pacific Administrative Unit test111 False -``` - -This example demonstrates how to create an administrative unit. - -- `-DisplayName` parameter specifies the display name for the Administrative unit object. -- `-Description` parameter specifies a description for the Administrative unit object. - -## Parameters - -### -Description - -Specifies a description for the new administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name of the new administrative unit. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) - -[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) - -[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md deleted file mode 100644 index d5a7963dab..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md +++ /dev/null @@ -1,198 +0,0 @@ ---- -title: New-EntraApplicationExtensionProperty -description: This article provides details on the New-EntraApplicationExtensionProperty command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty - -schema: 2.0.0 ---- - -# New-EntraApplicationExtensionProperty - -## Synopsis - -Creates an application extension property. - -## Syntax - -```powershell -New-EntraApplicationExtensionProperty - -ApplicationId - -Name - [-DataType ] - [-TargetObjects ] - [] -``` - -## Description - -The `New-EntraApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. - -## Examples - -### Example 1: Create an extension property - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute' -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} -``` - -This command creates an application extension property of the string type for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. - -### Example 2: Create an extension property with data type parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute1' -DataType 'Boolean' -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} -``` - -This command creates an application extension property of the specified data type for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. -- `-DataType` parameter specifies the data type of the value the extension property can hold. - -### Example 3: Create an extension property with targets parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$targets = New-Object System.Collections.Generic.List[System.String] -$targets.Add('User') -New-EntraApplicationExtensionProperty -ApplicationId $application.Id -Name 'NewAttribute2' -TargetObjects $targets -``` - -```Output -DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects ---------------- -- -------------- -------- ---------------------- ---- ------------- - 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} -``` - -The example shows how to create an application extension property with the specified target objects for the specified object. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-Name` parameter specifies the name of the extension property. -- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. - -## Parameters - -### -DataType - -Specifies the data type of the value the extension property can hold. Following values are supported. - -- Binary - 256 bytes maximum -- Boolean -- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. -- Integer - 32-bit value. -- LargeInteger - 64-bit value. -- String - 256 characters maximum - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Name - -Specifies the name of the extension property. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -TargetObjects - -Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. - -- User -- Group -- AdministrativeUnit -- Application -- Device -- Organization - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) - -[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md deleted file mode 100644 index f914e54b02..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: New-EntraApplicationFromApplicationTemplate -description: This article provides details on the New-EntraApplicationFromApplicationTemplate command. - - -ms.service: entra -ms.topic: reference -ms.date: 07/10/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate -schema: 2.0.0 ---- - -# New-EntraApplicationFromApplicationTemplate - -## Synopsis - -Add an instance of an application from the Microsoft Entra application gallery into your directory. - -## Syntax - -```powershell -New-EntraApplicationFromApplicationTemplate - -Id - -DisplayName - [] -``` - -## Description - -The `New-EntraApplicationFromApplicationTemplate` cmdlet adds an instance of an application from the Microsoft Entra application gallery into your directory. - -The application template with ID `8adf8e6e-67b2-4cf2-a259-e3dc5476c621` can be used to add a non-gallery app that you can configure different single-sign on (SSO) modes like SAML SSO and password-based SSO. - -## Examples - -### Example 1: Creates an application from application template - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$applicationTemplate = Get-EntraApplicationTemplate -Filter "DisplayName eq 'SAP Fieldglass'" -New-EntraApplicationFromApplicationTemplate -Id $applicationTemplate.Id -DisplayName 'Contoso SAP App' -``` - -```Output -@odata.context servicePrincipal --------------- ---------------- -https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.applicationServicePrincipal @{oauth2PermissionScopes=System.Object[]; servicePrincipalType=Application; displ...} -``` - -This command instantiates a new application based on application template referenced by the ID. - -- `-Id` specifies Application TemplateId. -- `-DisplayName` specifies application template display name. - -## Parameters - -### -Id - -The Id parameter specifies Application TemplateId. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -DisplayName - -Application template display name. - -```yaml -Type: System.ApplicationTemplateDisplayName -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -### Microsoft.Online.Administration.ApplicationTemplateCopy - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md deleted file mode 100644 index 16554da0aa..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md +++ /dev/null @@ -1,155 +0,0 @@ ---- -title: New-EntraApplicationKey -description: This article provides details on the New-EntraApplicationKey command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationKey - -schema: 2.0.0 ---- - -# New-EntraApplicationKey - -## Synopsis - -Adds a new key to an application. - -## Syntax - -```powershell -New-EntraApplicationKey - -ObjectId - -KeyCredential - -PasswordCredential ] - -Proof - [] -``` - -## Description - -Adds a new key to an application. - -## Examples - -### Example 1: Add a key credential to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq ''" -$params = @{ - ApplicationId = $application.Id - KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } - PasswordCredential = @{ DisplayName = 'mypassword' } - Proof = '{token}' -} - -New-EntraApplicationKey @params -``` - -This command adds a key credential to an specified application. - -- `-ObjectId` parameter specifies the unique identifier of an application. -- `-KeyCredential` parameter specifies the application key credential to add. -- `-PasswordCredential` parameter specifies the application password credential to add. -- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. - -## Parameters - -### -KeyCredential - -The application key credential to add. - -NOTES: keyId value should be null. - -```yaml -Type: KeyCredential -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -The unique identifier of the application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredential - -The application password credential to add. - -NOTES: keyId value should be null. - -```yaml -Type: PasswordCredential -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Proof - -A signed JWT token used as a proof of possession of the existing keys. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -### Microsoft.Open.MSGraph.Model.KeyCredential - -### Microsoft.Open.MSGraph.Model.PasswordCredential - -## Outputs - -### Microsoft.Open.MSGraph.Model.KeyCredential - -## Notes - -## Related Links - -[Remove-EntraApplicationKey](Remove-EntraApplicationKey.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md deleted file mode 100644 index 5393cc9c4a..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md +++ /dev/null @@ -1,255 +0,0 @@ ---- -title: New-EntraApplicationKeyCredential -description: This article provides details on the New-EntraApplicationKeyCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential - -schema: 2.0.0 ---- - -# New-EntraApplicationKeyCredential - -## Synopsis - -Creates a key credential for an application. - -## Syntax - -```powershell -New-EntraApplicationKeyCredential - -ApplicationId - [-CustomKeyIdentifier ] - [-Type ] - [-Usage ] - [-Value ] - [-EndDate ] - [-StartDate ] - [] -``` - -## Description - -The `New-EntraApplicationKeyCredential` cmdlet creates a key credential for an application. - -An application can use this command along with `Remove-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. - -As part of the request validation, proof of possession of an existing key is verified before the action can be performed. - -## Examples - -### Example 1: Create a new application key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$params = @{ - ApplicationId = $application.Id - CustomKeyIdentifier = 'EntraPowerShellKey' - StartDate = '2024-03-21T14:14:14Z' - Type = 'Symmetric' - Usage = 'Sign' - Value = '' -} -New-EntraApplicationKeyCredential @params -``` - -```Output -CustomKeyIdentifier : {84, 101, 115, 116} -EndDate : 2024-03-21T14:14:14Z -KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 -StartDate : 2025-03-21T14:14:14Z -Type : Symmetric -Usage : Sign -Value : {49, 50, 51} -``` - -This example shows how to create an application key credential. - -- `-ApplicationId` Specifies a unique ID of an application -- `-CustomKeyIdentifier` Specifies a custom key ID. -- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. -- `-Type` Specifies the type of the key. -- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. -- `-Value` Specifies the value for the key. - -You can use the `Get-EntraApplication` cmdlet to retrieve the application Object ID. - -### Example 2: Use a certificate to add an application key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object -$cer.Import('C:\Users\ContosoUser\appcert.cer') -$bin = $cer.GetRawCertData() -$base64Value = [System.Convert]::ToBase64String($bin) -$bin = $cer.GetCertHash() -$base64Thumbprint = [System.Convert]::ToBase64String($bin) -$keyid = [System.Guid]::NewGuid().ToString() - -$params = @{ - ApplicationId = $application.Id - CustomKeyIdentifier = $base64Thumbprint - Type = 'AsymmetricX509Cert' - Usage = 'Verify' - Value = $base64Value - StartDate = $cer.GetEffectiveDateString() - EndDate = $cer.GetExpirationDateString() -} -New-EntraApplicationKeyCredential @params -``` - -This example shows how to create an application key credential. - -- `-ApplicationId` Specifies a unique ID of an application -- `-CustomKeyIdentifier` Specifies a custom key ID. -- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. -- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. -- `-Type` Specifies the type of the key. -- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. -- `-Value` Specifies the value for the key. - -## Parameters - -### -CustomKeyIdentifier - -Specifies a custom key ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -EndDate - -Specifies the time when the key becomes invalid as a DateTime object. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -Specifies the time when the key becomes valid as a DateTime object. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Type - -Specifies the type of the key. - -```yaml -Type: KeyType -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Usage - -Specifies the key usage. - -- `AsymmetricX509Cert`: The usage must be `Verify`. -- `X509CertAndPassword`: The usage must be `Sign`. - -```yaml -Type: KeyUsage -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Value - -Specifies the value for the key. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) - -[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) - -[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md deleted file mode 100644 index 4308bdb774..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md +++ /dev/null @@ -1,116 +0,0 @@ ---- -title: New-EntraApplicationPassword -description: This article provides details on the New-EntraApplicationPassword command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationPassword - -schema: 2.0.0 ---- - -# New-EntraApplicationPassword - -## Synopsis - -Adds a strong password to an application. - -## Syntax - -```powershell -New-EntraApplicationPassword - -ApplicationId - -PasswordCredential - [] -``` - -## Description - -Adds a strong password to an application. - -## Examples - -### Example 1: Add a password to an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$passwordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential -$passwordCredential.StartDateTime = Get-Date -Year 2024 -Month 10 -Day 23 -$passwordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 -$passwordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Analytics App Password') -$passwordCredential.Hint = 'analytics' -$passwordCredential.DisplayName = 'Analytics App Password' -New-EntraApplicationPassword -ApplicationId $application.Id -PasswordCredential $passwordCredential -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- -{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM -``` - -This example adds a password to the specified application. - -- `-ApplicationId` parameter specifies the unique identifier of the application. -- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. - -## Parameters - -### -ApplicationId - -The unique identifier of the application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredential - -Represents a password credential associated with an application or a service principal. - -```yaml -Type: PasswordCredential -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -### Microsoft.Open.MSGraph.Model.PasswordCredential - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraApplicationPassword](Remove-EntraApplicationPassword.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md deleted file mode 100644 index ee231bbc48..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md +++ /dev/null @@ -1,200 +0,0 @@ ---- -title: New-EntraApplicationPasswordCredential -description: This article provides details on the New-EntraApplicationPasswordCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential - -schema: 2.0.0 ---- - -# New-EntraApplicationPasswordCredential - -## Synopsis - -Creates a password credential for an application. - -## Syntax - -```powershell -New-EntraApplicationPasswordCredential - -ApplicationId - [-CustomKeyIdentifier ] - [-StartDate ] - [-EndDate ] - [] -``` - -## Description - -The `New-EntraApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. - -## Examples - -### Example 1: Create a password credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "displayName eq ''" -New-EntraApplicationPasswordCredential -ApplicationId $application.Id -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. - -### Example 2: Create a password credential using CustomKeyIdentifier parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "displayName eq ''" -New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- -100 101 109 111 demo 8/2/2026 11:47:53 AM 8Mw tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 8/2/2024 11:47:53 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-CustomKeyIdentifier` Speicifies unique binary identifier. - -### Example 3: Create a password credential using StartDate parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "displayName eq ''" -$startDate = (Get-Date).AddYears(0) -New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -StartDate $startDate -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-StartDate` Speicifies the date and time at which the password becomes valid. - -### Example 4: Create a password credential using EndDate parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "displayName eq ''" -$endDate = (Get-Date).AddYears(2) -New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '' -EndDate $endDate -``` - -```Output -CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime -------------------- ----------- ----------- ---- ----- ---------- ------------- - 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM -``` - -This command creates new password credential for specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-EndDate` Speicifies The date and time at which the password expires. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -CustomKeyIdentifier - -A unique binary identifier. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -The date and time at which the password becomes valid. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -EndDate - -The date and time at which the password expires. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) - -[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md deleted file mode 100644 index 6519453fe3..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md +++ /dev/null @@ -1,147 +0,0 @@ ---- -title: New-EntraGroupAppRoleAssignment -description: This article provides details on the New-EntraGroupAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment - -schema: 2.0.0 ---- - -# New-EntraGroupAppRoleAssignment - -## Synopsis - -Assign a group of users to an application role. - -## Syntax - -```powershell -New-EntraGroupAppRoleAssignment - -GroupId - -PrincipalId - -AppRoleId - -ResourceId - [] -``` - -## Description - -The `New-EntraGroupAppRoleAssignment` cmdlet assigns a group of users to an application role in Microsoft Entra ID. - -## Examples - -### Example 1: Assign a group of users to an application - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "Displayname eq 'Box'" -$group = Get-EntraGroup -SearchString 'Contoso Global' -New-EntraGroupAppRoleAssignment -GroupId $group.Id -PrincipalId $group.Id -ResourceId $servicePrincipal.Id -AppRoleId $servicePrincipal.Approles[1].Id -``` - -```Output -DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId ---------------- -- --------- --------------- -------------------- ----------- - AaBbCcDdEeFfGgHhIiJjKkLlMmNnOo1 00000000-0000-0000-0000-000000000000 3/13/2024 4:41:43 AM Contoso Team aaaaaaaa-bbbb-cccc-1111-222222222222 -3/13/2024 4:45:00 AM BbCcDdEeFfGgHhIiJjKkLlMmNnOoPp2 00000000-0000-0000-0000-000000000000 3/13/2024 4:45:00 AM Finance Group bbbbbbbb-cccc-dddd-2222-333333333333 -``` - -This example demonstrates how to assign a group of users to an application role in Microsoft Entra ID. - -- `GroupId`: The ID of the group to which you're assigning the app role. -- `PrincipalId`: The ID of the group to which you're assigning the app role. -- `ResourceId`: The ID of the resource service Principal, which has defined the app role. -- `AppRoleId`: The ID of the appRole (defined on the resource service principal) to assign to the group. - -## Parameters - -### -AppRoleId - -Specifies the ID of the app role (defined on the resource service principal) to assign. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PrincipalId - -Specifies the principal ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ResourceId - -The unique identifier (ID) for the resource service principal for which the assignment is made. -Required on create. Supports $filter (eq only). - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) - -[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md deleted file mode 100644 index f9a711be83..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md +++ /dev/null @@ -1,133 +0,0 @@ ---- -title: New-EntraGroupLifecyclePolicy -description: This article provides details on the New-EntraGroupLifecyclePolicy command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy - -schema: 2.0.0 ---- - -# New-EntraGroupLifecyclePolicy - -## Synopsis - -Creates a new groupLifecyclePolicy. - -## Syntax - -```powershell -New-EntraGroupLifecyclePolicy - -ManagedGroupTypes - -GroupLifetimeInDays - -AlternateNotificationEmails - [] -``` - -## Description - -Creates a new groupLifecyclePolicy in Microsoft Entra ID. - -## Examples - -### Example 1: Creates a new groupLifecyclePolicy - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes 'Selected' -AlternateNotificationEmails 'example@contoso.com' -``` - -```Output -Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes --- --------------------------- ------------------- ----------------- -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb example@contoso.com 99 Selected -``` - -This example creates a new groupLifecyclePolicy with a group lifetime of 99 days for a selected set of Office 365 groups. Renewal notification emails are sent to for groups without owners. - -- `-GroupLifetimeInDays` parameter specifies the number of days a group can exist before it needs to be renewed. -- `-ManagedGroupTypes` parameter allows the admin to select which office 365 groups the policy applies to. -- `-AlternateNotificationEmails` parameter specifies notification emails for group. - -## Parameters - -### -AlternateNotificationEmails - -Notification emails for groups without owners are sent to these email addresses, separated by a ';'. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupLifetimeInDays - -The number of days a group can exist before it needs to be renewed. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ManagedGroupTypes - -This parameter allows the admin to select which Office 365 groups the policy applies to. -'None' creates the policy in a disabled state. -'All' applies the policy to every Office 365 group in the tenant. -'Selected' allows the admin to choose specific Office 365 groups to which the policy applies. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### None - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) - -[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) - -[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md deleted file mode 100644 index 5e6ce8b6b1..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md +++ /dev/null @@ -1,163 +0,0 @@ ---- -title: New-EntraIdentityProvider -description: This article provides details on the New-EntraIdentityProvider command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraIdentityProvider - -schema: 2.0.0 ---- - -# New-EntraIdentityProvider - -## Synopsis - -Configure a new identity provider in the directory. - -## Syntax - -```powershell -New-EntraIdentityProvider - -Type - -ClientSecret - -ClientId - [-Name ] - [] -``` - -## Description - -The `New-EntraIdentityProvider` cmdlet is used to configure an identity provider in the directory. - -Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. - -Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. - -For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. - -The current set of identity providers can be: - -- Microsoft -- Google -- Facebook -- Amazon -- LinkedIn - -The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. - -## Examples - -### Example 1: Add LinkedIn identity provider - -```powershell -Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' -New-EntraIdentityProvider -Type 'LinkedIn' -Name 'LinkedInName' -ClientId 'LinkedInAppClientId' -ClientSecret 'LinkedInAppClientSecret' -``` - -```Output -Id DisplayName --- ----------- -LinkedIn-OAUTH LinkedInName -``` - -This example adds a LinkedIn identity provider. - -- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. -- `-Name` parameter specifies the display name of the identity provider. -- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. -- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. - -## Parameters - -### -ClientId - -The client identifier for the application, obtained during the application's registration with the identity provider. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ClientSecret - -The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Name - -The display name of the identity provider. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Type - -The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. - -For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### None - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Remove-EntraIdentityProvider](Remove-EntraIdentityProvider.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md deleted file mode 100644 index 38a98265c1..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md +++ /dev/null @@ -1,191 +0,0 @@ ---- -title: New-EntraOauth2PermissionGrant -description: This article provides details on the New-EntraOauth2PermissionGrant command. - - -ms.topic: reference -ms.date: 06/28/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant - -schema: 2.0.0 ---- - -# New-EntraOauth2PermissionGrant - -## Synopsis - -Create a delegated permission grant using an oAuth2PermissionGrant object. This grant allows a client service principal to access a resource service principal on behalf of a signed-in user, with access restricted to the specified delegated permissions. - -## Syntax - -```powershell -New-EntraOauth2PermissionGrant - -ClientId - -ConsentType - -ResourceId - [-PrincipalId ] - [-Scope ] - [] -``` - -## Description - -The `New-EntraOauth2PermissionGrant` cmdlet creates a delegated permission grant using an oAuth2PermissionGrant object. This grant authorizes a client service principal to access a resource service principal on behalf of a signed-in user, with access limited to the specified delegated permissions. - -## Examples - -### Example 1: To grant authorization to impersonate all users - -```powershell -Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" -$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" -$params = @{ - ClientId = $servicePrincipal.Id - ConsentType = 'AllPrincipals' - ResourceId = $graphApp.Id - Scope = 'Directory.Read.All' - StartTime = Get-Date - ExpiryTime = (Get-Date).AddYears(1) -} -New-EntraOauth2PermissionGrant @params -``` - -```Output -Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope --- -------- ----------- ---------- ----------- ---------- ----- -A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... - -``` - -This command Grant authorization to impersonate all users. - -### Example 2: To grant authorization to impersonate a specific user - -```powershell -Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" -$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" -$user = Get-EntraUser -UserId 'SawyerM@contoso.com' -$params = @{ - ClientId = $servicePrincipal.Id - ConsentType = 'Principal' - PrincipalId = $user.Id - ResourceId = $graphApp.Id - Scope = 'Directory.Read.All' - StartTime = Get-Date - ExpiryTime = (Get-Date).AddYears(1) -} -New-EntraOauth2PermissionGrant @params -``` - -```Output -Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope --- -------- ----------- ---------- ----------- ---------- ----- -A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... -``` - -This command Grant authorization to impersonate a specific user. - -## Parameters - -### -ClientId - -The object ID (not appId) of the client service principal for the application, which is authorized to act on behalf of a signed-in user when accessing an API. Required. Supports $filter (eq only). - -```yaml -Type: System.String -Parameter Sets: CreateExpanded -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ConsentType - -Indicates whether the client application is authorized to impersonate all users or only a specific user. - -- `AllPrincipals`: Authorizes the application to impersonate all users. -- `Principal`: Authorizes the application to impersonate a specific user. -An administrator can grant consent on behalf of all users. In some cases, non-admin users are authorized to consent on behalf of themselves for certain delegated permissions. This parameter is required and supports the $filter query (eq only). - -```yaml -Type: System.String -Parameter Sets: CreateExpanded -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ResourceId - -The ID of the resource service principal to which access is authorized. This identifies the API, which the client is authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). - -```yaml -Type: System.String -Parameter Sets: CreateExpanded -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PrincipalId - -The ID of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal, If consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). - -```yaml -Type: System.String -Parameter Sets: CreateExpanded -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Scope - -A space-separated list of the claim values for delegated permissions, which should be included in access tokens for the resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of the resource service principal. Must not exceed 3,850 characters in length. - -```yaml -Type: System.String -Parameter Sets: CreateExpanded -Aliases: -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## RELATED LINKS - -[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) - -[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) - -[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md deleted file mode 100644 index de7042ce6a..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md +++ /dev/null @@ -1,397 +0,0 @@ ---- -title: New-EntraServicePrincipal -description: This article provides details on the New-EntraServicePrincipal command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipal - -schema: 2.0.0 ---- - -# New-EntraServicePrincipal - -## Synopsis - -Creates a service principal. - -## Syntax - -```powershell -New-EntraServicePrincipal - -AppId - [-KeyCredentials ] - [-Homepage ] - [-LogoutUrl ] - [-ServicePrincipalType ] - [-AlternativeNames ] - [-PasswordCredentials ] - [-Tags ] - [-AccountEnabled ] - [-ServicePrincipalNames ] - [-AppRoleAssignmentRequired ] - [-DisplayName ] - [-ReplyUrls ] - [] -``` - -## Description - -Create a new service Principal. - -For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: - -- Application Administrator -- Cloud Application Administrator - -For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. - -## Examples - -### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -$params = @{ - AccountEnabled = $true - AppId = $application.AppId - AppRoleAssignmentRequired = $true - DisplayName = $application.DisplayName - Tags = {WindowsAzureActiveDirectoryIntegratedApp} -} -New-EntraServicePrincipal @params -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. - -The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. - -- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-DisplayName` parameter specifies the service principal display name. -- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. - -### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -$params = @{ - AppId = $application.AppId - Homepage = 'https://localhost/home' - LogoutUrl = 'htpp://localhost/logout' - ReplyUrls = 'https://localhost/redirect' -} -New-EntraServicePrincipal @params -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-Homepage` parameter specifies the home page or landing page of the application. -- `-LogoutUrl` parameter specifies the logout URL. -- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. - -### Example 3: Create a new service principal by KeyCredentials - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential -$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') -$startdate = Get-Date -Year 2023 -Month 10 -Day 23 -$creds.StartDate = $startdate -$creds.Type = 'Symmetric' -$creds.Usage = 'Sign' -$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') -$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" - -New-EntraServicePrincipal -AppId $application.AppId -KeyCredentials $creds -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. - -### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Helpdesk Application'" -New-EntraServicePrincipal -AppId $application.AppId -AlternativeNames 'sktest2' -ServicePrincipalType 'Application' -ServicePrincipalNames $application.AppId -``` - -```Output -DisplayName Id AppId SignInAudience ServicePrincipalType ------------ -- ----- -------------- -------------------- -Helpdesk Application bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADandPersonalMicrosoftAccount Application -``` - -This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. - -- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). -- `-AlternativeNames` parameter specifies the alternative names for this service principal. -- `-ServicePrincipalType` parameter specifies the type of the service principal. -- `-ServicePrincipalNames` parameter specifies an array of service principal names. - -## Parameters - -### -AccountEnabled - -True if the service principal account is enabled; otherwise, false. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AlternativeNames - -The alternative names for this service principal. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppId - -The unique identifier for the associated application (its appId property). - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoleAssignmentRequired - -Indicates whether an application role assignment is required. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the service principal display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Homepage - -Home page or landing page of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -The collection of key credentials associated with the service principal. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -LogoutUrl - -Specifies the logout URL. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PasswordCredentials - -The collection of password credentials associated with the application. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ReplyUrls - -The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalNames - -Specifies an array of service principal names. -Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. -A client uses ServicePrincipalNames to: - -- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. -- Specify a resource URI to acquire an access token, which is the URI returned in the claim. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalType - -The type of the service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Tags linked to this service principal. - -Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) - -[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md deleted file mode 100644 index bc32d75ae9..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,226 +0,0 @@ ---- -title: New-EntraServicePrincipalAppRoleAssignment -description: This article provides details on the New-EntraServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# New-EntraServicePrincipalAppRoleAssignment - -## Synopsis - -Assigns a service principal to an application role. - -## Syntax - -```powershell -New-EntraServicePrincipalAppRoleAssignment - -ObjectId - -PrincipalId - -Id - -ResourceId - [] -``` - -## Description - -The `New-EntraServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Assign an app role to a service principal - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$resourceServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Microsoft Graph'" -$appRole = $resourceServicePrincipal.AppRoles | Where-Object { $_.Value -eq "User.ReadBasic.All" } - -New-EntraServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -Id $appRole.Id -ResourceId $resourceServicePrincipal.Id -``` - -### Example 2: Assign an app role to another service principal - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" -New-EntraServicePrincipalAppRoleAssignment -ObjectId $clientServicePrincipal.Id -PrincipalId $clientServicePrincipal.Id -ResourceId $servicePrincipalObject.Id -Id $servicePrincipalObject.Approles[1].Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd -``` - -This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. - -- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. -- `-ResourceId`parameter specifies the ObjectId of the resource service principal. -- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. -- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. - -### Example 3: Assign an app role to a user - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" -$user = Get-EntraUser -UserId 'PattiF@Contoso.com' - -New-EntraServicePrincipalAppRoleAssignment ` - -ObjectId $servicePrincipalObject.Id ` - -ResourceId $servicePrincipalObject.Id ` - -Id $servicePrincipalObject.Approles[1].Id ` - -PrincipalId $user.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee -``` - -This example demonstrates how to assign an app role to a user in Microsoft Entra ID. -You can use the command `Get-EntraServicePrincipal` to get a service principal Id. -You can use the command `Get-EntraUser` to get a user Id. - -- `-ObjectId` parameter specifies the ObjectId of the app's service principal. -- `-ResourceId`parameter specifies the ObjectId of the app's service principal. -- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. -- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. - -### Example 4: Assign an app role to a group - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipalObject = Get-EntraServicePrincipal -Filter "displayName eq 'Box'" -$group = Get-EntraGroup -Filter "displayName eq 'Contoso marketing'" - -New-EntraServicePrincipalAppRoleAssignment ` - -ObjectId $servicePrincipalObject.Id ` - -ResourceId $servicePrincipalObject.Id ` - -Id $servicePrincipalObject.Approles[1].Id ` - -PrincipalId $group.Id -``` - -```Output -Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId --- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- -3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff -``` - -This example demonstrates how to assign an app role to a group in Microsoft Entra ID. -You can use the command `Get-EntraServicePrincipal` to get a service principal Id. -You can use the command `Get-EntraGroup` to get a group Id. - -- `-ObjectId` parameter specifies the ObjectId of the app's service principal. -- `-ResourceId`parameter specifies the ObjectId of the app's service principal. -- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. -- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. - -## Parameters - -### -Id - -Specifies the ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PrincipalId - -Specifies a principal ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ResourceId - -Specifies a resource ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`New-EntraServiceAppRoleAssignment` is an alias for `New-EntraServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) - -[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md deleted file mode 100644 index e5e3f7b995..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,160 +0,0 @@ ---- -title: New-EntraServicePrincipalPasswordCredential -description: This article provides details on the New-EntraServicePrincipalPasswordCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# New-EntraServicePrincipalPasswordCredential - -## Synopsis - -Creates a password credential for a service principal. - -## Syntax - -```powershell -New-EntraServicePrincipalPasswordCredential - -ServicePrincipalId - [-EndDate ] - [-StartDate ] - [] -``` - -## Description - -The `New-EntraServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Create a password credential with StartDate - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -New-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -StartDate '2024-11-04T14:14:14Z' -``` - -```Output -secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u -@odata.type : #microsoft.graph.servicePrincipal -endDateTime : 08-08-2026 10:30:00 -hint : LY. -customKeyIdentifier : -startDateTime : 08-08-2024 14:14:14 -keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 -@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword -displayName : -StartDate : 08-08-2024 14:14:14 -EndDate : 08-08-2026 10:30:00 -``` - -This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-StarteDate` parameter specifies the date and time at which the password becomes valid. - -### Example 2: Create a password credential with EndDate - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -New-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -EndDate '2024-11-04T14:14:14Z' -``` - -```Output -secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u -@odata.type : #microsoft.graph.servicePrincipal -endDateTime : 08-08-2026 10:30:00 -hint : LY. -customKeyIdentifier : -startDateTime : 08-08-2024 14:14:14 -keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 -@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword -displayName : -StartDate : 08-08-2024 14:14:14 -EndDate : 08-08-2026 10:30:00 -``` - -This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. - -## Parameters - -### -EndDate - -The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of the service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -StartDate - -The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. - -```yaml -Type: System.DateTime -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) - -[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md deleted file mode 100644 index 12485ddb51..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md +++ /dev/null @@ -1,87 +0,0 @@ ---- -title: Remove-EntraAdministrativeUnit -description: This article provides details on the Remove-EntraAdministrativeUnit command. - -ms.topic: reference -ms.date: 07/19/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit - -schema: 2.0.0 ---- - -# Remove-EntraAdministrativeUnit - -## Synopsis - -Removes an administrative unit. - -## Syntax - -```powershell -Remove-EntraAdministrativeUnit - -AdministrativeUnitId - [] -``` - -## Description - -The `Remove-EntraAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. - -To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. - -## Examples - -### Example 1: Remove an administrative unit - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" -Remove-EntraAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -``` - -This command removes the specified administrative unit from Microsoft Entra ID. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) - -[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) - -[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md deleted file mode 100644 index 27cd6c8ad2..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md +++ /dev/null @@ -1,105 +0,0 @@ ---- -title: Remove-EntraAdministrativeUnitMember -description: This article provides details on the Remove-EntraAdministrativeUnitMember command. - -ms.topic: reference -ms.date: 07/17/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember - -schema: 2.0.0 ---- - -# Remove-EntraAdministrativeUnitMember - -## Synopsis - -Removes an administrative unit member. - -## Syntax - -```powershell -Remove-EntraAdministrativeUnitMember - -AdministrativeUnitId - -MemberId - [] -``` - -## Description - -The `Remove-EntraAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. - -To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. - -## Examples - -### Example 1: Remove an administrative unit member - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.Read.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$adminUnitMember = Get-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id | Select-Object Id, DisplayName,'@odata.type' | Where-Object {$_.DisplayName -eq 'Saywer Miller'} -Remove-EntraAdministrativeUnitMember -AdministrativeUnitId $administrativeUnit.Id -MemberId $adminUnitMember.Id -``` - -This command removes a specified member (user or group) from a specified administrative unit. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-MemberId` parameter specifies the ID of the administrative unit member. - -## Parameters - -### -MemberId - -Specifies the ID of the administrative unit member. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) - -[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) - -[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md deleted file mode 100644 index 3aed2ac71f..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: Remove-EntraApplication -description: This article provides details on the Remove-EntraApplication command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplication - -schema: 2.0.0 ---- - -# Remove-EntraApplication - -## Synopsis - -Deletes an application object. - -## Syntax - -```powershell -Remove-EntraApplication - -ApplicationId - [] -``` - -## Description - -The `Remove-EntraApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. - -## Examples - -### Example 1: Remove an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraApplication -ApplicationId $application.Id -``` - -This example demonstrates how to delete an application object. - -### Example 2: Remove an application using pipelining - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" | Remove-EntraApplication -``` - -This example demonstrates how to delete an application object using pipelining. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) - -[New-EntraApplication](New-EntraApplication.md) - -[Set-EntraApplication](Set-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md deleted file mode 100644 index a3b219ae87..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraApplicationExtensionProperty -description: This article provides details on the Remove-EntraApplicationExtensionProperty command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty - -schema: 2.0.0 ---- - -# Remove-EntraApplicationExtensionProperty - -## Synopsis - -Removes an application extension property. - -## Syntax - -```powershell -Remove-EntraApplicationExtensionProperty - -ExtensionPropertyId - -ApplicationId - [] -``` - -## Description - -The `Remove-EntraApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an application extension property - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$extension = Get-EntraApplicationExtensionProperty -ApplicationId $application.Id | Where-Object {$_.Name -eq 'extension_3ed1a24748dd4e4cb91fc0ab09576ff0_NewAttribute'} -Remove-EntraApplicationExtensionProperty -ApplicationId $application.Id -ExtensionPropertyId $extension.Id -``` - -This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. - -## Parameters - -### -ExtensionPropertyId - -Specifies the unique ID of the extension property to remove. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) - -[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md deleted file mode 100644 index 6d6d8ff972..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Remove-EntraApplicationKey -description: This article provides details on the Remove-EntraApplicationKey command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationKey - -schema: 2.0.0 ---- - -# Remove-EntraApplicationKey - -## Synopsis - -Removes a key from an application. - -## Syntax - -```powershell -Remove-EntraApplicationKey - -ApplicationId - [-Proof ] - [-KeyId ] - [] -``` - -## Description - -Removes a key from an application. - -## Examples - -### Example 1: Remove a key credential from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraApplicationKey -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -Proof '{token}' -``` - -This command removes the specified key credential from the specified application. - -- `-ApplicationId` parameter specifies the unique identifier of an application. -- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. -- `-Proof` parameter specifies the JWT token provided as a proof of possession. - -## Parameters - -### -ApplicationId - -Specifies the unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -KeyId - -The key Id corresponding to the key object to be removed. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Proof - -The JWT token provided as a proof of possession. - -A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: - -- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. -- `iss`: Issuer needs to be the ID of the application that initiates the request. -- `nbf`: Not before time. -- `exp`: Expiration time should be the value of nbf + 10 minutes. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[New-EntraApplicationKey](New-EntraApplicationKey.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md deleted file mode 100644 index f0a9b6ba1c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraApplicationKeyCredential -description: This article provides details on the Remove-EntraApplicationKeyCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential - -schema: 2.0.0 ---- - -# Remove-EntraApplicationKeyCredential - -## Synopsis - -Removes a key credential from an application. - -## Syntax - -```powershell -Remove-EntraApplicationKeyCredential - -ApplicationId - -KeyId - [] -``` - -## Description - -The `Remove-EntraApplicationKeyCredential` cmdlet removes a key credential from an application. - -An application can use this command along with `New-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. - -## Examples - -### Example 1: Remove a key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Remove-EntraApplicationKeyCredential -ApplicationId $application.Id -KeyId 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' -``` - -This command removes the specified key credential from the specified application. - -- `-ApplicationId` Specifies the ID of an application. -- `-KeyId` Specifies a custom key ID. Use `Get-EntraApplicationKeyCredential` to get the keyId details. - -## Parameters - -### -KeyId - -Specifies a custom key ID. The unique identifier for the password. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies a unique ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) - -[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md deleted file mode 100644 index 2e1f17bd71..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraApplicationOwner -description: This article provides details on the Remove-EntraApplicationOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationOwner - -schema: 2.0.0 ---- - -# Remove-EntraApplicationOwner - -## Synopsis - -Removes an owner from an application. - -## Syntax - -```powershell -Remove-EntraApplicationOwner - -OwnerId - -ApplicationId - [] -``` - -## Description - -The `Remove-EntraApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an owner from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -Remove-EntraApplicationOwner @params -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$owner = Get-EntraApplicationOwner -ApplicationId $application.Id | Where-Object {$_.userPrincipalName -eq 'SawyerM@contoso.com'} -Remove-EntraApplicationOwner -ApplicationId $application.Id -OwnerId $owner.Id -``` - -This example removes the specified owner from the specified application. You can use the command `Get-EntraApplication` to get application Id. - -- `-ApplicationId` parameter specifies the the unique identifier of a application. -- `-OwnerId` parameter specifies the ID of the owner. - -## Parameters - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OwnerId - -Specifies the ID of the owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) - -[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md deleted file mode 100644 index 931c26792e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraApplicationPassword -description: This article provides details on the Remove-EntraApplicationPassword command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationPassword - -schema: 2.0.0 ---- - -# Remove-EntraApplicationPassword - -## Synopsis - -Remove a password from an application. - -## Syntax - -```powershell -Remove-EntraApplicationPassword - -ObjectId - [-KeyId ] - [] -``` - -## Description - -Remove a password from an application. - -## Examples - -### Example 1: Removes a password from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$applicationPassword = Get-EntraApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'CRM Helpdesk App'} -Remove-EntraApplicationPassword -ObjectId $application.Id -KeyId $applicationPassword.KeyId -``` - -This example removes the specified password from the specified application. - -- `-ObjectId` parameter specifies the unique identifier of the application. -- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. - -## Parameters - -### -ObjectId - -The unique identifier of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -KeyId - -The unique identifier for the key. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[New-EntraApplicationPassword](New-EntraApplicationPassword.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md deleted file mode 100644 index 12dc128443..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Remove-EntraApplicationPasswordCredential -description: This article provides details on the Remove-EntraApplicationPasswordCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential - -schema: 2.0.0 ---- - -# Remove-EntraApplicationPasswordCredential - -## Synopsis - -Removes a password credential from an application. - -## Syntax - -```powershell -Remove-EntraApplicationPasswordCredential - -ApplicationId - -KeyId - [] -``` - -## Description - -The `Remove-EntraApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. - -## Examples - -### Example 1: Remove an application password credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "displayName eq 'Contoso Helpdesk Application'" -$applicationPassword = Get-EntraApplicationPasswordCredential -ApplicationId $application.Id | Where-Object {$_.DisplayName -eq 'ERP App Password'} -Remove-EntraApplicationPasswordCredential -ApplicationId $application.Id -KeyId $applicationPassword.KeyId -``` - -This example demonstrates how to remove the password credential for an application. - -- `ApplicationId` Specifies the ID of the application. Use `Get-EntraApplication` to get application ObjectId value. -- `KeyId` Specifies the ID of the password credential. Use `Get-EntraApplicationPasswordCredential` to retrieve a specific credential details. - -## Parameters - -### -KeyId - -Specifies the ID of the password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of the application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) - -[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) - -[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md deleted file mode 100644 index acfa889658..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md +++ /dev/null @@ -1,83 +0,0 @@ ---- -title: Remove-EntraApplicationVerifiedPublisher -description: This article provides details on the Remove-EntraApplicationVerifiedPublisher command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher - -schema: 2.0.0 ---- - -# Remove-EntraApplicationVerifiedPublisher - -## Synopsis - -Removes the verified publisher from an application. - -## Syntax - -```powershell -Remove-EntraApplicationVerifiedPublisher - -AppObjectId - [] -``` - -## Description - -Removes the verified publisher from an application. - -## Examples - -### Example 1: Remove the verified publisher from an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraApplication -Filter "displayName eq 'Contoso Helpdesk Application'" -Remove-EntraApplicationVerifiedPublisher -AppObjectId $application.Id -``` - -This command demonstrates how to remove the verified publisher from an application. - -- `-AppObjectId` parameter specifies the unique identifier of an application. - -## Parameters - -### -AppObjectId - -The unique identifier of a Microsoft Entra ID Application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[Set-EntraApplicationVerifiedPublisher](Set-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md deleted file mode 100644 index a8145c0e54..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: Remove-EntraDeletedApplication -description: This article provides details on the Remove-EntraDeletedApplication command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraDeletedApplication - -schema: 2.0.0 ---- - -# Remove-EntraDeletedApplication - -## Synopsis - -Permanently delete a recently deleted application object from deleted items. - -## Syntax - -```powershell -Remove-EntraDeletedApplication - [-ObjectId] - [] -``` - -## Description - -Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. - -## Examples - -### Example 1: Remove deleted application object - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' -Remove-EntraDeletedApplication -ObjectId $deletedApplication.Id -``` - -This command removes recently deleted application. You can use the command `Get-EntraDeletedApplication` to get deleted application Id. - -- `-ObjectId` parameter specifies the Id of a deleted application. - -### Example 2: Remove deleted application using pipelining - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -Get-EntraDeletedApplication -Filter "DisplayName eq 'My PowerShell Application'" | Remove-EntraDeletedApplication -``` - -This command removes recently deleted application using pipelining. - -## Parameters - -### -ObjectId - -The unique identifier of deleted application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: 0 -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) - -[Restore-EntraDeletedApplication](Restore-EntraDeletedApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md deleted file mode 100644 index 441cdaf3ef..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md +++ /dev/null @@ -1,96 +0,0 @@ ---- -title: Remove-EntraDeletedDirectoryObject -description: This article provides details on the Remove-EntraDeletedDirectoryObject command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject - -schema: 2.0.0 ---- - -# Remove-EntraDeletedDirectoryObject - -## Synopsis - -Permanently delete a previously deleted directory object. - -## Syntax - -```powershell -Remove-EntraDeletedDirectoryObject - -DirectoryObjectId - [] -``` - -## Description - -The `Remove-EntraDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. - -When a directory object is permanently deleted, it can no longer be restored. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- To permanently delete deleted applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. -- To permanently delete deleted users: `User Administrator`. -- To permanently delete deleted groups: `Groups Administrator`. - -## Examples - -### Example 1: Delete a previously deleted directory object - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' -$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' -Remove-EntraDeletedDirectoryObject -DirectoryObjectId $deletedApplication.Id -``` - -This example demonstrates how to permanently delete a previously deleted directory object by DirectoryObjectId. - -- `-DirectoryObjectId` parameter specifies the Id of the directory object that is permanently deleted. - -## Parameters - -### -DirectoryObjectId - -The DirectoryObjectId of the directory object that is permanently deleted. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraDeletedDirectoryObject](Get-EntraDeletedDirectoryObject.md) - -[Restore-EntraDeletedDirectoryObject](Restore-EntraDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md deleted file mode 100644 index 4870595bdb..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md +++ /dev/null @@ -1,92 +0,0 @@ ---- -title: Remove-EntraGroup -description: This article provides details on the Remove-EntraGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroup - -schema: 2.0.0 ---- - -# Remove-EntraGroup - -## Synopsis - -Removes a group. - -## Syntax - -```powershell -Remove-EntraGroup - -GroupId - [] -``` - -## Description - -The `Remove-EntraGroup` cmdlet removes a group from Microsoft Entra ID. Specify the `GroupId` parameter removes a group. - -Unified Group can be restored withing 30 days after deletion using the `Restore-EntraBetaDeletedDirectoryObject` cmdlet. Security groups can't be restored after deletion. - -**Notes on permissions:** - -The following conditions apply for apps to delete role-assignable groups: - -- For delegated scenarios, the app must be assigned the `RoleManagement.ReadWrite.Directory` delegated permission, and the calling user must be the creator of the group or be assigned at least the Privileged Role Administrator Microsoft Entra role. -- For app-only scenarios, the calling app must be the owner of the group or be assigned the `RoleManagement.ReadWrite.Directory` application permission or be assigned at least the Privileged Role Administrator Microsoft Entra role. - -## Examples - -### Example 1: Remove a group - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" | Remove-EntraGroup -``` - -This example demonstrates how to remove a group in Microsoft Entra ID. - -- `GroupId` parameter specifies the group ID . - -## Parameters - -### -GroupId - -Specifies the object ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroup](Get-EntraGroup.md) - -[New-EntraGroup](New-EntraGroup.md) - -[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md deleted file mode 100644 index c76afdb8a1..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md +++ /dev/null @@ -1,100 +0,0 @@ ---- -title: Remove-EntraGroupAppRoleAssignment -description: This article provides details on the Remove-EntraGroupAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment - -schema: 2.0.0 ---- - -# Remove-EntraGroupAppRoleAssignment - -## Synopsis - -Delete a group application role assignment. - -## Syntax - -```powershell -Remove-EntraGroupAppRoleAssignment - -AppRoleAssignmentId - -GroupId -[] -``` - -## Description - -The `Remove-EntraGroupAppRoleAssignment` cmdlet removes a group application role assignment from Microsoft Entra ID. - -## Examples - -### Example 1: Remove group app role assignment - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$group = Get-EntraGroup -Filter "displayName eq 'Contoso Marketing'" -$appRoleAssignment = Get-EntraGroupAppRoleAssignment -GroupId $group.Id | Where-Object {$_.ResourceDisplayName -eq 'Box'} -Remove-EntraGroupAppRoleAssignment -GroupId $group -AppRoleAssignmentId $appRoleAssignment.Id -``` - -This example demonstrates how to remove the specified group application role assignment. -GroupId - Specifies the object ID of a group. -AppRoleAssignmentId - Specifies the object ID of the group application role assignment. - -## Parameters - -### -AppRoleAssignmentId - -Specifies the object ID of the group application role assignment. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the object ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) - -[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md deleted file mode 100644 index 57dfcbd331..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md +++ /dev/null @@ -1,87 +0,0 @@ ---- -title: Remove-EntraGroupLifecyclePolicy -description: This article provides details on the Remove-EntraGroupLifecyclePolicy command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy - -schema: 2.0.0 ---- - -# Remove-EntraGroupLifecyclePolicy - -## Synopsis - -Deletes a groupLifecyclePolicies object - -## Syntax - -```powershell -Remove-EntraGroupLifecyclePolicy - -GroupLifecyclePolicyId - [] -``` - -## Description - -The `Remove-EntraGroupLifecyclePolicy` command deletes a groupLifecyclePolicies object in Microsoft Entra ID. Specify `Id` parameter deletes the groupLifecyclePolicies object. - -## Examples - -### Example 1: Remove a groupLifecyclePolicies - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} | Remove-EntraGroupLifecyclePolicy -``` - -This example demonstrates how to delete the groupLifecyclePolicies object that has the specified ID. You can use `Get-EntraGroupLifecyclePolicy` to get Id details. - -## Parameters - -### -GroupLifecyclePolicyId - -Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related links - -[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) - -[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) - -[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md deleted file mode 100644 index fa26ce60cd..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraGroupMember -description: This article provides details on the Remove-EntraGroupMember command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupMember - -schema: 2.0.0 ---- - -# Remove-EntraGroupMember - -## Synopsis - -Removes a member from a group. - -## Syntax - -```powershell -Remove-EntraGroupMember - -GroupId - -MemberId - [] -``` - -## Description - -The `Remove-EntraGroupMember` cmdlet removes a member from a group in Microsoft Entra ID. Specify the `ObjectId` and `MemberId` parameters to remove a member from a group. - -## Examples - -### Example 1: Remove a member - -```powershell -Connect-Entra -Scopes 'GroupMember.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -$groupMember = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Where-Object {$_.displayName -eq 'Adele Vance'} -Remove-EntraGroupMember -GroupId $group.Id -MemberId $groupMember.Id -``` - -This command removes the specified member from the specified group. - -- `GroupId` - Specifies the object ID of a group in Microsoft Entra ID. - -- `MemberId` - Specifies the ID of the member to remove. - -## Parameters - -### -MemberId - -Specifies the ID of the member to remove. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the object ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraGroupMember](Add-EntraGroupMember.md) - -[Get-EntraGroupMember](Get-EntraGroupMember.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md deleted file mode 100644 index 0a9c4aff2d..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraGroupOwner -description: This article provides details on the Remove-EntraGroupOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupOwner - -schema: 2.0.0 ---- - -# Remove-EntraGroupOwner - -## Synopsis - -Removes an owner from a group. - -## Syntax - -```powershell -Remove-EntraGroupOwner - -OwnerId - -GroupId - [] -``` - -## Description - -The `Remove-EntraGroupOwner` cmdlet removes an owner from a group in Microsoft Entra ID. Specify the `GroupId` and `OwnerId` parameters to remove an owner from a group. - -## Examples - -### Example 1: Remove an owner - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -$groupOwner = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Where-Object {$_.displayName -eq 'Adele Vance'} -Remove-EntraGroupOwner -GroupId $group.Id -OwnerId $groupOwner.Id -``` - -This example demonstrates how to remove an owner from a group in Microsoft Entra ID. - -- `GroupId` - Specifies the ID of a group in Microsoft Entra ID. - -- `OwnerId` - Specifies the ID of an owner. - -## Parameters - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OwnerId - -Specifies the ID of an owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related links - -[Add-EntraGroupOwner](Add-EntraGroupOwner.md) - -[Get-EntraGroupOwner](Get-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md deleted file mode 100644 index 61ae6cc033..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md +++ /dev/null @@ -1,113 +0,0 @@ ---- -title: Remove-EntraLifecyclePolicyGroup -description: This article provides details on the Remove-EntraLifecyclePolicyGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup - -schema: 2.0.0 ---- - -# Remove-EntraLifecyclePolicyGroup - -## Synopsis - -Removes a group from a lifecycle policy. - -## Syntax - -```powershell -Remove-EntraLifecyclePolicyGroup - -GroupId - -GroupLifecyclePolicyId - [] -``` - -## Description - -The `Remove-EntraLifecyclePolicyGroup` cmdlet removes a group from a lifecycle policy in Microsoft Entra ID. - -## Examples - -### Example 1: Remove lifecycle policy group - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" -$policy = Get-EntraLifecyclePolicyGroup -Id $group.Id -Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id -``` - -```Output -Value ------ -True -``` - -This example demonstrates how to remove a group from a lifecycle policy in Microsoft Entra ID with specified Id and groupId. - -- `-GroupLifecyclePolicyId` parameter specifies the lifecycle policy object ID. -- `-GroupId` parameter specifies the ID of Office365 group. - -## Parameters - -### -GroupId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupLifecyclePolicyId - -Specifies the ID of the lifecycle policy object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) - -[Add-EntraLifecyclePolicyGroup](Add-EntraLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md deleted file mode 100644 index ae6f1af933..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: Remove-EntraOAuth2PermissionGrant -description: This article provides details on the Remove-EntraOAuth2PermissionGrant command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant - -schema: 2.0.0 ---- - -# Remove-EntraOAuth2PermissionGrant - -## Synopsis - -Removes an OAuth2PermissionGrant. - -## Syntax - -```powershell -Remove-EntraOAuth2PermissionGrant - -ObjectId - [] -``` - -## Description - -The `Remove-EntraOAuth2PermissionGrant` cmdlet removes an OAuth2PermissionGrant object in Microsoft Entra ID. - -When a delegated permission grant is deleted, the access it granted is revoked. Existing access tokens will continue to be valid for their lifetime, but new access tokens will not be granted for the delegated permissions identified in the deleted OAuth2PermissionGrant. - -## Examples - -### Example 1: Remove an OAuth2 permission grant - -```powershell -Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' -$SharePointSP = Get-EntraServicePrincipal | Where-Object {$_.DisplayName -eq 'Microsoft.SharePoint'} -$SharePointOA2AllSitesRead = Get-EntraOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $SharePointSP.ObjectId} | Where-Object {$_.Scope -eq 'AllSites.Read'} -Remove-EntraOAuth2PermissionGrant -ObjectId $SharePointOA2AllSitesRead.ObjectId -``` - -This example shows how to remove an OAuth2PermissionGrant object in Microsoft Entra ID. - -## Parameters - -### -ObjectId - -Specifies the ID of an OAuth2PermissionGrant object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md deleted file mode 100644 index 194f322b7c..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Remove-EntraScopedRoleMembership -description: This article provides details on the Remove-EntraScopedRoleMembership command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership - -schema: 2.0.0 ---- - -# Remove-EntraScopedRoleMembership - -## Synopsis - -Removes a scoped role membership. - -## Syntax - -```powershell -Remove-EntraScopedRoleMembership - -AdministrativeUnitId - -ScopedRoleMembershipId - [] -``` - -## Description - -The `Remove-EntraScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. - -## Examples - -### Example 1: Remove a scoped role membership - -```powershell -Connect-Entra -Scopes 'RoleManagement.Read.Directory' -$role = Get-EntraDirectoryRole -Filter "DisplayName eq 'Helpdesk Administrator'" -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -$roleMembership = Get-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id | Where-Object {$_.RoleId -eq $role.Id} -Remove-EntraScopedRoleMembership -AdministrativeUnitId $administrativeUnit.Id -ScopedRoleMembershipId $roleMembership.Id -``` - -This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. - -- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. -- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraScopedRoleMembership` command. - -## Parameters - -### -AdministrativeUnitId - -Specifies the ID of an administrative unit object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ScopedRoleMembershipId - -Specifies the ID of the scoped role membership to remove. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) - -[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md deleted file mode 100644 index a80f351c16..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md +++ /dev/null @@ -1,85 +0,0 @@ ---- -title: Remove-EntraServicePrincipal -description: This article provides details on the Remove-EntraServicePrincipal command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipal - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipal - -## Synopsis - -Removes a service principal. - -## Syntax - -```powershell -Remove-EntraServicePrincipal - -ServicePrincipalId - [] -``` - -## Description - -The `Remove-EntraServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Removes a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" | Remove-EntraServicePrincipal -``` - -This example demonstrates how to remove a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[New-EntraServicePrincipal](New-EntraServicePrincipal.md) - -[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md deleted file mode 100644 index c4e23b2540..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Remove-EntraServicePrincipalAppRoleAssignment -description: This article provides details on the Remove-EntraServicePrincipalAppRoleAssignment command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipalAppRoleAssignment - -## Synopsis - -Removes a service principal application role assignment. - -## Syntax - -```powershell -Remove-EntraServicePrincipalAppRoleAssignment - -AppRoleAssignmentId - -ServicePrincipalId - [] -``` - -## Description - -The `Remove-EntraServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. - -App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. - -For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. - -- Directory Synchronization Accounts -- Directory Writer -- Hybrid Identity Administrator -- Identity Governance Administrator -- Privileged Role Administrator -- User Administrator -- Application Administrator -- Cloud Application Administrator - -## Examples - -### Example 1: Removes a service principal application role assignment - -```powershell -Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$group = Get-EntraGroup -Filter "displayName eq 'Contoso marketing'" -$assignment = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PrincipalId -eq $group.Id} -Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -AppRoleAssignmentId $assignment.Id -``` - -This example demonstrates how to remove a service principal application role assignment for a group in Microsoft Entra ID. - -- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. -- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. - -## Parameters - -### -AppRoleAssignmentId - -Specifies the ID of the application role assignment. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -`Remove-EntraServiceAppRoleAssignment` is an alias for `Remove-EntraServicePrincipalAppRoleAssignment`. - -## Related Links - -[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) - -[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md deleted file mode 100644 index 1d04211cce..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraServicePrincipalDelegatedPermissionClassification -description: This article provides details on the Remove-EntraServicePrincipalDelegatedPermissionClassification command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipalDelegatedPermissionClassification - -## Synopsis - -Remove delegated permission classification. - -## Syntax - -```powershell -Remove-EntraServicePrincipalDelegatedPermissionClassification - -ServicePrincipalId - -Id - [] -``` - -## Description - -The `Remove-EntraServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. - -## Examples - -### Example 1: Remove a delegated permission classification - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$permissionClassification = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id | Where-Object {$_.PermissionName -eq 'Sites.Read.All'} -Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $servicePrincipal.Id -Id $permissionClassification.Id -``` - -This command deletes the delegated permission classification by Id from the service principal. - -- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. -- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. - -## Parameters - -### -ServicePrincipalId - -The unique identifier of a service principal object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -Id - -The unique identifier of a delegated permission classification object Id. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) - -[Add-EntraServicePrincipalDelegatedPermissionClassification](Add-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md deleted file mode 100644 index 8e1ab52950..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -title: Remove-EntraServicePrincipalKeyCredential -description: This article provides details on the Remove-EntraServicePrincipalKeyCredential command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipalKeyCredential - -## Synopsis - -Removes a key credential from a service principal. - -## Syntax - -```powershell -Remove-EntraServicePrincipalKeyCredential - -ServicePrincipalId - -KeyId - [] -``` - -## Description - -The Remove-EntraServicePrincipalKeyCredential cmdlet removes a key credential from a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Remove a key credential - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All', 'Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$key = Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id -Remove-EntraServicePrincipalKeyCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.Id -``` - -This example demonstrates how to remove a key credential from a service principal in Microsoft Entra ID. - -## Parameters - -### -KeyId - -Specifies the ID of a key credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of a service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipalKeyCredential](Get-EntraServicePrincipalKeyCredential.md) - -[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md deleted file mode 100644 index 70a63fe009..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Remove-EntraServicePrincipalOwner -description: This article provides details on the Remove-EntraServicePrincipalOwner command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipalOwner - -## Synopsis - -Removes an owner from a service principal. - -## Syntax - -```powershell -Remove-EntraServicePrincipalOwner - -OwnerId - -ServicePrincipalId - [] -``` - -## Description - -The `Remove-EntraServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Removes an owner from a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$ownership = Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id | Select-Object Id, userPrincipalName, DisplayName, '@odata.type' -$owner = $ownership | Where-Object {$_.userPrincipalName -eq 'SawyerM@Contoso.com' } -Remove-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.Id -OwnerId $owner.Id -``` - -This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the service principal Id. -- `-OwnerId` parameter specifies the service principal owner Id. - -## Parameters - -### -ServicePrincipalId - -Specifies the ID of a service principal. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OwnerId - -Specifies the ID of the owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) - -[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md deleted file mode 100644 index 3de0f422a1..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: Remove-EntraServicePrincipalPasswordCredential -description: This article provides details on the Remove-EntraServicePrincipalPasswordCredential command. - -ms.topic: reference -ms.date: 08/20/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential - -schema: 2.0.0 ---- - -# Remove-EntraServicePrincipalPasswordCredential - -## Synopsis - -Removes a password credential from a service principal. - -## Syntax - -```powershell -Remove-EntraServicePrincipalPasswordCredential - -ServicePrincipalId - -KeyId - [] -``` - -## Description - -The `Remove-EntraServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Remove a password credential from a service principal in Microsoft Entra ID - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$key = Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -$key = $key | Where-Object {$_.DisplayName -eq 'Helpdesk secret'} -Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId $servicePrincipal.Id -KeyId $key.KeyId -``` - -This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ServicePrincipalId of a specified Service Principal Password Credential. -- `-KeyId` parameter specifies the unique identifier of a Password Credential. - -## Parameters - -### -KeyId - -Specifies the unique identifier of password credential. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) - -[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md deleted file mode 100644 index c84a8d31ad..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md +++ /dev/null @@ -1,85 +0,0 @@ ---- -title: Reset-EntraLifeCycleGroup -description: This article provides details on the Reset-EntraLifeCycleGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup - -schema: 2.0.0 ---- - -# Reset-EntraLifeCycleGroup - -## Synopsis - -Renews a group by updating the RenewedDateTime property on a group to the current DateTime. - -## Syntax - -```powershell -Reset-EntraLifeCycleGroup - -Id - [] -``` - -## Description - -The `Reset-EntraLifeCycleGroup` renews a group by updating the RenewedDateTime property on a group to the current DateTime. -When a group is renewed, the group expiration is extended by the number of days defined in the policy. - -## Examples - -### Example 1: Renew a group - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" -Reset-EntraLifeCycleGroup -Id $group.Id -``` - -This example demonstrates how to renew a specified group. - -- `-Id` - Specifies the group Object ID. - -## Parameters - -### -Id - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### None - -## Outputs - -### System.Object - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md deleted file mode 100644 index a6bc86c07e..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Restore-EntraDeletedApplication -description: This article provides details on the Restore-EntraDeletedApplication command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Restore-EntraDeletedApplication - -schema: 2.0.0 ---- - -# Restore-EntraDeletedApplication - -## Synopsis - -Restores a previously deleted application. - -## Syntax - -```powershell -Restore-EntraDeletedApplication - [-IdentifierUris ] - -ObjectId - [] -``` - -## Description - -This cmdlet restores a previously deleted application. - -Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. - -For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. - -- Application Administrator -- Cloud Application Administrator -- Hybrid Identity Administrator - -## Examples - -### Example 1: Restores a previously deleted application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$deletedApplication = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' -Restore-EntraDeletedApplication -ObjectId $deletedApplication.Id -``` - -```Output -Id DeletedDateTime --- --------------- -ffffffff-5555-6666-7777-aaaaaaaaaaaa -``` - -This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraDeletedApplication` cmdlet. - -- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. - -## Parameters - -### -IdentifierUris - -The IdentifierUris of the application that is to be restored. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ObjectId - -The ObjectId of the deleted application that is to be restored. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Remove-EntraDeletedApplication](Remove-EntraDeletedApplication.md) - -[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md deleted file mode 100644 index 35a1f6c7e8..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: Select-EntraGroupIdsContactIsMemberOf -description: This article provides details on the Select-EntraGroupIdsContactIsMemberOf command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf - -schema: 2.0.0 ---- - -# Select-EntraGroupIdsContactIsMemberOf - -## Synopsis - -Get groups in which a contact is a member. - -## Syntax - -```powershell -Select-EntraGroupIdsContactIsMemberOf - -ObjectId - -GroupIdsForMembershipCheck - [] -``` - -## Description - -The `Select-EntraGroupIdsContactIsMemberOf` cmdlet gets groups in Microsoft Entra ID in which a contact is a member. - -## Examples - -### Example 1: Get groups in which a contact is a member - -```powershell -Connect-Entra -Scopes 'OrgContact.Read.All,Group.Read.All' -$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck -$group.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Sales and Marketing'").Id -$contact = Get-EntraContact -Filter "displayName eq 'Contoso Admin'" -Select-EntraGroupIdsContactIsMemberOf -ObjectId $contact.Id -GroupIdsForMembershipCheck $group -``` - -This example demonstrates how to get groups in which a contact is a member. - -- `-ObjectId` parameter specifies the contact Object ID. -- `-GroupIdsForMembershipCheck` parameter specifies the group Object ID. - -## Parameters - -### -GroupIdsForMembershipCheck - -Specifies an array of group object IDs. - -```yaml -Type: GroupIdsForMembershipCheck -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the object ID of a contact in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraContact](Get-EntraContact.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md deleted file mode 100644 index 17a5f36fb4..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: Select-EntraGroupIdsGroupIsMemberOf -description: This article provides details on the Select-EntraGroupIdsGroupIsMemberOf command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf - -schema: 2.0.0 ---- - -# Select-EntraGroupIdsGroupIsMemberOf - -## Synopsis - -Gets group IDs that a group is a member of. - -## Syntax - -```powershell -Select-EntraGroupIdsGroupIsMemberOf - -ObjectId - -GroupIdsForMembershipCheck - [] -``` - -## Description - -The `Select-EntraGroupIdsGroupIsMemberOf` cmdlet gets the groups that a specified group is a member of in Microsoft Entra ID. - -## Examples - -### Example 1: Get the group membership of a group for a group - -```powershell -Connect-Entra -Scopes 'GroupMember.Read.All' -$groupObject = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck -$groupObject.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Tailspin Toys'").Id -$group = Get-EntraGroup -Filter "displayName eq 'sg-Legal'" -Select-EntraGroupIdsGroupIsMemberOf -ObjectId $group.Id -GroupIdsForMembershipCheck $groupObject -``` - -This example gets the group membership of a group identified by $GroupId. Use `Get-EntraGroup` cmdlet to obtain group `ObjectId` value. - -- `-ObjectId` parameter specifies the group ID. -- `-GroupIdsForMembershipCheck` Specifies an array of group object IDs. - -## Parameters - -### -GroupIdsForMembershipCheck - -Specifies an array of group object IDs. - -```yaml -Type: GroupIdsForMembershipCheck -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a group in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md deleted file mode 100644 index ba5d2d2e3a..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Select-EntraGroupIdsServicePrincipalIsMemberOf -description: This article provides details on the Select-EntraGroupIdsServicePrincipalIsMemberOf command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf - -schema: 2.0.0 ---- - -# Select-EntraGroupIdsServicePrincipalIsMemberOf - -## Synopsis - -Selects the groups in which a service principal is a member. - -## Syntax - -```powershell -Select-EntraGroupIdsServicePrincipalIsMemberOf - -ObjectId - -GroupIdsForMembershipCheck - [] -``` - -## Description - -The `Select-EntraGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. - -## Examples - -### Example 1: Get the group membership of a group for a service principal - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck -$group.GroupIds = (Get-EntraGroup -Top 10).Id -$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" -Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $servicePrincipal.Id -GroupIdsForMembershipCheck $group -``` - -```Output -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -``` - -This command gets the group membership of a group for a specified service principal. Use the command `Get-EntraGroup` to get group Id and `Get-EntraServicePrincipal` to get service principal Id. - -- `-ObjectId` parameter specifies the service principal Id. -- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. - -## Parameters - -### -GroupIdsForMembershipCheck - -Specifies an array of group object IDs. - -```yaml -Type: GroupIdsForMembershipCheck -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md deleted file mode 100644 index b9e50aa590..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Select-EntraGroupIdsUserIsMemberOf -description: This article provides details on the Select-EntraGroupIdsUserIsMemberOf command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf - -schema: 2.0.0 ---- - -# Select-EntraGroupIdsUserIsMemberOf - -## Synopsis - -Selects the groups that a user is a member of. - -## Syntax - -```powershell -Select-EntraGroupIdsUserIsMemberOf - -ObjectId - -GroupIdsForMembershipCheck - [] -``` - -## Description - -The `Select-EntraGroupIdsUserIsMemberOf` cmdlet selects the groups that a user is a member of in Microsoft Entra ID. - -## Examples - -### Example 1: Get the group membership of a group for a user - -```powershell -Connect-Entra -Scopes 'Application.Read.All' -$myGroup = Get-EntraGroup -Filter "DisplayName eq ''" -$UserId = 'SawyerM@contoso.com' -$groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck -$groups.GroupIds = $myGroup.Id -Select-EntraGroupIdsUserIsMemberOf -ObjectId 'SawyerM@contoso.com' -GroupIdsForMembershipCheck $groups -``` - -```Output -aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb -``` - -This example retrieves the group membership of a group for a user. - -- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). -- `-GroupIdsForMembershipCheck` parameter specifies the group Object Ids. - -## Parameters - -### -GroupIdsForMembershipCheck - -Specifies an array of group object IDs. - -```yaml -Type: GroupIdsForMembershipCheck -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ObjectId - -Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md deleted file mode 100644 index 4322f711fa..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md +++ /dev/null @@ -1,125 +0,0 @@ ---- -title: Set-EntraAdministrativeUnit -description: This article provides details on the Set-EntraAdministrativeUnit command. - -ms.topic: reference -ms.date: 06/19/2023 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit - -schema: 2.0.0 ---- - -# Set-EntraAdministrativeUnit - -## Synopsis - -Updates an administrative unit. - -## Syntax - -```powershell -Set-EntraAdministrativeUnit - -AdministrativeUnitId - [-Description ] - [-DisplayName ] - [] -``` - -## Description - -The `Set-EntraAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. - -In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. - -The Privileged Role Administrator is the least privileged role required for this operation. - -## Examples - -### Example 1: Update DisplayName and description - -```powershell -Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' -$administrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq 'Pacific Administrative Unit'" -Set-EntraAdministrativeUnit -AdministrativeUnitId $administrativeUnit.Id -DisplayName 'Pacific Admin Unit' -Description 'Pacific Admin Unit Description' -``` - -This Command update DisplayName of specific administrative unit. - -- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. -- `-DisplayName` parameter specifies the display name for the administrative unit. -- `-Description` parameter specifies the description for the administrative unit. - -## Parameters - -### -Description - -Specifies a description. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies a display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AdministrativeUnitId - -Specifies the Id of an administrative unit in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) - -[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) - -[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md deleted file mode 100644 index 03f10f4cce..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md +++ /dev/null @@ -1,484 +0,0 @@ ---- -title: Set-EntraApplication -description: This article provides details on the Set-EntraApplication command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplication - -schema: 2.0.0 ---- - -# Set-EntraApplication - -## Synopsis - -Updates the properties of an application object. - -## Syntax - -```powershell -Set-EntraApplication - -ApplicationId - [-PasswordCredentials ] - [-TokenEncryptionKeyId ] - [-SignInAudience ] - [-KeyCredentials ] - [-ParentalControlSettings ] - [-IdentifierUris ] - [-AppRoles ] - [-PublicClient ] - [-InformationalUrl ] - [-Tags ] - [-Api ] - [-OptionalClaims ] - [-GroupMembershipClaims ] - [-Web ] - [-DisplayName ] - [-IsFallbackPublicClient ] - [-IsDeviceOnlyAuthSupported ] - [-RequiredResourceAccess ] - [] -``` - -## Description - -Updates the properties of an application object. - -## Examples - -### Example 1: Update an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$params = @{ - ApplicationId = $application.Id - DisplayName = 'Contoso Entra PowerShell App Production' - IdentifierUris = 'https://contoso.com' - GroupMembershipClaims = 'SecurityGroup' - IsDeviceOnlyAuthSupported = $False - Tags = 'mytag' -} -Set-EntraApplication @params -``` - -This command updates an application in Microsoft Entra ID. - -### Example 2: Update an application using IdentifierUris parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraApplication -ApplicationId $application.Id -IdentifierUris 'https://mynewapp.contoso.com' -``` - -This command updates an application in Microsoft Entra ID. - -### Example 3: Update an application using GroupMembershipClaims parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraApplication -ApplicationId $application.Id -GroupMembershipClaims 'SecurityGroup' -``` - -This command updates an application in Microsoft Entra ID. - -### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraApplication -ApplicationId $application.Id -IsDeviceOnlyAuthSupported $False -``` - -This command updates an application in Microsoft Entra ID. - -### Example 5: Update an application using Tags parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraApplication -ApplicationId $application.Id -Tags 'mytag' -``` - -This command updates an application in Microsoft Entra ID. - -## Parameters - -### -Api - -Specifies settings for an application that implements a web API. - -```yaml -Type: ApiApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoles - -The collection of application roles that an application might declare. - -These roles can be assigned to users, groups, or service principals. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupMembershipClaims - -Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IdentifierUris - -Specifies identifier Uniform Resource Identifiers (URIs). - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -InformationalUrl - -Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. - -The terms of service and privacy statement are surfaced to users through the user consent experience. - -```yaml -Type: InformationalUrl -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsDeviceOnlyAuthSupported - -Specifies if the application supports authentication using a device token. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsFallbackPublicClient - -Specifies the fallback application type as public client, such as an installed application running on a mobile device. - -The default value is `false` that means the fallback application type is confidential client such as web app. - -There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). - -In those cases Microsoft Entra ID interprets the application type based on the value of this property. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -Specifies key credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ApplicationId - -Specifies the ID of an application in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -OptionalClaims - -Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. - -```yaml -Type: OptionalClaims -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ParentalControlSettings - -Specifies parental control settings for an application. - -```yaml -Type: ParentalControlSettings -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PasswordCredentials - -Specifies password credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PublicClient - -Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. - -```yaml -Type: PublicClientApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -RequiredResourceAccess - -Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. - -This pre-configuration of required resource access drives the consent experience. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -SignInAudience - -Specifies what Microsoft accounts are supported for the current application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Custom strings that can be used to categorize and identify the application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -TokenEncryptionKeyId - -Specifies the keyId of a public key from the keyCredentials collection. - -When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. - -The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Web - -Specifies settings for a web application. - -```yaml -Type: WebApplication -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### Boolean - -### Microsoft.Open.MSGraph.Model.ApiApplication - -### Microsoft.Open.MSGraph.Model.InformationalUrl - -### Microsoft.Open.MSGraph.Model.OptionalClaims - -### Microsoft.Open.MSGraph.Model.ParentalControlSettings - -### Microsoft.Open.MSGraph.Model.PublicClientApplication - -### Microsoft.Open.MSGraph.Model.WebApplication - -### String - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] - -### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] - -### System.Collections.Generic.List`1[System.String] - -### System.Nullable`1[System.Boolean] - -## Outputs - -## Notes - -## Related Links - -[Get-EntraApplication](Get-EntraApplication.md) - -[New-EntraApplication](New-EntraApplication.md) - -[Remove-EntraApplication](Remove-EntraApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md deleted file mode 100644 index d0a5dac0f9..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md +++ /dev/null @@ -1,122 +0,0 @@ ---- -title: Set-EntraApplicationLogo -description: This article provides details on the Set-EntraApplicationLogo command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplicationLogo - -schema: 2.0.0 ---- - -# Set-EntraApplicationLogo - -## Synopsis - -Sets the logo for an Application - -## Syntax - -### File (Default) - -```powershell -Set-EntraApplicationLogo - -ApplicationId - -FilePath - [] -``` - -### Stream - -```powershell -Set-EntraApplicationLogo - -ApplicationId - [] -``` - -### ByteArray - -```powershell -Set-EntraApplicationLogo - -ApplicationId - [] -``` - -## Description - -The `Set-EntraApplicationLogo` cmdlet is used to set the logo for an application. - -## Examples - -### Example 1: Sets the application logo for the application specified by the ApplicationId parameter - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -Set-EntraApplicationLogo -ApplicationId $application.Id -FilePath 'D:\applogo.jpg' -``` - -This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. - -## Parameters - -### -FilePath - -The file path of the file that is to be uploaded as the application logo. - -```yamlset-EntraApplicationLogo -Type: System.String -Parameter Sets: File -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ApplicationId - -The ApplicationId of the Application for which the logo is set. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -System.IO.Stream System.Byte\[\] - -## Outputs - -### System.Object - -## Notes - -File uploads must be smaller than 500KB. - -## Related Links - -[Get-EntraApplicationLogo](Get-EntraApplicationLogo.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md deleted file mode 100644 index 3f88a98947..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Set-EntraApplicationVerifiedPublisher -description: This article provides details on the Set-EntraApplicationVerifiedPublisher command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher - -schema: 2.0.0 ---- - -# Set-EntraApplicationVerifiedPublisher - -## Synopsis - -Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. - -## Syntax - -```powershell -Set-EntraApplicationVerifiedPublisher - -AppObjectId - -SetVerifiedPublisherRequest - [] -``` - -## Description - -Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. - -## Examples - -### Example 1: Set the verified publisher of an application - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All' -$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" -$mpnId = '0433167' -$req = @{verifiedPublisherId = $mpnId} -Set-EntraApplicationVerifiedPublisher -AppObjectId $application.Id -SetVerifiedPublisherRequest $req -``` - -This command sets the verified publisher of an application. - -The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. - -- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. -- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. - -## Parameters - -### -AppObjectId - -The unique identifier of a Microsoft Entra ID Application object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -SetVerifiedPublisherRequest - -A request body object containing the verifiedPublisherId property it's the MPNID value. - -```yaml -Type: SetVerifiedPublisherRequest -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### String - -## Outputs - -## Notes - -## Related Links - -[Remove-EntraApplicationVerifiedPublisher](Remove-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md deleted file mode 100644 index 89bea7d248..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md +++ /dev/null @@ -1,286 +0,0 @@ ---- -title: Set-EntraGroup -description: This article provides details on the Set-EntraGroup command. - - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraGroup - -schema: 2.0.0 ---- - -# Set-EntraGroup - -## Synopsis - -Sets the properties for an existing Microsoft Entra ID group. - -## Syntax - -```powershell -Set-EntraGroup - -GroupId - [-DisplayName ] - [-GroupTypes ] - [-SecurityEnabled ] - [-Description ] - [-MailEnabled ] - [-MailNickname ] - [-Visibility ] - [-IsAssignableToRole ] - [] -``` - -## Description - -The `Set-EntraGroup` cmdlet sets the properties for an existing Microsoft Entra ID group. Specify the `GroupId` parameter to set the properties for an existing Microsoft Entra ID group. - -## Examples - -### Example 1: Update a group display name - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -DisplayName 'Global HelpDesk Team Leaders' -``` - -This command updates the display name of a specified group in Microsoft Entra ID. - -### Example 2: Update a group description - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" | Set-EntraGroup -Description 'HelpDesk Team Leaders Global' -``` - -This example demonstrates how to update a group description. - -### Example 3: Update a group mail nickname - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -MailNickName 'newnickname' -``` - -This command updates the mail nickname of a specified group in Microsoft Entra ID. - -### Example 4: Update a group security enabled - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -SecurityEnabled $True -``` - -This command updates the security enabled of a specified group in Microsoft Entra ID. - -### Example 5: Update a group mail enabled - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -MailEnabled $False -``` - -This example demonstrates how to update a group main enabled. - -### Example 6: Update a property for a group - -```powershell -Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -Visibility 'Private' -GroupTypes 'DynamicMembership' -IsAssignableToRole $True -``` - -This example demonstrates how to update a property for an existing Microsoft Entra ID group. - -## Parameters - -### -Description - -Specifies a description for the group. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies a display name for the group. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupTypes - -Specifies that the group is a dynamic group. -To create a dynamic group, specify a value of DynamicMembership. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupId - -Specifies the object ID of a group. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -MailEnabled - -Indicates whether this group is mail enabled. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -MailNickname - -Specifies a mail nickname for the group. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -SecurityEnabled - -Indicates whether the group is security enabled. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Visibility - -Specifies the visibility of the group's content and members list. -This parameter can take one of the following values: - -* "Public": Anyone can view the contents of the group. -* "Private": Only members can view the content of the group. -* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group. - -If no value is provided, the default value is "Public." - -Notes: - -* This parameter is only valid for groups that have the groupType set to "Unified." -* If a group has this attribute set to "HiddenMembership," it can't be changed later. -* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsAssignableToRole - -This property can only be set at the time of group creation and can't be modified on an existing group. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related links - -[Get-EntraGroup](Get-EntraGroup.md) - -[New-EntraGroup](New-EntraGroup.md) - -[Remove-EntraGroup](Remove-EntraGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md deleted file mode 100644 index f423e739d2..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md +++ /dev/null @@ -1,154 +0,0 @@ ---- -title: Set-EntraGroupLifecyclePolicy -description: This article provides details on the Set-EntraGroupLifecyclePolicy command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy - -schema: 2.0.0 ---- - -# Set-EntraGroupLifecyclePolicy - -## Synopsis - -Updates a specific group Lifecycle Policy in Microsoft Entra ID. - -## Syntax - -```powershell -Set-EntraGroupLifecyclePolicy - -GroupLifecyclePolicyId - [-AlternateNotificationEmails ] - [-GroupLifetimeInDays ] - [-ManagedGroupTypes ] - [] -``` - -## Description - -The `Set-EntraGroupLifecyclePolicy` command updates a specific group Lifecycle Policy in Microsoft Entra ID. - -## Examples - -### Example 1: Updates group lifecycle policy - -```powershell -Connect-Entra -Scopes 'Directory.ReadWrite.All' -$policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} -Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id -GroupLifetimeInDays 200 -AlternateNotificationEmails 'example@contoso.com' -ManagedGroupTypes 'All' -``` - -```Output -Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes --- --------------------------- ------------------- ----------------- -ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 All -``` - -This example updates the specified groupLifecyclePolicy in Microsoft Entra ID. - -- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy to be modified. -- `-GroupLifetimeInDays` parameter specifies the lifetime of the groups in the policy to 200 days. The GroupLifetimeInDays represents the number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the number of days defined. -- `-AlternateNotificationEmails` parameter specifies the email address that receives notifications about the policy. Multiple email address can be defined by separating email address with a semicolon. -- `-ManagedGroupTypes` parameter specifies which office 365 groups the policy applies to. Possible values are `All`, `Selected`, or `None`. -In this case, 'All' suggests that the policy manages all types of groups. - -## Parameters - -### -AlternateNotificationEmails - -Notification emails for groups that have no owners are sent to these email addresses. -List of email addresses separated by a ";". - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupLifetimeInDays - -The number of days a group can exist before it needs to be renewed. - -```yaml -Type: System.Int32 -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -GroupLifecyclePolicyId - -Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: Id - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -ManagedGroupTypes - -Allows the admin to select which office 365 groups the policy applies to. - -- "None" will create the policy in a disabled state. -- "All" will apply the policy to every Office 365 group in the tenant. -- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -### System.String - -## Outputs - -### System.Object - -## Notes - -## Related Links - -[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) - -[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) - -[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md deleted file mode 100644 index 9f5e238eb2..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md +++ /dev/null @@ -1,211 +0,0 @@ ---- -title: Set-EntraPolicy -description: This article provides details on the Set-EntraPolicy command. - -ms.topic: reference -ms.date: 07/22/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: -schema: 2.0.0 ---- - -# Set-EntraPolicy - -## Synopsis - -Updates a policy. - -## Syntax - -```powershell -Set-EntraPolicy - -Id - [-Definition ] - [-DisplayName ] - [-Type ] - [-IsOrganizationDefault ] - [] -``` - -## Description - -The `Set-EntraPolicy` cmdlet sets a policy in Microsoft Entra ID. Specify `Id` parameter to updates specific policy. - -## Examples - -### Example 1: Update a policy display name - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' -$params = @{ - Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' - DisplayName = 'NewUpdated' -} -Set-EntraPolicy @params -``` - -This command updates display name of the specified policy in Microsoft Entra ID. - -- `-Id` specifies the ID of the policy for which you want to set values. - -- `DisplayName` specifies the display name. - -### Example 2: Update a policy definition - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' -$params = @{ - Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' - Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') -} -Set-EntraPolicy @params -``` - -This command updates definition of the specified policy in Microsoft Entra ID. - -- `-Id` specifies the ID of the policy for which you want to set values. - -- `Definition` specifies the array of stringified JSON that contains all the rules of the policy. -In this example, `@('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')` represents definition of the activityBasedTimeoutPolicy. - -### Example 3: Update a policy organization default - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' -$params = @{ - Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' - IsOrganizationDefault = $false -} -Set-EntraPolicy @params -``` - -This command updates organization default of the specified policy in Microsoft Entra ID. - -- `-Id` specifies the ID of the policy for which you want to set values. - -- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. - -### Example 4: Update policy type - -```powershell -Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' -$params = @{ - Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' - Type = 'ActivityBasedTimeoutPolicy' -} -Set-EntraPolicy @params -``` - -This example demonstrates how to update the `type` property of a specified policy in Microsoft Entra ID. - -- `-Id` specifies the ID of the policy for which you want to set values. - -- `-Type` specifies the type of policy. In this example, `ActivityBasedTimeoutPolicy` represents the type of policy. - -## Parameters - -### -Definition - -Specifies the array of stringified JSON that contains all the rules of the policy. -For example -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}'). - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -IsOrganizationDefault - -True if this policy is the organizational default. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Type - -Specifies the type of policy. -For token lifetimes, use "TokenLifetimePolicy." - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Id - -The ID of the policy for which you want to set values. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraPolicy](Get-EntraPolicy.md) - -[New-EntraPolicy](New-EntraPolicy.md) - -[Remove-EntraPolicy](Remove-EntraPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md deleted file mode 100644 index 1b8bf6e164..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md +++ /dev/null @@ -1,415 +0,0 @@ ---- -title: Set-EntraServicePrincipal -description: This article provides details on the Set-EntraServicePrincipal command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraServicePrincipal - -schema: 2.0.0 ---- - -# Set-EntraServicePrincipal - -## Synopsis - -Updates a service principal. - -## Syntax - -```powershell -Set-EntraServicePrincipal - -ServicePrincipalId - [-KeyCredentials ] - [-Homepage ] - [-AppId ] - [-LogoutUrl ] - [-ServicePrincipalType ] - [-AlternativeNames ] - [-PasswordCredentials ] - [-PreferredSingleSignOnMode ] - [-Tags ] - [-AccountEnabled ] - [-ServicePrincipalNames ] - [-AppRoleAssignmentRequired ] - [-DisplayName ] - [-ReplyUrls ] - [] -``` - -## Description - -The `Set-EntraServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. - -## Examples - -### Example 1: Disable the account of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AccountEnabled $false -``` - -This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-AccountEnabled` parameter specifies indicates whether the account is enabled. - -### Example 2: Update Homepage of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$homePage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -Homepage $homePage -``` - -This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-AppId` parameter specifies the application ID. -- `-Homepage` parameter specifies the home page or landing page of the application. - -### Example 3: Update AlternativeNames and DisplayName of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -AlternativeNames 'Helpdesk Application Global' -DisplayName 'NewName' -``` - -This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. - -### Example 4: Update LogoutUrl and ReplyUrls of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$logoutUrl = 'https://securescore.office.com/SignOut' -$replyUrls = 'https://admin.contoso.com' -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -LogoutUrl $logoutUrl -ReplyUrls $replyUrls -``` - -This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-LogoutUrl` parameter specifies the sign out URL. -- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. - -### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -ServicePrincipalType 'Application' -AppRoleAssignmentRequired $True -``` - -This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-ServicePrincipalType` parameter specifies the service principal type. -- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. - -### Example 6: Update KeyCredentials of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential -$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') -$startdate = Get-Date -Year 2024 -Month 10 -Day 10 -$creds.StartDate = $startdate -$creds.Type = 'Symmetric' -$creds.Usage = 'Sign' -$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') -$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -KeyCredentials $creds -``` - -This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. - -Use the `New-EntraServicePrincipalPasswordCredential` and `Remove-EntraServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. - -### Example 7: Update PreferredSingleSignOnMode of a service principal - -```powershell -Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' -$servicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'Helpdesk Application'" -Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.Id -PreferredSingleSignOnMode 'saml' -``` - -This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. - -- `-ServicePrincipalId` parameter specifies the ID of a service principal. -- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. - -## Parameters - -### -AccountEnabled - -Indicates whether the account is enabled. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AlternativeNames - -The alternative names for this service principal. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppId - -Specifies the application ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -AppRoleAssignmentRequired - -Indicates whether an application role assignment is required. - -```yaml -Type: System.Boolean -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -DisplayName - -Specifies the display name. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Homepage - -Specifies the home page or landing page of the application. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -KeyCredentials - -Specifies key credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -LogoutUrl - -Specifies the sign out URL. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalId - -Species the ID of a service principal in Microsoft Entra ID. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: ObjectId - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### -PasswordCredentials - -Specifies password credentials. - -```yaml -Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -PreferredSingleSignOnMode - -Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ReplyUrls - -The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalNames - -Specifies service principal names. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ServicePrincipalType - -The service principal type. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -Tags - -Specifies an array of tags. - -If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. - -```yaml -Type: System.Collections.Generic.List`1[System.String] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) - -[New-EntraServicePrincipal](New-EntraServicePrincipal.md) - -[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md deleted file mode 100644 index c5a2cd40ee..0000000000 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Set-EntraUserExtension -description: This article provides details on the Set-EntraUserExtension command. - -ms.topic: reference -ms.date: 06/26/2024 -ms.author: eunicewaweru -ms.reviewer: stevemutungi -manager: CelesteDG -author: msewaweru - -external help file: Microsoft.Graph.Entra-Help.xml -Module Name: Microsoft.Graph.Entra -online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraUserExtension - -schema: 2.0.0 ---- - -# Set-EntraUserExtension - -## Synopsis - -Sets a user extension. - -## Syntax - -```powershell -Set-EntraUserExtension - -ObjectId - [] -``` - -## Description - -The `Set-EntraUserExtension` cmdlet updates a user extension in Microsoft Entra ID. - -## Examples - -### Example 1: Set the value of an extension attribute for a user - -```powershell -Connect-Entra -Scopes 'User.ReadWrite.All' -$params = @{ - ObjectId = 'SawyerM@contoso.com' - ExtensionName = 'extension_e5e29b8a85d941eab8d12162bd004528_extensionAttribute8' - ExtensionValue = 'New Value' -} -Set-EntraUserExtension @params -``` - -This example shows how to update the value of the extension attribute for a specified user. - -- `-ObjectId` parameter specifies the user Id. -- `-ExtensionName` parameter specifies the name of an extension. -- `-ExtensionValue` parameter specifies the extension name values. - -## Parameters - -### -ObjectId - -Specifies the ID of an object. - -```yaml -Type: System.String -Parameter Sets: (All) -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: True (ByPropertyName, ByValue) -Accept wildcard characters: False -``` - -### CommonParameters - -This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). - -## Inputs - -## Outputs - -## Notes - -## Related Links - -[Get-EntraUser](Get-EntraUser.md) - -[Get-EntraUserExtension](Get-EntraUserExtension.md) - -[Remove-EntraUserExtension](Remove-EntraUserExtension.md) diff --git a/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditDirectoryLog.md b/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditDirectoryLog.md new file mode 100644 index 0000000000..924acdd12d --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditDirectoryLog.md @@ -0,0 +1,179 @@ +--- +title: Get-EntraAuditDirectoryLog +description: This article provides details on the Get-EntraAuditDirectoryLog command. + + +ms.topic: reference +ms.date: 07/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Reports-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAuditDirectoryLog +schema: 2.0.0 +--- + +# Get-EntraAuditDirectoryLog + +## Synopsis + +Get directory audit logs. + +## Syntax + +```powershell +Get-EntraAuditDirectoryLog +[-All] +[-Top ] +[-Filter ] +[] +``` + +## Description + +The `Get-EntraAuditDirectoryLog` cmdlet gets a Microsoft Entra ID audit log. + +Retrieve audit logs from Microsoft Entra ID, covering logs from various services such as user, app, device, and group management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (SSPR and admin resets), and self-service group management. + +## Examples + +### Example 1: Get all logs + +```powershell + Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' + Get-EntraAuditDirectoryLog -All +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd +Directory_bbbbbbbb-1111-2222-3333-cccccccccccc 17/07/2024 07:31:54 Update user UserManagement bbbb1111-cc22-3333-44dd-555555eeeeee +SSGM_cccccccc-2222-3333-4444-dddddddddddd 17/07/2024 07:13:08 GroupsODataV4_GetgroupLifecyclePolicies GroupManagement cccc2222-dd33-4444-55ee-666666ffffff + +``` + +This command gets all audit logs. + +### Example 2: Get first n logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId LoggedB + yServic + e +-- ---------------- ------------------- -------- ------------- ------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb_8IAPT_617717139 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd Core... + +``` + +This example returns the first N logs. + +### Example 3: Get audit logs containing a given ActivityDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Filter "ActivityDisplayName eq 'Update rollout policy of feature'" -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Application Proxy_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 16/07/2024 05:13:49 Update rollout policy of feature Authentication aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This command shows how to get audit logs by ActivityDisplayName. + +### Example 4: Get all audit logs with a given result + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Filter "result eq 'failure'" -All +``` + +This command shows how to get audit logs by the result. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraAuditDirectoryLogs` is an alias for `Get-EntraAuditDirectoryLog`. + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditSignInLog.md b/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditSignInLog.md new file mode 100644 index 0000000000..5ab1c4ec73 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Reports/Get-EntraAuditSignInLog.md @@ -0,0 +1,213 @@ +--- +title: Get-EntraAuditSignInLog +description: This article provides details on the Get-EntraAuditSignInLog command. + + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Reports-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAuditSignInLog +schema: 2.0.0 +--- + +# Get-EntraAuditSignInLog + +## Synopsis + +Get audit logs of sign-ins. + +## Syntax + +```powershell +Get-EntraAuditSignInLog + [-SignInId] + [-All] + [-Top ] + [-Filter ] + [] +``` + +## Description + +The `Get-EntraAuditSignInLog` cmdlet gets the Microsoft Entra ID sign-in log. + +In addition to delegated permissions, the signed-in user must belong to at least one of the following Microsoft Entra roles to read sign-in reports: + +- Global Reader +- Reports Reader +- Security Administrator +- Security Operator +- Security Reader + +## Examples + +### Example 1: Get all logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -All +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +cccccccc-2222-3333-4444-dddddddddddd Azure Active Directory PowerShell 22223333-cccc-4444-dddd-5555eeee6666 {} none +dddddddd-3333-4444-5555-eeeeeeeeeeee Azure Active Directory PowerShell 33334444-dddd-5555-eeee-6666ffff7777 {} none +``` + +This example returns all audit logs of sign-ins. + +### Example 2: Get the first two logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Top 2 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +``` + +This example returns the first two audit logs of sign-ins. + +### Example 3: Get audit logs containing a given AppDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Filter "AppDisplayName eq 'Graph Explorer'" -Top 1 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 +``` + +This example demonstrates how to retrieve sign-in logs by AppDisplayName. + +### Example 4: Get all sign-in logs between dates + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Filter "createdDateTime ge 2024-07-01T00:00:00Z and createdDateTime le 2024-07-14T23:59:59Z" +``` + +This example shows how to retrieve sign-in logs between dates. + +### Example 5: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +## Parameters + +### -SignInId + +Specifies unique ID of the Audit Log. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraAuditSignInLogs` is an alias for `Get-EntraAuditSignInLog`. + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraAuthorizationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraAuthorizationPolicy.md new file mode 100644 index 0000000000..cfea8dd06a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraAuthorizationPolicy.md @@ -0,0 +1,156 @@ +--- +title: Get-EntraAuthorizationPolicy +description: This article provides details on the Get-EntraAuthorizationPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraAuthorizationPolicy + +schema: 2.0.0 +--- + +# Get-EntraAuthorizationPolicy + +## Synopsis + +Gets an authorization policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraAuthorizationPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraAuthorizationPolicy + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraAuthorizationPolicy` cmdlet gets a Microsoft Entra ID authorization policy. + +## Examples + +### Example 1: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraAuthorizationPolicy +``` + +```Output +DeletedDateTime Description DisplayName Id AllowEmailVerifiedUsersToJoinOrganization AllowI + nvites + From +--------------- ----------- ----------- -- ----------------------------------------- ------ + Used to manage authorization related settings across the company. Authorization Policy authorizationPolicy True every… +``` + +This example gets the Microsoft Entra ID authorization policy. + +### Example 2: Get an authorization policy by ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraAuthorizationPolicy -Id 'authorizationPolicy' | Format-List +``` + +```Output +allowInvitesFrom : everyone +allowUserConsentForRiskyApps : +id : authorizationPolicy +defaultUserRolePermissions : @{allowedToCreateSecurityGroups=True; allowedToReadBitlockerKeysForOwnedDevice=True; allowedToCreateTenants=True; + allowedToReadOtherUsers=True; allowedToCreateApps=False; permissionGrantPoliciesAssigned=System.Object[]} +blockMsolPowerShell : False +guestUserRoleId : a0b1b346-4d3e-4e8b-98f8-753987be4970 +displayName : Authorization Policy +@odata.context : https://graph.microsoft.com/v1.0/$metadata#policies/authorizationPolicy/$entity +allowedToSignUpEmailBasedSubscriptions : True +description : Used to manage authorization related settings across the company. +allowEmailVerifiedUsersToJoinOrganization : True +allowedToUseSSPR : True +DeletedDateTime : +AdditionalProperties : {} +``` + +This example gets the Microsoft Entra ID authorization policy. + +- `-Id` parameter specifies the unique identifier of the authorization policy. + +The response properties are: + +- `allowedToSignUpEmailBasedSubscriptions` - indicates whether users can sign up for email based subscriptions. +- `allowedToUseSSPR` - indicates whether administrators of the tenant can use the Self-Service Password Reset (SSPR). +- `allowEmailVerifiedUsersToJoinOrganization` - indicates whether a user can join the tenant by email validation. +- `allowInvitesFrom` - indicates who can invite guests to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. +- `allowUserConsentForRiskyApps` - indicates whether user consent for risky apps is allowed. Default value is `false`. We recommend that you keep the value set to `false`. +- `blockMsolPowerShell` - to disable the use of the MSOnline PowerShell module set this property to `true`. This also disables user-based access to the legacy service endpoint used by the MSOnline PowerShell module. This doesn't affect Microsoft Entra Connect or Microsoft Graph. +- `defaultUserRolePermissions` - specifies certain customizable permissions for default user role. +- `description` - description of this policy. +- `displayName` - display name for this policy. +- `enabledPreviewFeatures` - list of features enabled for private preview on the tenant. +- `guestUserRoleId` -represents role templateId for the role that should be granted to guests. Refer to List unifiedRoleDefinitions to find the list of available role templates. Currently following roles are supported: User (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest User (2af84b1e-32c8-42b7-82bc-daa82404023b). +- `permissionGrantPolicyIdsAssignedToDefaultUserRole` - indicates if user consent to apps is allowed, and if it is, the app consent policy that governs the permission for users to grant consent. Values should be in the format `managePermissionGrantsForSelf.{id}` for user consent policies or `managePermissionGrantsForOwnedResource.{id}` for resource-specific consent policies, where {id} is the id of a built-in or custom app consent policy. An empty list indicates user consent to apps is disabled. + +## Parameters + +### -Id + +Specifies the unique identifier of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraAuthorizationPolicy](Set-EntraAuthorizationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraConditionalAccessPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraConditionalAccessPolicy.md new file mode 100644 index 0000000000..9b904160c9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraConditionalAccessPolicy.md @@ -0,0 +1,135 @@ +--- +title: Get-EntraConditionalAccessPolicy +description: This article provides details on the Get-EntraConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Get-EntraConditionalAccessPolicy + +## Synopsis + +Gets a Microsoft Entra ID conditional access policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraConditionalAccessPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraConditionalAccessPolicy + -PolicyId + [-Property ] + [] +``` + +## Description + +This cmdlet allows an admin to get the Microsoft Entra ID conditional access policy. +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Retrieves a list of all conditional access policies in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraConditionalAccessPolicy +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State TemplateId +-- --------------- ----------- ----------- ---------------- ----- ---------- +eeeeeeee-4444-5555-6666-ffffffffffff 2/27/2024 6:23:21 AM ConditionalAccessPolicy 2/29/2024 2:41:17 PM disabled +ffffffff-5555-6666-7777-aaaaaaaaaaaa 2/27/2024 6:26:00 AM ConditionalAccessPolicy 2/29/2024 2:41:34 PM disabled +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 2/27/2024 6:30:48 AM ConditionalAccessPolicy 2/29/2024 2:43:53 PM disabled +``` + +This example retrieves a list of all conditional access policies in Microsoft Entra ID. + +### Example 2: Retrieves a conditional access policy in Microsoft Entra ID with given ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraConditionalAccessPolicy -PolicyId 'eeeeeeee-4444-5555-6666-ffffffffffff' +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State TemplateId +-- --------------- ----------- ----------- ---------------- ----- ---------- +eeeeeeee-4444-5555-6666-ffffffffffff 2/27/2024 6:23:21 AM ConditionalAccessPolicy 2/29/2024 2:41:17 PM disabled +``` + +This example retrieves a specified conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of a conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraConditionalAccessPolicy](New-EntraConditionalAccessPolicy.md) + +[Set-EntraConditionalAccessPolicy](Set-EntraConditionalAccessPolicy.md) + +[Remove-EntraConditionalAccessPolicy](Remove-EntraConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraFeatureRolloutPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraFeatureRolloutPolicy.md new file mode 100644 index 0000000000..750e6769d6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraFeatureRolloutPolicy.md @@ -0,0 +1,212 @@ +--- +title: Get-EntraFeatureRolloutPolicy +description: This article provides details on the Get-EntraFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraFeatureRolloutPolicy +schema: 2.0.0 +--- + +# Get-EntraFeatureRolloutPolicy + +## Synopsis + +Gets the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraFeatureRolloutPolicy + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraFeatureRolloutPolicy + [-SearchString ] + [] +``` + +### GetById + +```powershell +Get-EntraFeatureRolloutPolicy + -Id + [] +``` + +## Description + +The `Get-EntraFeatureRolloutPolicy` cmdlet allows an admin to get the policy for cloud authentication rollout (users moving from federation to cloud auth) in Microsoft Entra ID. + +This policy consists of one or two FeatureRolloutPolicy objects. These objects hold the groups assigned for cloud authentication (Pass-through authentication or Password Hash Sync) and groups assigned for Seamless single sign-on. + +## Examples + +### Example 1: Retrieves a list of all cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraFeatureRolloutPolicy +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Feature-Rollout-test Feature-Rollout-Policytest passwordHashSync False True +bbbbbbbb-1111-2222-3333-cccccccccccc Feature-Rollout-Policy change emailAsAlternateId False False +``` + +This command retrieves a list of all cloud authentication roll-out policies in Microsoft Entra ID. + +### Example 2: Retrieves cloud authentication roll-out in Microsoft Entra ID with given ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraFeatureRolloutPolicy -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output + +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Feature-Rollout-Policy change emailAsAlternateId False False + +``` + +This example retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +- `-Id` - Specify The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +### Example 3: Retrieves cloud authentication roll-out in Microsoft Entra ID with given Search String + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraFeatureRolloutPolicy -SearchString 'Feature-Rollout-Policy' +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Feature-Rollout-Policy change emailAsAlternateId False False +``` + +This command retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +### Example 4: Retrieves cloud authentication roll-out in Microsoft Entra ID with given Filter parameter + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraFeatureRolloutPolicy -Filter "Description eq 'Feature-Rollout-Policy'" +``` + +```Output + +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Feature-Rollout-Policy change emailAsAlternateId False False + +``` + +This command retrieves the policy for cloud authentication roll-out policy in Microsoft Entra ID. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.MsFeatureRolloutPolicy + +## Notes + +## Related Links + +[New-EntraFeatureRolloutPolicy](New-EntraFeatureRolloutPolicy.md) + +[Set-EntraFeatureRolloutPolicy](Set-EntraFeatureRolloutPolicy.md) + +[Remove-EntraFeatureRolloutPolicy](Remove-EntraFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraIdentityProvider.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraIdentityProvider.md new file mode 100644 index 0000000000..a7b815a3bb --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraIdentityProvider.md @@ -0,0 +1,140 @@ +--- +title: Get-EntraIdentityProvider +description: This article provides details on the Get-EntraIdentityProvider command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraIdentityProvider + +schema: 2.0.0 +--- + +# Get-EntraIdentityProvider + +## Synopsis + +This cmdlet is used to retrieve the configured identity providers in the directory. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraIdentityProvider + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraIdentityProvider + -IdentityProviderBaseId + [-Property ] + [] +``` + +## Description + +The `Get-EntraIdentityProvider` cmdlet is used to retrieve the identity providers that have been configured in the directory. +These identity providers can be used to allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. +The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be Microsoft, Google, Facebook, Amazon, or LinkedIn. + +## Examples + +### Example 1: Retrieve all identity providers + +```powershell +Connect-Entra -Scopes 'IdentityProvider.Read.All' +Get-EntraIdentityProvider +``` + +```Output +Id DisplayName +-- ----------- +AADSignup-OAUTH Directory Sign up +Google-OAUTH Test +EmailOtpSignup-OAUTH Email One Time Passcode +MSASignup-OAUTH Microsoft Account +``` + +This example retrieves the list of all configured identity providers and their properties. + +### Example 2: Retrieve identity provider by Id + +```powershell +Connect-Entra -Scopes 'IdentityProvider.Read.All' +Get-EntraIdentityProvider -IdentityProviderBaseId Google-OAUTH +``` + +```Output +Id DisplayName +-- ----------- +Google-OAUTH GoogleName +``` + +This example retrieves the properties for the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. + +## Parameters + +### -IdentityProviderBaseId + +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraNamedLocationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraNamedLocationPolicy.md new file mode 100644 index 0000000000..a32d07988e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraNamedLocationPolicy.md @@ -0,0 +1,138 @@ +--- +title: Get-EntraNamedLocationPolicy +description: This article provides details on the Get-EntraNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraNamedLocationPolicy + +schema: 2.0.0 +--- + +# Get-EntraNamedLocationPolicy + +## Synopsis + +Gets a Microsoft Entra ID named location policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraNamedLocationPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraNamedLocationPolicy + -PolicyId + [-Property ] + [] +``` + +## Description + +This cmdlet allows an admin to get the Microsoft Entra ID named location policies. + +Named locations are custom rules that define network locations, which can then be used in a Conditional Access policy. + +## Examples + +### Example 1: Retrieves a list of all named location policies in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraNamedLocationPolicy +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee 31/07/2024 9:53:10 NamedLocation 31/07/2024 9:53:10 +eeeeeeee-4444-5555-6666-ffffffffffff 31/07/2024 4:38:42 NamedLocation1 31/07/2024 4:38:42 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 01/08/2024 4:39:42 NamedLocation2 01/08/2024 4:39:42 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 01/08/2024 4:57:03 NamedLocation3 01/08/2024 4:57:03 +``` + +This command retrieves a list of all named location policies in Microsoft Entra ID. + +### Example 2: Retrieves a named location policy by Id + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraNamedLocationPolicy -PolicyId 'dddddddd-3333-4444-5555-eeeeeeeeeeee' +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee 3/1/2024 9:53:10 AM NamedLocation 3/1/2024 9:53:10 AM +``` + +This example retrieves a specified named location policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the policy Id of a named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraNamedLocationPolicy](New-EntraNamedLocationPolicy.md) + +[Set-EntraNamedLocationPolicy](Set-EntraNamedLocationPolicy.md) + +[Remove-EntraNamedLocationPolicy](Remove-EntraNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraOAuth2PermissionGrant.md new file mode 100644 index 0000000000..4699baea24 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraOAuth2PermissionGrant.md @@ -0,0 +1,193 @@ +--- +title: Get-EntraOAuth2PermissionGrant +description: This article provides details on the Get-EntraOAuth2PermissionGrant Command. + + +ms.topic: reference +ms.date: 10/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraOAuth2PermissionGrant + +## Synopsis + +Gets OAuth2PermissionGrant entities. + +## Syntax + +```powershell +Get-EntraOAuth2PermissionGrant + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraOAuth2PermissionGrant` cmdlet gets OAuth2PermissionGrant entities in Microsoft Entra ID. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader + +## Examples + +### Example 1: Get the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets the OAuth2 permission grants. + +### Example 2: Get all the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets all the OAuth2 permission grants. + +### Example 3: Get OAuth2 permission grants for a user in a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List +``` + +```Output +ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +ClientId : 22223333-cccc-4444-dddd-5555eeee6666 +ConsentType : Principal +Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222 +ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 +Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All +AdditionalProperties : {} +``` + +This example gets the OAuth2 permission grants for a user in a service principal. + + +### Example 4: Get top 2 OAuth2 permission grants record + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant -Top 2 +``` + +```output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +``` + +This command retrieves the top 2 OAuth2 permission grant records. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) + +[New-EntraOAuth2PermissionGrant](New-EntraOauth2PermissionGrant.md) + +[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantConditionSet.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantConditionSet.md new file mode 100644 index 0000000000..3c6e704e49 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantConditionSet.md @@ -0,0 +1,214 @@ +--- +title: Get-EntraPermissionGrantConditionSet +description: This article provides details on the Get-EntraPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Get-EntraPermissionGrantConditionSet + +## Synopsis + +Get a Microsoft Entra ID permission grant condition set by ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraPermissionGrantConditionSet + -ConditionSetType + -PolicyId + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraPermissionGrantConditionSet + -ConditionSetType + -Id + -PolicyId + [-Property ] + [] +``` + +## Description + +Get a Microsoft Entra ID permission grant condition set object by ID. + +## Examples + +### Example 1: Get all permission grant condition sets that are included in the permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' +} + +Get-EntraPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets all permission grant condition sets that are included in the policy. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. + +### Example 2: Get all permission grant condition sets that are excluded in the permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'excludes' +} + +Get-EntraPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +bbbbbbbb-1111-2222-3333-cccccccccccc False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +cccccccc-2222-3333-4444-dddddddddddd False {44445555-eeee-6666-ffff-7777gggg8888} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets all permission grant condition sets that are excluded in the policy. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. + +### Example 3: Get a permission grant condition set + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} + +Get-EntraPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command gets a permission grant condition set specified by Id. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of the permission grant condition set object. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Open.MSGraph.Model.PermissionGrantConditionSet + +## Notes + +## Related Links + +[New-EntraPermissionGrantConditionSet](New-EntraPermissionGrantConditionSet.md) + +[Set-EntraPermissionGrantConditionSet](Set-EntraPermissionGrantConditionSet.md) + +[Remove-EntraPermissionGrantConditionSet](Remove-EntraPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantPolicy.md new file mode 100644 index 0000000000..afafd21137 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPermissionGrantPolicy.md @@ -0,0 +1,134 @@ +--- +title: Get-EntraPermissionGrantPolicy +description: This article provides details on the Get-EntraPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Get-EntraPermissionGrantPolicy + +## Synopsis + +Gets a permission grant policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraPermissionGrantPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraPermissionGrantPolicy + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraPermissionGrantPolicy` cmdlet gets a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Get all permission grant policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +Get-EntraPermissionGrantPolicy +``` + +```Output +DeletedDateTime Description +--------------- ----------- + Includes all application permissions (app roles), for all APIs, for any client application. + Includes all chat resoruce-specific application permissions, for all APIs, for any client application. + (Deprecated) Includes all team resource-specific application permissions, for all APIs, for any client application. +``` + +This command gets all the permission grant policies. + +### Example 2: Get a permission grant policy by ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.PermissionGrant' +Get-EntraPermissionGrantPolicy -Id 'testtenant-sampleapp-permissions' +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + Permissions for sample app in test tenant Sample app permissions testtenant-sampleapp-permissions +``` + +This command gets the specified permission grant policy. + +- `Id` parameter specifies the permission grant policy ID. + +## Parameters + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraPermissionGrantPolicy](New-EntraPermissionGrantPolicy.md) + +[Set-EntraPermissionGrantPolicy](Set-EntraPermissionGrantPolicy.md) + +[Remove-EntraPermissionGrantPolicy](Remove-EntraPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPolicy.md new file mode 100644 index 0000000000..f328283f65 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraPolicy.md @@ -0,0 +1,196 @@ +--- +title: Get-EntraPolicy +description: This article provides details on the Get-EntraPolicy command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraPolicy + +schema: 2.0.0 +--- + +# Get-EntraPolicy + +## Synopsis + +Gets a policy. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraPolicy + [-Top ] + [-All] + [] +``` + +### GetById + +```powershell +Get-EntraPolicy + -Id + [-All] + [] +``` + +## Description + +The `Get-EntraPolicy` cmdlet gets a policy in Microsoft Entra ID. Specify `Id` parameter to get a policy. + +## Examples + +### Example 1: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraPolicy +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} Activepolicy bbbbbbbb-1111-2222-3333-cccccccccccc +{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} PolicyDemo aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example shows how to return all policies. + +### Example 2: Get policy using Display Name + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + Permissions consentable based on Microsoft's current recommendations. Microsoft User Default Recommended Policy microsoft-user-default-recommended +``` + +This example shows how to get a specific policy using Display Name. + +### Example 3: Get a policy with specific ID + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraPolicy -Id 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False True +``` + +This example demonstrated how to receive policy with specific ID. + +- `Id` parameter specifies the unique policy ID, which you want to receive. In this example, `bbbbbbbb-1111-2222-3333-cccccccccccc` represents the ID of the policy. + +### Example 4: Get all policies + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraPolicy -All +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} Activepolicy bbbbbbbb-1111-2222-3333-cccccccccccc +{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} PolicyDemo aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example demonstrates how to retrieve all policies in Microsoft Entra ID. + +### Example 5: Get the top one policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +Get-EntraPolicy -Top 1 +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False True +``` + +This example demonstrates how to retrieve top one policies in Microsoft Entra ID. + +## Parameters + +### -Id + +The Id of the policy you want to retrieve. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all policies. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraPolicy](New-EntraPolicy.md) + +[Remove-EntraPolicy](Remove-EntraPolicy.md) + +[Set-EntraPolicy](Set-EntraPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraTrustedCertificateAuthority.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraTrustedCertificateAuthority.md new file mode 100644 index 0000000000..39c0211645 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraTrustedCertificateAuthority.md @@ -0,0 +1,186 @@ +--- +title: Get-EntraTrustedCertificateAuthority +description: This article provides details on the Get-EntraTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Get-EntraTrustedCertificateAuthority + +## Synopsis + +Gets the trusted certificate authority. + +## Syntax + +```powershell +Get-EntraTrustedCertificateAuthority + [-TrustedIssuerSki ] + [-TrustedIssuer ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraTrustedCertificateAuthority` cmdlet gets the trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraTrustedCertificateAuthority +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl1 +DeltaCrlDistributionPoint : +TrustedCertificate : {48, 130, 3, 4...} +TrustedIssuer : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A + +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl +DeltaCrlDistributionPoint : https://deltaexample.crl +TrustedCertificate : {48, 130, 3, 4...} +TrustedIssuer : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : 69506400C9806497DCB48F160C31CFFEA87E544C + +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl +DeltaCrlDistributionPoint : +TrustedCertificate : {48, 130, 3, 0...} +TrustedIssuer : CN=example1.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +This command retrieves the trusted certificate authorities that are defined in your directory. + +### Example 2: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuer + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraTrustedCertificateAuthority -TrustedIssuer 'CN=mscmdlet' +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl1 +DeltaCrlDistributionPoint : +TrustedCertificate : {48, 130, 3, 4...} +TrustedIssuer : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A + +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl +DeltaCrlDistributionPoint : https://deltaexample.crl +TrustedCertificate : {48, 130, 3, 4...} +TrustedIssuer : CN=example.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : 69506400C9806497DCB48F160C31CFFEA87E544C +``` + +This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuer. + +- `-TrustedIssuer` parameter specifies the trusted issuer. + +### Example 3: Retrieve the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki + +```powershell +Connect-Entra -Scopes 'Organization.Read.All' +Get-EntraTrustedCertificateAuthority -TrustedIssuerSki 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +```Output +AuthorityType : RootAuthority +CrlDistributionPoint : https://example.crl +DeltaCrlDistributionPoint : +TrustedCertificate : {48, 130, 3, 0...} +TrustedIssuer : CN=example1.azure.com, O=MSIT. Ltd, L=Redmond, C=US +TrustedIssuerSki : 4BA2D7AC2A5DF47C70E19E61EDFB4E62B3BF67FD +``` + +This command retrieves the trusted certificate authorities that are defined in your directory based on TrustedIssuerSki. + +- `-TrustedIssuerSki` parameter specifies the trusted issuer ski. + +## Parameters + +### -TrustedIssuer + +Specifies a trusted issuer. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TrustedIssuerSki + +Specifies a trusted issuer ski. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraTrustedCertificateAuthority](New-EntraTrustedCertificateAuthority.md) + +[Remove-EntraTrustedCertificateAuthority](Remove-EntraTrustedCertificateAuthority.md) + +[Set-EntraTrustedCertificateAuthority](Set-EntraTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Get-EntraUserAuthenticationMethod.md b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraUserAuthenticationMethod.md new file mode 100644 index 0000000000..bcb8bcd056 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Get-EntraUserAuthenticationMethod.md @@ -0,0 +1,93 @@ +--- +title: Get-EntraUserAuthenticationMethod +description: This article provides details on the Get-EntraUserAuthenticationMethod command. + + +ms.topic: reference +ms.date: 11/11/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserAuthenticationMethod + +schema: 2.0.0 +--- + +# Get-EntraUserAuthenticationMethod + +## Synopsis + +Retrieve a list of a user's registered authentication methods. + +## Syntax + +```powershell +Get-EntraUserAuthenticationMethod + -UserId + [] +``` + +## Description + +The `Get-EntraUserAuthenticationMethod` cmdlet retrieves a list of a user's registered authentication methods. An authentication method is a way for a user to verify their identity, such as a password, phone (SMS or voice), or FIDO2 security key. + +In delegated scenarios involving work or school accounts, where the signed-in user is acting on behalf of another user, the signed-in user must be assigned either a supported Microsoft Entra role or a custom role with the necessary permissions. For this operation, the following least privileged roles are supported: + +- Global Reader +- Authentication Administrator +- Privileged Authentication Administrator + +## Examples + +### Example 1: Get a list of authentication methods registered to a user + +```powershell +Connect-Entra -Scopes 'UserAuthenticationMethod.Read.All' +Get-EntraUserAuthenticationMethod -UserId 'SawyerM@Contoso.com' | Select-Object Id, DisplayName, AuthenticationMethodType +``` + +```Output +Id DisplayName AuthenticationMethodType +-- ----------- ------------------------ +00001111-aaaa-2222-bbbb-3333cccc4444 #microsoft.graph.passwordAuthenticationMethod +11112222-bbbb-3333-cccc-4444dddd5555 iPhone 16 #microsoft.graph.microsoftAuthenticatorAuthenticationMethod +``` + +This example retrieves a Get a list of a user's registered authentication methods. + +- `-UserId` parameter specifies the object ID of a user(as a UserPrincipalName or ObjectId). + +## Parameters + +### -UserId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +The authentication administrator only sees masked phone numbers. + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraConditionalAccessPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraConditionalAccessPolicy.md new file mode 100644 index 0000000000..976cd12ce2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraConditionalAccessPolicy.md @@ -0,0 +1,278 @@ +--- +title: New-EntraConditionalAccessPolicy +description: This article provides details on the New-EntraConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraConditionalAccessPolicy + +schema: 2.0.0 +--- + +# New-EntraConditionalAccessPolicy + +## Synopsis + +Creates a new conditional access policy in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraConditionalAccessPolicy + [-Id ] + [-DisplayName ] + [-State ] + [-Conditions ] + [-GrantControls ] + [-SessionControls ] + [] +``` + +## Description + +This cmdlet allows an admin to create new conditional access policy in Microsoft Entra ID. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Creates a new conditional access policy in Microsoft Entra ID that require MFA to access Exchange Online + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$conditions.Applications.IncludeApplications = '00000002-0000-0ff1-ce00-000000000000' +$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$conditions.Users.IncludeUsers = 'all' +$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$controls._Operator = 'OR' +$controls.BuiltInControls = 'mfa' + +$params = @{ + DisplayName = 'MFA policy' + State = 'Enabled' + Conditions = $conditions + GrantControls = $controls +} + +New-EntraConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State TemplateId +-- --------------- ----------- ----------- ---------------- ----- ---------- +aaaaaaaa-1111-1111-1111-000000000000 16/08/2024 07:29:09 MFA policy enabled +``` + +This command creates a new conditional access policy in Microsoft Entra ID that requires MFA to access Exchange Online. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +### Example 2: Creates a new conditional access policy in Microsoft Entra ID that blocks access to Exchange Online from nontrusted regions + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$conditions.Applications.IncludeApplications = '00000002-0000-0ff1-ce00-000000000000' +$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$conditions.Users.IncludeUsers = 'all' +$conditions.Locations = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition +$conditions.Locations.IncludeLocations = '5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9' +$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$controls._Operator = 'OR' +$controls.BuiltInControls = 'block' + +$params = @{ + DisplayName = 'MFA policy' + State = 'Enabled' + Conditions = $conditions + GrantControls = $controls +} + +New-EntraConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State TemplateId +-- --------------- ----------- ----------- ---------------- ----- ---------- +aaaaaaaa-1111-1111-1111-000000000000 16/08/2024 07:31:25 MFA policy enabled +``` + +This command creates a new conditional access policy in Microsoft Entra ID that blocks access to Exchange Online from nontrusted regions. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. + +### Example 3: Use all conditions and controls + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' + +$Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$Condition.clientAppTypes = @("mobileAppsAndDesktopClients","browser") +$Condition.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition +$Condition.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" +$Condition.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition +$Condition.Users.IncludeUsers = "all" + +$Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$Controls._Operator = "AND" +$Controls.BuiltInControls = @("mfa") + +$SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls +$ApplicationEnforcedRestrictions = New-Object Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions +$ApplicationEnforcedRestrictions.IsEnabled = $true +$SessionControls.applicationEnforcedRestrictions = $ApplicationEnforcedRestrictions +$params = @{ + DisplayName = "ConditionalAccessPolicy" + Conditions = $conditions + GrantControls = $controls + SessionControls = $SessionControls + } +New-EntraConditionalAccessPolicy @params +``` + +```Output +Id CreatedDateTime Description DisplayName ModifiedDateTime State TemplateId +-- --------------- ----------- ----------- ---------------- ----- ---------- +aaaaaaaa-1111-1111-1111-000000000000 16/08/2024 07:31:25 ConditionalAccessPolicy enabled +``` + +This example creates new conditional access policy in Microsoft Entra ID with all the conditions and controls. + +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +## Parameters + +### -DisplayName + +Specifies the display name of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the enabled or disabled state of the conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Conditions + +Specifies the conditions for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessConditionSet +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GrantControls + +Specifies the controls for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessGrantControls +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SessionControls + +Enables limited experiences within specific cloud applications. + +```yaml +Type: ConditionalAccessSessionControls +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraConditionalAccessPolicy](Get-EntraConditionalAccessPolicy.md) + +[Set-EntraConditionalAccessPolicy](Set-EntraConditionalAccessPolicy.md) + +[Remove-EntraConditionalAccessPolicy](Remove-EntraConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraFeatureRolloutPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraFeatureRolloutPolicy.md new file mode 100644 index 0000000000..366f716cbe --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraFeatureRolloutPolicy.md @@ -0,0 +1,224 @@ +--- +title: New-EntraFeatureRolloutPolicy +description: This article provides details on the New-EntraFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraFeatureRolloutPolicy + +schema: 2.0.0 +--- + +# New-EntraFeatureRolloutPolicy + +## Synopsis + +Allows an admin to create the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraFeatureRolloutPolicy + -Feature + -IsEnabled + [-Description ] + [-IsAppliedToOrganization ] + [-AppliesTo ] + -DisplayName + [] +``` + +## Description + +The `New-EntraFeatureRolloutPolicy` cmdlet allows an admin to create the policy for cloud authentication roll-out (users moving from federation to cloud auth) in Microsoft Entra ID. + +The policy admin can identify whether the users authenticate using password hashes in Microsoft Entra ID (Password hash-sync) or Microsoft Entra ID on-premises directly (Pass-through authentication). + +## Examples + +### Example 1: Creates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Feature = 'PassthroughAuthentication' + DisplayName = 'FeatureRolloutPolicy' + IsEnabled = $false +} +New-EntraFeatureRolloutPolicy @params +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee FeatureRolloutPolicy FeatureRolloutPolicy passthroughAuthentication False False + +``` + +This example creates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Feature` specifies a feature assigned to the cloud authentication roll-out policy. +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +- `-DisplayName` specifies the display name of the cloud authentication roll-out policy. + +- `-IsEnabled` specifies the status of cloud authentication roll-out policy. + +### Example 2: Creates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Feature = 'PassthroughAuthentication' + DisplayName = 'FeatureRolloutPolicy' + IsEnabled = $false + IsAppliedToOrganization = $false +} +New-EntraFeatureRolloutPolicy @params +``` + +```Output +Id Description DisplayName Feature IsAppliedToOrganization IsEnabled +-- ----------- ----------- ------- ----------------------- --------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee FeatureRolloutPolicy FeatureRolloutPolicy passthroughAuthentication False False + +``` + +This command creates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Feature` specifies a feature assigned to the cloud authentication roll-out policy. +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +- `-DisplayName` specifies the display name of the cloud authentication roll-out policy. + +- `-IsEnabled` specifies the status of cloud authentication roll-out policy. + +- `-IsAppliedToOrganization` specifies if the cloud authentication roll-out policy applied to the entire organization. + +## Parameters + +### -DisplayName + +Specifies the display name of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Feature + +Specifies a feature assigned to the cloud authentication roll-out policy. + +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +```yaml +Type: FeatureEnum +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies the status of cloud authentication roll-out policy. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppliesTo + +Specifies a list of Microsoft Entra ID objects that is assigned to the feature. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAppliedToOrganization + +Specifies if the cloud authentication roll-out policy applied to the entire organization. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.MsFeatureRolloutPolicy + +## Notes + +## Related Links + +[Get-EntraFeatureRolloutPolicy](Get-EntraFeatureRolloutPolicy.md) + +[Set-EntraFeatureRolloutPolicy](Set-EntraFeatureRolloutPolicy.md) + +[Remove-EntraFeatureRolloutPolicy](Remove-EntraFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraIdentityProvider.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraIdentityProvider.md new file mode 100644 index 0000000000..840a54f7ff --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraIdentityProvider.md @@ -0,0 +1,163 @@ +--- +title: New-EntraIdentityProvider +description: This article provides details on the New-EntraIdentityProvider command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraIdentityProvider + +schema: 2.0.0 +--- + +# New-EntraIdentityProvider + +## Synopsis + +Configure a new identity provider in the directory. + +## Syntax + +```powershell +New-EntraIdentityProvider + -Type + -ClientSecret + -ClientId + [-Name ] + [] +``` + +## Description + +The `New-EntraIdentityProvider` cmdlet is used to configure an identity provider in the directory. + +Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. + +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be: + +- Microsoft +- Google +- Facebook +- Amazon +- LinkedIn + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add LinkedIn identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +New-EntraIdentityProvider -Type 'LinkedIn' -Name 'LinkedInName' -ClientId 'LinkedInAppClientId' -ClientSecret 'LinkedInAppClientSecret' +``` + +```Output +Id DisplayName +-- ----------- +LinkedIn-OAUTH LinkedInName +``` + +This example adds a LinkedIn identity provider. + +- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. +- `-Name` parameter specifies the display name of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraIdentityProvider](Remove-EntraIdentityProvider.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraNamedLocationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraNamedLocationPolicy.md new file mode 100644 index 0000000000..05876dfb0a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraNamedLocationPolicy.md @@ -0,0 +1,236 @@ +--- +title: New-EntraNamedLocationPolicy +description: This article provides details on the New-EntraNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraNamedLocationPolicy + +schema: 2.0.0 +--- + +# New-EntraNamedLocationPolicy + +## Synopsis + +Creates a new named location policy in Microsoft Entra ID. + +## Syntax + +```powershell +New-EntraNamedLocationPolicy + [-OdataType ] + [-Id ] + [-DisplayName ] + [-IpRanges ] + [-IsTrusted ] + [-CountriesAndRegions ] + [-IncludeUnknownCountriesAndRegions ] + [] +``` + +## Description + +This cmdlet allows an admin to create new named location policy in Microsoft Entra ID. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Creates a new Ip named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange +$ipRanges.cidrAddress = '6.5.4.3/32' +$params = @{ + OdataType = '#microsoft.graph.ipNamedLocation' + DisplayName = 'IP named location policy' + IsTrusted = $false + IpRanges = $ipRanges +} + +New-EntraNamedLocationPolicy @params +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +bbbbbbbb-1111-2222-3333-cccccccccccc 31-07-2024 10:45:27 IP named location policy 31-07-2024 10:45:27 +``` + +This command creates a new country named location policy in Microsoft Entra ID. + +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-IsTrusted` parameter specifies the IsTrusted value for the named location policy. +- `-IpRanges` parameter specifies List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. + +### Example 2: Creates a new country named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + OdataType = '#microsoft.graph.countryNamedLocation' + DisplayName = 'Country named location policy' + CountriesAndRegions = 'IN' + IncludeUnknownCountriesAndRegions = $false +} + +New-EntraNamedLocationPolicy @params +``` + +```Output +Id CreatedDateTime DisplayName ModifiedDateTime +-- --------------- ----------- ---------------- +cccccccc-2222-3333-4444-dddddddddddd 31-07-2024 10:46:16 Country named location policy 31-07-2024 10:46:16 +``` + +This command creates a new country named location policy in Microsoft Entra ID. + +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-CountriesAndRegions` parameter specifies the countries and regions for the named location policy. +- `-IncludeUnknownCountriesAndRegions` parameter specifies the includeUnknownCountriesAndRegions value for the named location policy. + +## Parameters + +### -OdataType + +Specifies the OData type of a named location policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IpRanges + +List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. The @odata.type of the ipRange is also required. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsTrusted + +Specifies the `IsTrusted` value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CountriesAndRegions + +Specifies the countries and regions for the named location policy in Microsoft Entra ID. List of countries and/or regions in the two-letter format specified by ISO 3166-2. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeUnknownCountriesAndRegions + +Specifies the includeUnknownCountriesAndRegions value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [Create namedLocation](/graph/api/conditionalaccessroot-post-namedlocations). + +## Related Links + +[Get-EntraNamedLocationPolicy](Get-EntraNamedLocationPolicy.md) + +[Set-EntraNamedLocationPolicy](Set-EntraNamedLocationPolicy.md) + +[Remove-EntraNamedLocationPolicy](Remove-EntraNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraOauth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraOauth2PermissionGrant.md new file mode 100644 index 0000000000..21cae2b070 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraOauth2PermissionGrant.md @@ -0,0 +1,191 @@ +--- +title: New-EntraOauth2PermissionGrant +description: This article provides details on the New-EntraOauth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/28/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraOauth2PermissionGrant + +schema: 2.0.0 +--- + +# New-EntraOauth2PermissionGrant + +## Synopsis + +Create a delegated permission grant using an oAuth2PermissionGrant object. This grant allows a client service principal to access a resource service principal on behalf of a signed-in user, with access restricted to the specified delegated permissions. + +## Syntax + +```powershell +New-EntraOauth2PermissionGrant + -ClientId + -ConsentType + -ResourceId + [-PrincipalId ] + [-Scope ] + [] +``` + +## Description + +The `New-EntraOauth2PermissionGrant` cmdlet creates a delegated permission grant using an oAuth2PermissionGrant object. This grant authorizes a client service principal to access a resource service principal on behalf of a signed-in user, with access limited to the specified delegated permissions. + +## Examples + +### Example 1: To grant authorization to impersonate all users + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'AllPrincipals' + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... + +``` + +This command Grant authorization to impersonate all users. + +### Example 2: To grant authorization to impersonate a specific user + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'Principal' + PrincipalId = $user.Id + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... +``` + +This command Grant authorization to impersonate a specific user. + +## Parameters + +### -ClientId + +The object ID (not appId) of the client service principal for the application, which is authorized to act on behalf of a signed-in user when accessing an API. Required. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentType + +Indicates whether the client application is authorized to impersonate all users or only a specific user. + +- `AllPrincipals`: Authorizes the application to impersonate all users. +- `Principal`: Authorizes the application to impersonate a specific user. +An administrator can grant consent on behalf of all users. In some cases, non-admin users are authorized to consent on behalf of themselves for certain delegated permissions. This parameter is required and supports the $filter query (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The ID of the resource service principal to which access is authorized. This identifies the API, which the client is authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrincipalId + +The ID of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal, If consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Scope + +A space-separated list of the claim values for delegated permissions, which should be included in access tokens for the resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of the resource service principal. Must not exceed 3,850 characters in length. + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## RELATED LINKS + +[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) + +[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) + +[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantConditionSet.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantConditionSet.md new file mode 100644 index 0000000000..cbba9fdef9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantConditionSet.md @@ -0,0 +1,372 @@ +--- +title: New-EntraPermissionGrantConditionSet +description: This article provides details on the New-EntraPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# New-EntraPermissionGrantConditionSet + +## Synopsis + +Create a new Microsoft Entra ID permission grant condition set in a given policy. + +## Syntax + +```powershell +New-EntraPermissionGrantConditionSet + -PolicyId + -ConditionSetType + [-Permissions ] + [-ClientApplicationTenantIds ] + [-ClientApplicationIds ] + [-ResourceApplication ] + [-PermissionType ] + [-PermissionClassification ] + [-ClientApplicationsFromVerifiedPublisherOnly ] + [-ClientApplicationPublisherIds ] + [] +``` + +## Description + +Create a new Microsoft Entra ID permission grant condition set object in an existing policy. + +## Examples + +### Example 1: Create a basic permission grant condition set in an existing policy with all build in values + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'includes' +PermissionType = 'delegated' +} + +New-EntraPermissionGrantConditionSet @params +``` + +```Output +Id ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification PermissionType Permissions +-- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------------ -------------- --------- +aaaa0000-bb11-2222-33cc-444444dddddd {all} {all} {all} False all delegated {all} +``` + +This command creates a basic permission grant condition set in an existing policy with all build in values. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. + +### Example 2: Create a permission grant condition set in an existing policy that includes specific permissions for a resource application + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$permission = (Get-EntraServicePrincipal -Filter "DisplayName eq ''").AppRoles.Id +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'includes' +PermissionType = 'delegated' +Permissions = @($permission) +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +} + +New-EntraPermissionGrantConditionSet @params +``` + +```Output +Id ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification PermissionType Permissions +-- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------------ -------------- --------- +aaaa0000-bb11-2222-33cc-444444dddddd {all} {all} {all} False all delegated {8b590... +``` + +This command creates a permission grant condition set in an existing policy that includes specific permissions for a resource application. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. + +### Example 3: Create a permission grant condition set in an existing policy that is excluded + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'excludes' +PermissionType = 'delegated' +Permissions = @('All') +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +PermissionClassification = 'low' +ClientApplicationsFromVerifiedPublisherOnly = $true +ClientApplicationIds = @('All') +ClientApplicationTenantIds = @('All') +ClientApplicationPublisherIds = @('All') +} +New-EntraPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds ClientApplicationsFromVerifiedPublisherOnly PermissionClassification +-- ------------------------------- -------------------- ----------------------------- -------------------------- ------------------------------------------- ------------------- +dddd3333-ee44-5555-66ff-777777aaaaaa False {all} {all} {all} True low +``` + +This command creates a permission grant condition set in an existing policy that is excluded. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. + +### Example 4: Create a permission grant condition set in an existing policy that is excluded + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$permission = (Get-EntraServicePrincipal -Filter "DisplayName eq ''").AppRoles.Id +$params = @{ +PolicyId = $permissionGrantPolicyId +ConditionSetType = 'excludes' +PermissionType = 'delegated' +Permissions = @($permission) +ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' +PermissionClassification = 'low' +ClientApplicationsFromVerifiedPublisherOnly = $true +ClientApplicationIds = @('00001111-aaaa-2222-bbbb-3333cccc4444', '11112222-bbbb-3333-cccc-4444dddd5555') +ClientApplicationTenantIds = @('aaaabbbb-0000-cccc-1111-dddd2222eeee', 'bbbbcccc-1111-dddd-2222-eeee3333ffff', 'ccccdddd-2222-eeee-3333-ffff4444aaaa') +ClientApplicationPublisherIds = @('33334444-dddd-5555-eeee-6666ffff7777') +} +New-EntraPermissionGrantConditionSet @params +``` + +```Output +Id CertifiedClientApplicationsOnly ClientApplicationIds ClientApplicationPublisherIds ClientApplicationTenantIds +-- ------------------------------- -------------------- ----------------------------- -------------------- +cccccccc-2222-3333-4444-dddddddddddd False {33334444-dddd-5555-eeee-6666ffff7777} {d5aec55f-2d12-4442-8d2f-ccca95d4390e} {aaaabbbb-0000-cccc-1111-dddd2222eeee} +``` + +This command creates a permission grant condition set in an existing policy that is excluded. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionType + +Specific type of permissions (application, delegated) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionClassification + +Specific classification (all, low, medium, high) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Permissions + +The identifier of the resource application to scope consent operation down to. +It could be @("All") or a list of permission IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationIds + +The set of client application IDs to scope consent operation down to. +It could be @("All") or a list of client application IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationTenantIds + +The set of client application tenant IDs to scope consent operation down to. +It could be @("All") or a list of client application tenant IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationPublisherIds + +The set of client applications publisher IDs to scope consent operation down to. +It could be @("All") or a list of client application publisher IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationsFromVerifiedPublisherOnly + +A value indicates whether to only includes client applications from verified publishers. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceApplication + +The identifier of the resource application to scope consent operation down to. +It could be "Any" or a specific resource application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +### Microsoft.Open.MSGraph.Model.PermissionGrantConditionSet + +## Notes + +## Related Links + +[Set-EntraPermissionGrantConditionSet](Set-EntraPermissionGrantConditionSet.md) + +[Get-EntraPermissionGrantConditionSet](Get-EntraPermissionGrantConditionSet.md) + +[Remove-EntraPermissionGrantConditionSet](Remove-EntraPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantPolicy.md new file mode 100644 index 0000000000..01bc1b6bda --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPermissionGrantPolicy.md @@ -0,0 +1,133 @@ +--- +title: New-EntraPermissionGrantPolicy +description: This article provides details on the New-EntraPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraPermissionGrantPolicy + +schema: 2.0.0 +--- + +# New-EntraPermissionGrantPolicy + +## Synopsis + +Creates a permission grant policy. + +## Syntax + +```powershell +New-EntraPermissionGrantPolicy + -Id + [-DisplayName ] + [-Description ] + [] +``` + +## Description + +The `New-EntraPermissionGrantPolicy` cmdlet creates a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Create a permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$params = @{ + Id = 'my_new_permission_grant_policy_id' + DisplayName = 'MyNewPermissionGrantPolicy' + Description = 'My new permission grant policy' +} + +New-EntraPermissionGrantPolicy @params +``` + +```Output +DeletedDateTime Description DisplayName Id +--------------- ----------- ----------- -- + My new permission grant policy MyNewPermissionGrantPolicy my_new_permission_grant_policy_id +``` + +This example creates new permission grant policy in Microsoft Entra ID. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-DisplayName` parameter specifies the display name for the permission grant policy. +- `-Description` parameter specifies the description for the permission grant policy. + +## Parameters + +### -Description + +Specifies the description for the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name for the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPermissionGrantPolicy](Get-EntraPermissionGrantPolicy.md) + +[Set-EntraPermissionGrantPolicy](Set-EntraPermissionGrantPolicy.md) + +[Remove-EntraPermissionGrantPolicy](Remove-EntraPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPolicy.md new file mode 100644 index 0000000000..205c565736 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraPolicy.md @@ -0,0 +1,254 @@ +--- +title: New-EntraPolicy +description: This article provides details on the New-EntraPolicy command. + + +ms.topic: reference +ms.date: 08/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraPolicy + +schema: 2.0.0 +--- + +# New-EntraPolicy + +## Synopsis + +Creates a policy. + +## Syntax + +```powershell +New-EntraPolicy + -Definition + -DisplayName + -Type + [-IsOrganizationDefault ] + [] +``` + +## Description + +The `New-EntraPolicy` cmdlet creates a policy in Microsoft Entra ID. Specify `DisplayName`, `Definition` and `Type` parameters for create a new policy. + +## Examples + +### Example 1: Create a new policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') + DisplayName = 'NewPolicy' + Type = 'HomeRealmDiscoveryPolicy' +} +New-EntraPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id IsOrganizationD + efault +---------- --------------- ----------- ----------- -- --------------- +{{"HomeReayPolicy":{"AlternateLoginIDLookup":true, "IncluderIds":["UserID"]}}} NewPolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False +``` + +This command creates a new policy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 2: Create a ClaimsMappingPolicy policy by 'IsOrganizationDefault' parameter + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\"JwtClaimType\":\"upn\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://schemas.microsoft.com/identity/claims/displayname\",\"JwtClaimType\":\"name\"}]}}" ], "displayName": "Custom Claims Issuance Policy", "isOrganizationDefault": false }') + DisplayName ='ClaimstestPolicy' + Type = 'claimsMappingPolicies' + IsOrganizationDefault = $false +} +New-EntraPolicy @params +``` + +```Output +Definition +---------- +{{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLCl… +``` + +This command creates a ClaimsMappingPolicy using 'IsOrganizationDefault' parameter in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` - Parameter specifies the type of policy. In this example, `ClaimsMappingPolicy` + represents the type of policy. + +- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. + +### Example 3: Create a TokenLifetimePolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}') + DisplayName = 'TokenLifetimePolicy' + Type = 'TokenLifetimePolicy' + IsOrganizationDefault = $false +} +New-EntraPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id IsOrganizatio + nDefault +---------- --------------- ----------- ----------- -- ------------- +{{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}} TokenLifetimePolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False +``` + +This command creates a TokenLifetimePolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 4: Create a TokenIssuancePolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly","EmitSAMLNameFormat":"true"}}') + DisplayName = 'tokenIssuance' + Type = 'TokenIssuancePolicy' +} +New-EntraPolicy @params +``` + +```Output +Definition +---------- +{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly… +``` + +This command creates a TokenIssuancePolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +### Example 5: Create a ActivityBasedTimeoutPolicy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') + DisplayName = 'ActivityBasedTimeoutPolicyname' + Type = 'ActivityBasedTimeoutPolicy' +} +New-EntraPolicy @params +``` + +```Output +Definition DeletedDateTime Description DisplayName Id +---------- --------------- ----------- ----------- -- +{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} ActivityBasedTimeoutPolicyname aaaaaaaa-0000-1111-2222... + +``` + +This command creates a ActivityBasedTimeoutPolicy in Microsoft Entra ID. + +- `-Definition` Parameter specifies an array of JSON that contains all the rules of the policy. + +- `-Type` Parameter specifies the type of policy. + +## Parameters + +### -Definition + +Specifies an array of JSON that contains all the rules of the policy, for example: -Definition @("{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}"). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +String of the policy name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsOrganizationDefault + +True if this policy is the organizational default. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of policy. +For token lifetimes, specify "TokenLifetimePolicy." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPolicy](Get-EntraPolicy.md) + +[Remove-EntraPolicy](Remove-EntraPolicy.md) + +[Set-EntraPolicy](Set-EntraPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/New-EntraTrustedCertificateAuthority.md b/module/docs/entra-powershell-v1.0/SignIns/New-EntraTrustedCertificateAuthority.md new file mode 100644 index 0000000000..067fe09ba5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/New-EntraTrustedCertificateAuthority.md @@ -0,0 +1,98 @@ +--- +title: New-EntraTrustedCertificateAuthority +description: This article provides details on the New-EntraTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# New-EntraTrustedCertificateAuthority + +## Synopsis + +Creates a trusted certificate authority. + +## Syntax + +```powershell +New-EntraTrustedCertificateAuthority + -CertificateAuthorityInformation + [] +``` + +## Description + +The `New-EntraTrustedCertificateAuthority` cmdlet creates a trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Creates the trusted certificate authorities in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' + +$new_ca = New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation #Create CertificateAuthorityInformation object +$new_ca.AuthorityType = "RootAuthority" +$new_ca.CrlDistributionPoint = "https://example.crl" +$new_ca.DeltaCrlDistributionPoint = "https://deltaexample.crl" +$new_ca.TrustedCertificate = "Path to .cer file(including cer file name)" +New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command creates the trusted certificate authorities in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. +It includes properties like `AuthorityType`, `CrlDistributionPoint`, `DeltaCrlDistributionPoint`, and `TrustedCertificate`. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraTrustedCertificateAuthority](Get-EntraTrustedCertificateAuthority.md) + +[Remove-EntraTrustedCertificateAuthority](Remove-EntraTrustedCertificateAuthority.md) + +[Set-EntraTrustedCertificateAuthority](Set-EntraTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraConditionalAccessPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraConditionalAccessPolicy.md new file mode 100644 index 0000000000..adc12a13d4 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraConditionalAccessPolicy.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraConditionalAccessPolicy +description: This article provides details on the Remove-EntraConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Remove-EntraConditionalAccessPolicy + +## Synopsis + +Deletes a conditional access policy in Microsoft Entra ID by Id. + +## Syntax + +```powershell +Remove-EntraConditionalAccessPolicy + -PolicyId + [] +``` + +## Description + +This cmdlet allows an admin to delete a conditional access policy in Microsoft Entra ID by Id. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Deletes a conditional access policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.Read.All' +$policy = Get-EntraConditionalAccessPolicy | Where-Object {$_.DisplayName -eq 'MFA policy'} +Remove-EntraConditionalAccessPolicy -PolicyId $policy.ObjectId +``` + +This command deletes a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of a conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraConditionalAccessPolicy](Get-EntraConditionalAccessPolicy.md) + +[New-EntraConditionalAccessPolicy](New-EntraConditionalAccessPolicy.md) + +[Set-EntraConditionalAccessPolicy](Set-EntraConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicy.md new file mode 100644 index 0000000000..673a1dcde5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicy.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraFeatureRolloutPolicy +description: This article provides details on the Remove-EntraFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraBetaFeatureRolloutPolicy +schema: 2.0.0 +--- + +# Remove-EntraFeatureRolloutPolicy + +## Synopsis + +Allows an admin to remove the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraFeatureRolloutPolicy + -Id + [] +``` + +## Description + +An admin uses `Remove-EntraFeatureRolloutPolicy` cmdlet to remove the cloud authentication roll-out policy and have all users where policy applied to be free of the policy. + +Users in groups that were assigned to the policy falls back to the global authentication method (most common case will be federation). Specify `Id` parameter to remove the cloud authentication roll-out policy. + +## Examples + +### Example 1: Removes the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$Policy = Get-EntraFeatureRolloutPolicy -Filter "DisplayName eq 'Feature-Rollout-Policy'" +Remove-EntraFeatureRolloutPolicy -Id $Policy.Id +``` + +This example removes the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` - specifies the unique identifier of the cloud authentication roll-out policy. You can use `Get-EntraFeatureRolloutPolicy` to retrieve policy details. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraFeatureRolloutPolicy](New-EntraFeatureRolloutPolicy.md) + +[Get-EntraFeatureRolloutPolicy](Get-EntraFeatureRolloutPolicy.md) + +[Set-EntraFeatureRolloutPolicy](Set-EntraFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.md new file mode 100644 index 0000000000..bcfbfb7dab --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.md @@ -0,0 +1,105 @@ +--- +title: Remove-EntraFeatureRolloutPolicyDirectoryObject +description: This article provides details on the Remove-EntraFeatureRolloutPolicyDirectoryObject command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraFeatureRolloutPolicyDirectoryObject + +## Synopsis + +Allows an admin to remove a group from the cloud authentication rollout policy in Microsoft Entra ID. +Users in this group revert back to the authenticating using the global policy (in most cases this will be federation). + +## Syntax + +```powershell +Remove-EntraFeatureRolloutPolicyDirectoryObject + -ObjectId + -Id + [] +``` + +## Description + +An admin uses the `Remove-EntraFeatureRolloutPolicyDirectoryObject` cmdlet to remove groups from the cloud authentication roll-out policy. + +Users in these groups start authenticating against the global authentication policy (for example, +federation). Specify `ObjectId` and `Id` parameter to remove groups from the cloud authentication roll-out policy. + +## Examples + +### Example 1: Removes a group from the cloud authentication roll-out policy from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + ObjectId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Remove-EntraFeatureRolloutPolicyDirectoryObject @params +``` + +This command removes a group from the cloud authentication roll-out policy from Microsoft Entra ID. + +- `-Id` Parameter specifies the ID of the cloud authentication roll-out policy. +- `-ObjectId` parameter specifies the ID of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy. + +## Parameters + +### -ID + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the specific Microsoft Entra ID object that assigned to the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraIdentityProvider.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraIdentityProvider.md new file mode 100644 index 0000000000..45c4c999e7 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraIdentityProvider.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraIdentityProvider +description: This article provides details on the Remove-EntraIdentityProvider command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraIdentityProvider + +schema: 2.0.0 +--- + +# Remove-EntraIdentityProvider + +## Synopsis + +This cmdlet is used to delete an identity provider in the directory. + +## Syntax + +```powershell +Remove-EntraIdentityProvider + -IdentityProviderBaseId + [] +``` + +## Description + +This cmdlet is used to delete an identity provider that has been configured in the directory. + +The identity provider is permanently deleted. + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Remove the identity provider in the directory + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +Remove-EntraIdentityProvider -IdentityProviderBaseId 'LinkedIn-OAUTH' +``` + +This command demonstrates how to remove the specified identity provider. + +- `-IdentityProviderBaseId` parameter specifies the unique identifier of the identity provider. + +## Parameters + +### -IdentityProviderBaseId + +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraIdentityProvider](New-EntraIdentityProvider.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraNamedLocationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraNamedLocationPolicy.md new file mode 100644 index 0000000000..f7b0ad946f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraNamedLocationPolicy.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraNamedLocationPolicy +description: This article provides details on the Remove-EntraNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraNamedLocationPolicy + +schema: 2.0.0 +--- + +# Remove-EntraNamedLocationPolicy + +## Synopsis + +Deletes a Microsoft Entra ID named location policy by PolicyId. + +## Syntax + +```powershell +Remove-EntraNamedLocationPolicy + -PolicyId + [] +``` + +## Description + +This cmdlet allows an admin to delete the Microsoft Entra ID named location policy. + +Named locations are custom rules that define network locations, which can then be used in a Conditional Access policy. + +## Examples + +### Example 1: Deletes a named location policy in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +Remove-EntraNamedLocationPolicy -PolicyId $policy.Id +``` + +This command demonstrates how to delete the named location policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraNamedLocationPolicy](New-EntraNamedLocationPolicy.md) + +[Set-EntraNamedLocationPolicy](Set-EntraNamedLocationPolicy.md) + +[Get-EntraNamedLocationPolicy](Get-EntraNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraOAuth2PermissionGrant.md new file mode 100644 index 0000000000..999957a607 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraOAuth2PermissionGrant.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraOAuth2PermissionGrant +description: This article provides details on the Remove-EntraOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Remove-EntraOAuth2PermissionGrant + +## Synopsis + +Removes an OAuth2PermissionGrant. + +## Syntax + +```powershell +Remove-EntraOAuth2PermissionGrant + -ObjectId + [] +``` + +## Description + +The `Remove-EntraOAuth2PermissionGrant` cmdlet removes an OAuth2PermissionGrant object in Microsoft Entra ID. + +When a delegated permission grant is deleted, the access it granted is revoked. Existing access tokens will continue to be valid for their lifetime, but new access tokens will not be granted for the delegated permissions identified in the deleted OAuth2PermissionGrant. + +## Examples + +### Example 1: Remove an OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$SharePointSP = Get-EntraServicePrincipal | Where-Object {$_.DisplayName -eq 'Microsoft.SharePoint'} +$SharePointOA2AllSitesRead = Get-EntraOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $SharePointSP.ObjectId} | Where-Object {$_.Scope -eq 'AllSites.Read'} +Remove-EntraOAuth2PermissionGrant -ObjectId $SharePointOA2AllSitesRead.ObjectId +``` + +This example shows how to remove an OAuth2PermissionGrant object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies the ID of an OAuth2PermissionGrant object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) + +[Get-EntraServicePrincipal](../Applications/Get-EntraServicePrincipal.md) + +[Update-EntraOAuth2PermissionGrant](Update-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantConditionSet.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantConditionSet.md new file mode 100644 index 0000000000..5a335e07a9 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantConditionSet.md @@ -0,0 +1,129 @@ +--- +title: Remove-EntraPermissionGrantConditionSet +description: This article provides details on the Remove-EntraPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Remove-EntraPermissionGrantConditionSet + +## Synopsis + +Delete a Microsoft Entra ID permission grant condition set by ID. + +## Syntax + +```powershell +Remove-EntraPermissionGrantConditionSet + -ConditionSetType + -Id + -PolicyId + [] +``` + +## Description + +Delete a Microsoft Entra ID permission grant condition set object by ID. + +## Examples + +### Example 1: Delete a permission grant condition set from a policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$PermissionGrantConditionSetId = '2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'excludes' + Id = $PermissionGrantConditionSetId +} +Remove-EntraPermissionGrantConditionSet @params +``` + +This example demonstrates how to remove the Microsoft Entra ID permission grant condition set by ID. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraPermissionGrantConditionSet](New-EntraPermissionGrantConditionSet.md) + +[Get-EntraPermissionGrantConditionSet](Get-EntraPermissionGrantConditionSet.md) + +[Set-EntraPermissionGrantConditionSet](Set-EntraPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantPolicy.md new file mode 100644 index 0000000000..b63ba4d643 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPermissionGrantPolicy.md @@ -0,0 +1,85 @@ +--- +title: Remove-EntraPermissionGrantPolicy +description: This article provides details on the Remove-EntraPermissionGrantPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Remove-EntraPermissionGrantPolicy + +## Synopsis + +Removes a permission grant policy. + +## Syntax + +```powershell +Remove-EntraPermissionGrantPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraPermissionGrantPolicy` cmdlet removes a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Remove a permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +Remove-EntraPermissionGrantPolicy -Id 'my_permission_grant_policy_id' +``` + +This command removes the specified permission grant policy in Microsoft Entra ID. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. + +## Parameters + +### -Id + +The unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraPermissionGrantPolicy](New-EntraPermissionGrantPolicy.md) + +[Get-EntraPermissionGrantPolicy](Get-EntraPermissionGrantPolicy.md) + +[Set-EntraPermissionGrantPolicy](Set-EntraPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPolicy.md new file mode 100644 index 0000000000..fe2c6038e6 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraPolicy.md @@ -0,0 +1,83 @@ +--- +title: Remove-EntraPolicy +description: This article provides details on the Remove-EntraPolicy command. + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraPolicy +schema: 2.0.0 +--- + +# Remove-EntraPolicy + +## Synopsis + +Removes a policy. + +## Syntax + +```powershell +Remove-EntraPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraPolicy` cmdlet removes a policy from Microsoft Entra ID. Specify `Id` parameter to remove a specific policy. + +## Examples + +### Example 1: Remove a policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.ApplicationConfiguration' +Remove-EntraPolicy -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This command removes the specified policy from Microsoft Entra ID. + +- `-Id` - specifies the ID of the policy you want to remove. + +## Parameters + +### -Id + +The Id of the policy you want to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPolicy](Get-EntraPolicy.md) + +[New-EntraPolicy](New-EntraPolicy.md) + +[Set-EntraPolicy](Set-EntraPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraTrustedCertificateAuthority.md b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraTrustedCertificateAuthority.md new file mode 100644 index 0000000000..6eeafd3f0b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Remove-EntraTrustedCertificateAuthority.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraTrustedCertificateAuthority +description: This article provides details on the Remove-EntraTrustedCertificateAuthority command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Remove-EntraTrustedCertificateAuthority + +## Synopsis + +Removes a trusted certificate authority. + +## Syntax + +```powershell +Remove-EntraTrustedCertificateAuthority + -CertificateAuthorityInformation + [] +``` + +## Description + +The `Remove-EntraTrustedCertificateAuthority` cmdlet removes a trusted certificate authority from Microsoft Entra ID. + +## Examples + +### Example 1: Remove the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$cer = Get-EntraTrustedCertificateAuthority #Get the CertificateAuthorityInformation object +Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command deletes the trusted certificate authorities that are defined in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. +It includes properties like `AuthorityType`, `CrlDistributionPoint`, `DeltaCrlDistributionPoint`, and `TrustedCertificate`. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraTrustedCertificateAuthority](Get-EntraTrustedCertificateAuthority.md) + +[New-EntraTrustedCertificateAuthority](New-EntraTrustedCertificateAuthority.md) + +[Set-EntraTrustedCertificateAuthority](Set-EntraTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Reset-EntraStrongAuthenticationMethodByUpn.md b/module/docs/entra-powershell-v1.0/SignIns/Reset-EntraStrongAuthenticationMethodByUpn.md new file mode 100644 index 0000000000..4635e0ee1b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Reset-EntraStrongAuthenticationMethodByUpn.md @@ -0,0 +1,79 @@ +--- +title: Reset-EntraStrongAuthenticationMethodByUpn +description: This article provides details on the Reset-EntraStrongAuthenticationMethodByUpn command. + + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Reset-EntraStrongAuthenticationMethodByUpn + +schema: 2.0.0 +--- + +# Reset-EntraStrongAuthenticationMethodByUpn + +## Synopsis + +Resets the strong authentication method using the User Principal Name (UPN). + +## Syntax + +```powershell +Reset-EntraStrongAuthenticationMethodByUpn + -UserPrincipalName + [] +``` + +## Description + +The `Reset-EntraStrongAuthenticationMethodByUpn` cmdlet resets the strong authentication method by using the User Principal Name (UPN). + +## Examples + +### Example 1: Resets the strong authentication method by using the User Principal Name + +```powershell +Connect-Entra -Scopes 'UserAuthenticationMethod.ReadWrite', 'UserAuthenticationMethod.ReadWrite.All' +Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName 'SawyerM@contoso.com' +``` + +This example demonstrates how to reset the strong authentication method by using the User Principal Name (UPN). + +- `-UserPrincipalName` parameter specifies the User Principal Name (UPN) of the user whose strong authentication method is being reset. + +## Parameters + +### -UserPrincipalName + +Specifies the User Principal Name (UPN) of the user whose strong authentication method is being reset. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraAuthorizationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraAuthorizationPolicy.md new file mode 100644 index 0000000000..e4c9202c0b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraAuthorizationPolicy.md @@ -0,0 +1,241 @@ +--- +title: Set-EntraAuthorizationPolicy +description: This article provides details on the Set-EntraAuthorizationPolicy command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraAuthorizationPolicy + +schema: 2.0.0 +--- + +# Set-EntraAuthorizationPolicy + +## Synopsis + +Updates an authorization policy. + +## Syntax + +```powershell +Set-EntraAuthorizationPolicy + [-BlockMsolPowerShell ] + [-AllowedToSignUpEmailBasedSubscriptions ] + [-AllowEmailVerifiedUsersToJoinOrganization ] + [-DisplayName ] + [-Description ] + [-DefaultUserRolePermissions ] + [-AllowedToUseSSPR ] + [] +``` + +## Description + +The `Set-EntraAuthorizationPolicy` cmdlet updates a Microsoft Entra ID authorization policy. + +For delegated scenarios, the user needs to have the `Privileged Role Administrator` Microsoft Entra role. + +## Examples + +### Example 1: Update an authorization policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.Authorization' +$params = @{ + DisplayName = 'Updated displayName' + Description = 'Updated Description' + BlockMsolPowerShell = $true + AllowedToUseSSPR = $false + AllowEmailVerifiedUsersToJoinOrganization = $true + AllowedToSignUpEmailBasedSubscriptions = $true +} + +Set-EntraAuthorizationPolicy @params +``` + +This example demonstrates how to update a Microsoft Entra ID authorization policy. + +### Example 2: Update DefaultUserRolePermissions of authorization policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.Authorization' +$DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions +$DefaultUserRolePermissions.AllowedToCreateApps = $false +$DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $false +$DefaultUserRolePermissions.AllowedToReadOtherUsers = $false +Set-EntraAuthorizationPolicy -DefaultUserRolePermissions $DefaultUserRolePermissions +``` + +This example demonstrates how to update a DefaultUserRolePermissions of authorization policy in Microsoft Entra ID. + +## Parameters + +### -AllowedToSignUpEmailBasedSubscriptions + +Specifies whether users can sign up for email based subscriptions. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowedToUseSSPR + +Specifies whether the Self-Serve Password Reset feature can be used by users on the tenant. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowEmailVerifiedUsersToJoinOrganization + +Specifies whether a user can join the tenant by email validation. +The initial default value is true. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -BlockMsolPowerShell + +Specifies whether the user-based access to the legacy service endpoint used by Microsoft Online PowerShell is blocked or not. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -allowUserConsentForRiskyApps + +Indicates whether user consent for risky apps is allowed. Default value is `false`. We recommend that you keep the value set to `false`. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -allowInvitesFrom + +Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. Everyone is the default setting for all cloud environments except US Government. + +```yaml +Type: allowInvitesFrom +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DefaultUserRolePermissions + +Contains various customizable default user role permissions. + +```yaml +Type: DefaultUserRolePermissions +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the authorization policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAuthorizationPolicy](Get-EntraAuthorizationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraConditionalAccessPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraConditionalAccessPolicy.md new file mode 100644 index 0000000000..899f72a7a8 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraConditionalAccessPolicy.md @@ -0,0 +1,240 @@ +--- +title: Set-EntraConditionalAccessPolicy +description: This article provides details on the Set-EntraConditionalAccessPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraConditionalAccessPolicy + +schema: 2.0.0 +--- + +# Set-EntraConditionalAccessPolicy + +## Synopsis + +Updates a conditional access policy in Microsoft Entra ID by Id. + +## Syntax + +```powershell +Set-EntraConditionalAccessPolicy + -PolicyId + [-Conditions ] + [-GrantControls ] + [-DisplayName ] + [-Id ] + [-State ] + [-SessionControls ] + [] +``` + +## Description + +This cmdlet allows an admin to update a conditional access policy in Microsoft Entra ID by Id. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Update a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$cond = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet +$control = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls +$session = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + DisplayName = 'MFA policy updated' + State = 'Enabled' + Conditions = $cond + GrantControls = $control + SessionControls = $session +} + +Set-EntraConditionalAccessPolicy @params +``` + +The example shows how to update a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of conditional access policy. +- `-DisplayName` parameter specifies the display name of a conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. +- `-Conditions` parameter specifies the conditions for the conditional access policy. +- `-GrantControls` parameter specifies the controls for the conditional access policy. +- `-SessionControls` parameter Enables limited experiences within specific cloud applications. + +### Example 2: Update display name for a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + DisplayName = 'MFA policy updated' +} + +Set-EntraConditionalAccessPolicy @params +``` + +This command updates a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of conditional access policy. +- `-DisplayName` parameter specifies the display name of a conditional access policy. + +### Example 3: Update the state for a conditional access policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$params = @{ + PolicyId = '4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8' + State = 'Enabled' +} + +Set-EntraConditionalAccessPolicy @params +``` + +This command updates a conditional access policy in Microsoft Entra ID. + +- `-PolicyId` parameter specifies the Id of conditional access policy. +- `-State` parameter specifies the enabled or disabled state of the conditional access policy. + +## Parameters + +### -PolicyId + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the enabled or disabled state of the conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Conditions + +Specifies the conditions for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessConditionSet +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GrantControls + +Specifies the controls for the conditional access policy in Microsoft Entra ID. + +```yaml +Type: ConditionalAccessGrantControls +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the policy Id of a conditional access policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SessionControls + +Enables limited experiences within specific cloud applications. + +```yaml +Type: ConditionalAccessSessionControls +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraConditionalAccessPolicy](Get-EntraConditionalAccessPolicy.md) + +[New-EntraConditionalAccessPolicy](New-EntraConditionalAccessPolicy.md) + +[Remove-EntraConditionalAccessPolicy](Remove-EntraConditionalAccessPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraFeatureRolloutPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraFeatureRolloutPolicy.md new file mode 100644 index 0000000000..597ce1e1c5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraFeatureRolloutPolicy.md @@ -0,0 +1,231 @@ +--- +title: Set-EntraFeatureRolloutPolicy +description: This article provides details on the Set-EntraFeatureRolloutPolicy command. + + +ms.topic: reference +ms.date: 07/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraFeatureRolloutPolicy +schema: 2.0.0 +--- + +# Set-EntraFeatureRolloutPolicy + +## Synopsis + +Allows an admin to modify the policy for cloud authentication roll-out in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraFeatureRolloutPolicy + [-Feature ] + [-IsEnabled ] + -Id + [-IsAppliedToOrganization ] + [-AppliesTo ] + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +An admin uses the `Set-EntraFeatureRolloutPolicy` cmdlet to modify the cloud authentication rollout policy. + +This includes specifying whether the method for cloud authentication is Pass-through Authentication or Password Hash Synchronization, and whether Seamless Single Sign-On (SSO) is enabled. + +Users in groups assigned to the policy will start authenticating using the new method and Seamless SSO, if it is specified. + +## Examples + +### Example 1: Updates the policy for cloud authentication roll-out in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + DisplayName = 'Feature-Rollout-Policytest' + IsEnabled = $false +} +Set-EntraFeatureRolloutPolicy @params +``` + +This command updates the policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` - specifies the ID of cloud authentication roll-out policy. +- `-DisplayName` - specifies the display name of the cloud authentication roll-out policy. +- `-IsEnabled` - specifies the status of cloud authentication roll-out policy. + +### Example 2: Updates the Description + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + Description = 'Feature-Rollout-test' +} +Set-EntraFeatureRolloutPolicy @params +``` + +This command updates the `-Description` of policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` Specify the ID of cloud authentication roll-out policy. +- `-Description` Specifies the description of the cloud authentication roll-out policy. + +### Example 3: Updates the IsAppliedToOrganization + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$params = @{ + Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + IsAppliedToOrganization = $false +} +Set-EntraFeatureRolloutPolicy @params +``` + +This command updates the `-IsAppliedToOrganization` parameter of policy for cloud authentication roll-out in Microsoft Entra ID. + +- `-Id` Specify the ID of cloud authentication roll-out policy. +- `-IsAppliedToOrganization` Parameter determines whether a particular feature rollout policy should be applied to the entire organization or not. + +## Parameters + +### -Id + +The unique identifier of the cloud authentication roll-out policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Feature + +Specifies a feature assigned to the cloud authentication roll-out policy. + +Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId. + +```yaml +Type: FeatureEnum +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsEnabled + +Specifies the status of cloud authentication roll-out policy. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Description + +Specifies the description of the cloud authentication roll-out policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppliesTo + +Specifies a list of Microsoft Entra ID objects that is assigned to the feature. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAppliedToOrganization + +Specifies if the cloud authentication roll-out policy applied to the entire organization. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraFeatureRolloutPolicy](New-EntraFeatureRolloutPolicy.md) + +[Get-EntraFeatureRolloutPolicy](Get-EntraFeatureRolloutPolicy.md) + +[Remove-EntraFeatureRolloutPolicy](Remove-EntraFeatureRolloutPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraIdentityProvider.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraIdentityProvider.md new file mode 100644 index 0000000000..192593921b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraIdentityProvider.md @@ -0,0 +1,195 @@ +--- +title: Set-EntraIdentityProvider +description: This article provides details on the Set-EntraIdentityProvider command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraIdentityProvider + +schema: 2.0.0 +--- + +# Set-EntraIdentityProvider + +## Synopsis + +Update the properties of an existing identity provider configured in the directory. + +## Syntax + +```powershell +Set-EntraIdentityProvider + -IdentityProviderBaseId + [-Type ] + [-ClientSecret ] + [-ClientId ] + [-Name ] + [] +``` + +## Description + +The `Set-EntraIdentityProvider` cmdlet is used to update the properties of an existing identity provider. + +The type of the identity provider can't be modified. + +## Examples + +### Example 1: Update client id of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + ClientId = 'NewClientID' +} +Set-EntraIdentityProvider @params +``` + +This example updates the client ID for the specified identity provider. + +- `-Id` parameter specifies the unique identifier of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. + +### Example 2: Update client secret of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + ClientSecret = 'NewClientSecret' +} +Set-EntraIdentityProvider @params +``` + +This example updates the client secret for the specified identity provider. + +- `-Id` parameter specifies the unique identifier of the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +### Example 3: Update display name of an identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + IdentityProviderBaseId = 'Google-OAuth' + Name = 'NewGoogleName' +} +Set-EntraIdentityProvider @params +``` + +This example updates the display name for the specified identity provider. + +- `-Id` parameter specifies the unique identifier of the identity provider. +- `-Name` parameter specifies the display name of the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentityProviderBaseId +The unique identifier for an identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraIdentityProvider](New-EntraIdentityProvider.md) + +[Remove-EntraIdentityProvider](Remove-EntraIdentityProvider.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraNamedLocationPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraNamedLocationPolicy.md new file mode 100644 index 0000000000..4d99b460dd --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraNamedLocationPolicy.md @@ -0,0 +1,258 @@ +--- +title: Set-EntraNamedLocationPolicy +description: This article provides details on the Set-EntraNamedLocationPolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraNamedLocationPolicy + +schema: 2.0.0 +--- + +# Set-EntraNamedLocationPolicy + +## Synopsis + +Updates a named location policy in Microsoft Entra ID by PolicyId. + +## Syntax + +```powershell +Set-EntraNamedLocationPolicy + -PolicyId + [-OdataType ] + [-IpRanges ] + [-IncludeUnknownCountriesAndRegions ] + [-IsTrusted ] + [-DisplayName ] + [-Id ] + [-CountriesAndRegions ] + [] +``` + +## Description + +This cmdlet allows an admin to update a named location policy in Microsoft Entra ID by PolicyId. + +Conditional access policies are custom rules that define an access scenario. + +## Examples + +### Example 1: Update an IP named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange +$ipRanges.cidrAddress = '6.5.4.3/32' +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.ipNamedLocation' + IsTrusted = $false + IncludeUnknownCountriesAndRegions = $false + IpRanges = $ipRanges +} +Set-EntraNamedLocationPolicy @params +``` + +This example shows how to update an IP named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. +- `-IsTrusted` parameter specifies the IsTrusted value for the named location policy. +- `-IpRanges` parameter specifies List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. + +### Example 2: Update a country named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.countryNamedLocation' + IncludeUnknownCountriesAndRegions = $true +} +Set-EntraNamedLocationPolicy @params +``` + +This command updates a country named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-IncludeUnknownCountriesAndRegions` parameter specifies the includeUnknownCountriesAndRegions value for the named location policy. + +### Example 3: Update display name of a named location policy in Microsoft Entra ID by PolicyId + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ConditionalAccess' +$policy = Get-EntraNamedLocationPolicy | Where-Object {"$_.DisplayName -eq 'IP named location policy'"} +$params = @{ + PolicyId = $policy.Id + OdataType = '#microsoft.graph.ipNamedLocation' + DisplayName = 'NewName' +} +Set-EntraNamedLocationPolicy @params +``` + +This command updates display name of named location policy in Microsoft Entra ID by PolicyId. + +- `-PolicyId` parameter specifies the Id of a named location policy. +- `-OdataType` parameter specifies the odata type of a named location policy. +- `-DisplayName` parameter specifies the display name of a named location policy. + +## Parameters + +### -PolicyId + +Specifies the ID of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OdataType + +Specifies the OData type of a named location policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IpRanges + +List of IP address ranges in IPv4 CIDR format (e.g., 1.2.3.4/32) or any valid IPv6 format as specified in IETF RFC596. The @odata.type of the ipRange is also required. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsTrusted + +Specifies the `IsTrusted` value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CountriesAndRegions + +Specifies the countries and regions for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.CountriesAndRegion] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeUnknownCountriesAndRegions + +Specifies the includeUnknownCountriesAndRegions value for the named location policy in Microsoft Entra ID. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the Id of a named location policy in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraNamedLocationPolicy](Get-EntraNamedLocationPolicy.md) + +[New-EntraNamedLocationPolicy](New-EntraNamedLocationPolicy.md) + +[Remove-EntraNamedLocationPolicy](Remove-EntraNamedLocationPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantConditionSet.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantConditionSet.md new file mode 100644 index 0000000000..d4424575c2 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantConditionSet.md @@ -0,0 +1,309 @@ +--- +title: Set-EntraPermissionGrantConditionSet +description: This article provides details on the Set-EntraPermissionGrantConditionSet command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraPermissionGrantConditionSet + +schema: 2.0.0 +--- + +# Set-EntraPermissionGrantConditionSet + +## Synopsis + +Update an existing Microsoft Entra ID permission grant condition set. + +## Syntax + +```powershell +Set-EntraPermissionGrantConditionSet + -ConditionSetType + -Id + -PolicyId + [-Permissions ] + [-ClientApplicationTenantIds ] + [-ClientApplicationIds ] + [-ResourceApplication ] + [-PermissionType ] + [-PermissionClassification ] + [-ClientApplicationsFromVerifiedPublisherOnly ] + [-ClientApplicationPublisherIds ] + [] +``` + +## Description + +Updates a Microsoft Entra ID permission grant condition set object identified by Id. + +## Examples + +### Example 1: Update a permission grant condition set to includes permissions that is classified as low + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' + PermissionClassification = 'low' +} + +Set-EntraPermissionGrantConditionSet @params +``` + +This command updates sets the specified permission grant set to classify as low. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. + +### Example 2: Update a permission grant condition set + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$permissionGrantPolicyId = 'policy1' +$params = @{ + PolicyId = $permissionGrantPolicyId + ConditionSetType = 'includes' + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' + PermissionType = 'delegated' + PermissionClassification = 'low' + ResourceApplication = 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + Permissions = @('All') + ClientApplicationIds = @('All') + ClientApplicationTenantIds = @('All') + ClientApplicationPublisherIds = @('All') + ClientApplicationsFromVerifiedPublisherOnly = $true +} + +Set-EntraPermissionGrantConditionSet @params +``` + +This command updates sets the specified permission grant set. + +- `-PolicyId` parameter specifies the unique identifier of a permission grant policy. +- `-ConditionSetType` parameter indicates whether the condition sets are included in the policy or excluded. +- `-Id` parameter specifies the unique identifier of a permission grant condition set object. +- `-PermissionType` parameter specifies the type of permissions (application, delegated) to scope consent operation down to. +- `-PermissionClassification` parameter specifies the specific classification (all, low, medium, high) to scope consent operation down to. +- `-ResourceApplication` parameter specifies identifier of the resource application to scope consent operation down to. It could be "Any" or a specific resource application ID. +- `-Permissions` parameter specifies the identifier of the resource application to scope consent operation down to. It could be @("All") or a list of permission IDs. +- `-ClientApplicationIds` parameter specifies the set of client application IDs to scope consent operation down to. It could be @("All") or a list of client application IDs. +- `-ClientApplicationTenantIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationPublisherIds` parameter specifies the set of client applications publisher IDs to scope consent operation down to. It could be @("All") or a list of client application publisher IDs. +- `-ClientApplicationsFromVerifiedPublisherOnly` parameter indicates whether to only includes client applications from verified publishers. + +## Parameters + +### -PolicyId + +The unique identifier of a Microsoft Entra ID permission grant policy object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ConditionSetType + +The value indicates whether the condition sets are included in the policy or excluded. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a Microsoft Entra ID permission grant condition set object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PermissionType + +Specific type of permissions (application, delegated) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PermissionClassification + +Specific classification (all, low, medium, high) to scope consent operation down to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Permissions + +The identifier of the resource application to scope consent operation down to. +It could be @("All") or a list of permission IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationIds + +The set of client application IDs to scope consent operation down to. +It could be @("All") or a list of client application IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationTenantIds + +The set of client application tenant IDs to scope consent operation down to. +It could be @("All") or a list of client application tenant IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationPublisherIds + +The set of client applications publisher IDs to scope consent operation down to. +It could be @("All") or a list of client application publisher IDs. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientApplicationsFromVerifiedPublisherOnly + +A value indicates whether to only includes client applications from verified publishers. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceApplication + +The identifier of the resource application to scope consent operation down to. +It could be "Any" or a specific resource application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraPermissionGrantConditionSet](New-EntraPermissionGrantConditionSet.md) + +[Get-EntraPermissionGrantConditionSet](Get-EntraPermissionGrantConditionSet.md) + +[Remove-EntraPermissionGrantConditionSet](Remove-EntraPermissionGrantConditionSet.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantPolicy.md new file mode 100644 index 0000000000..11ca930321 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPermissionGrantPolicy.md @@ -0,0 +1,143 @@ +--- +title: Set-EntraPermissionGrantPolicy +description: This article provides details on the Set-EntraPermissionGrantPolicy command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraPermissionGrantPolicy + +schema: 2.0.0 +--- + +# Set-EntraPermissionGrantPolicy + +## Synopsis + +Updates a permission grant policy. + +## Syntax + +```powershell +Set-EntraPermissionGrantPolicy + -Id + [-DisplayName ] + [-Description ] + [] +``` + +## Description + +The `Set-EntraPermissionGrantPolicy` command updates a Microsoft Entra ID permission grant policy. + +## Examples + +### Example 1: Update description of permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$policy = Get-EntraPermissionGrantPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +$params = @{ + Id = $policy.Id + Description = 'Updated description' +} + +Set-EntraPermissionGrantPolicy @params +``` + +This command updates the description of the specified permission grant policy. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-Description` parameter specifies the description for the permission grant policy. + +### Example 2: Update display name of permission grant policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$policy = Get-EntraPermissionGrantPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'} +$params = @{ + Id = $policy.Id + DisplayName = 'Updated DisplayName' +} + +Set-EntraPermissionGrantPolicy @params +``` + +This command updates the display name of the specified permission grant policy. + +- `-Id` parameter specifies the unique identifier of the permission grant policy. +- `-DisplayName` parameter specifies the display name for the permission grant policy. + +## Parameters + +### -Description + +Specifies the description of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the unique identifier of the permission grant policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraPermissionGrantPolicy](New-EntraPermissionGrantPolicy.md) + +[Get-EntraPermissionGrantPolicy](Get-EntraPermissionGrantPolicy.md) + +[Remove-EntraPermissionGrantPolicy](Remove-EntraPermissionGrantPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPolicy.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPolicy.md new file mode 100644 index 0000000000..99bc4b3813 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraPolicy.md @@ -0,0 +1,211 @@ +--- +title: Set-EntraPolicy +description: This article provides details on the Set-EntraPolicy command. + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraPolicy +schema: 2.0.0 +--- + +# Set-EntraPolicy + +## Synopsis + +Updates a policy. + +## Syntax + +```powershell +Set-EntraPolicy + -Id + [-Definition ] + [-DisplayName ] + [-Type ] + [-IsOrganizationDefault ] + [] +``` + +## Description + +The `Set-EntraPolicy` cmdlet sets a policy in Microsoft Entra ID. Specify `Id` parameter to updates specific policy. + +## Examples + +### Example 1: Update a policy display name + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DisplayName = 'NewUpdated' +} +Set-EntraPolicy @params +``` + +This command updates display name of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `DisplayName` specifies the display name. + +### Example 2: Update a policy definition + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') +} +Set-EntraPolicy @params +``` + +This command updates definition of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `Definition` specifies the array of stringified JSON that contains all the rules of the policy. +In this example, `@('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')` represents definition of the activityBasedTimeoutPolicy. + +### Example 3: Update a policy organization default + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + IsOrganizationDefault = $false +} +Set-EntraPolicy @params +``` + +This command updates organization default of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. + +### Example 4: Update policy type + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Type = 'ActivityBasedTimeoutPolicy' +} +Set-EntraPolicy @params +``` + +This example demonstrates how to update the `type` property of a specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-Type` specifies the type of policy. In this example, `ActivityBasedTimeoutPolicy` represents the type of policy. + +## Parameters + +### -Definition + +Specifies the array of stringified JSON that contains all the rules of the policy. +For example -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}'). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsOrganizationDefault + +True if this policy is the organizational default. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of policy. +For token lifetimes, use "TokenLifetimePolicy." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The ID of the policy for which you want to set values. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPolicy](Get-EntraPolicy.md) + +[New-EntraPolicy](New-EntraPolicy.md) + +[Remove-EntraPolicy](Remove-EntraPolicy.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Set-EntraTrustedCertificateAuthority.md b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraTrustedCertificateAuthority.md new file mode 100644 index 0000000000..58cb1c8fbc --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Set-EntraTrustedCertificateAuthority.md @@ -0,0 +1,92 @@ +--- +title: Set-EntraTrustedCertificateAuthority +description: This article provides details on the Set-EntraTrustedCertificateAuthority command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.SignIns-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraTrustedCertificateAuthority + +schema: 2.0.0 +--- + +# Set-EntraTrustedCertificateAuthority + +## Synopsis + +Updates a trusted certificate authority. + +## Syntax + +```powershell +Set-EntraTrustedCertificateAuthority + -CertificateAuthorityInformation +``` + +## Description + +The `Set-EntraTrustedCertificateAuthority` cmdlet updates a trusted certificate authority in Microsoft Entra ID. + +## Examples + +### Example 1: Updates the trusted certificate authorities that are defined in your directory + +```powershell +Connect-Entra -Scopes 'Organization.ReadWrite.All' +$cer = Get-EntraTrustedCertificateAuthority #Get the CertificateAuthorityInformation object +$cer[0].CrlDistributionPoint = "https://example.crl" +Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] +``` + +```Output +Id +-- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command updates the trusted certificate authorities that are defined in your directory. + +- `-CertificateAuthorityInformation` Parameter specifies a CertificateAuthorityInformation object. + +## Parameters + +### -CertificateAuthorityInformation + +Specifies a CertificateAuthorityInformation object. + +```yaml +Type: CertificateAuthorityInformation +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraTrustedCertificateAuthority](Get-EntraTrustedCertificateAuthority.md) + +[New-EntraTrustedCertificateAuthority](New-EntraTrustedCertificateAuthority.md) + +[Remove-EntraTrustedCertificateAuthority](Remove-EntraTrustedCertificateAuthority.md) diff --git a/module/docs/entra-powershell-v1.0/SignIns/Update-EntraOauth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/SignIns/Update-EntraOauth2PermissionGrant.md new file mode 100644 index 0000000000..3cd0135f61 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/SignIns/Update-EntraOauth2PermissionGrant.md @@ -0,0 +1,128 @@ +--- +title: Update-EntraOauth2PermissionGrant +description: This article provides details on the Update-EntraOauth2PermissionGrant command. + +ms.topic: reference +ms.date: 11/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.DirectoryManagement-help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Update-EntraOauth2PermissionGrant + +schema: 2.0.0 +--- + +# Update-EntraOauth2PermissionGrant + +## Synopsis + +Update the properties of a delegated permission grant (oAuth2PermissionGrant object). + +## Syntax + +```powershell +Update-EntraOauth2PermissionGrant + -OAuth2PermissionGrantId + [-Scope ] + [] +``` + +## Description + +The `Update-EntraOauth2PermissionGrant` cmdlet is used to update the properties of a delegated permission grant (oAuth2PermissionGrant object) by adding or removing items in the scopes list. + +To add new scopes, include both existing and new scopes in this parameter; otherwise, existing scopes will be overwritten. + +In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the required permissions. The least privileged roles that support this operation are: + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator + +## Examples + +### Example 1: Update delegated permission grant scope + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'My application'" +$permissionGrant = Get-EntraOauth2PermissionGrant | Where-Object {$_.ClientId -eq $clientServicePrincipal.Id -and $_.Scope -eq 'Directory.Read.All'} +Update-EntraOauth2PermissionGrant -OAuth2PermissionGrantId $permissionGrant.Id -Scope 'Directory.Read.All User.Read.All' +``` + +This command updates a delegated permission grant. + +- `-OAuth2PermissionGrantId` parameter specifies the Unique identifier for the oAuth2PermissionGrant. +- `-Scope` parameter is a space-separated list of claim values for delegated permissions to include in access tokens for the resource application (API), such as `openid User.Read GroupMember.Read.All`. + +### Example 2: Clear all scopes in the delegated permission grant + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$clientServicePrincipal = Get-EntraServicePrincipal -Filter "displayName eq 'My application'" +$permissionGrant = Get-EntraOauth2PermissionGrant | Where-Object {$_.ClientId -eq $clientServicePrincipal.Id -and $_.Scope -eq 'Directory.Read.All'} +Update-EntraOauth2PermissionGrant -OAuth2PermissionGrantId $permissionGrant.Id -Scope '' +``` + +This command updates a delegated permission grant. + +- `-OAuth2PermissionGrantId` parameter specifies the Unique identifier for the oAuth2PermissionGrant. + +## Parameters + +### -OAuth2PermissionGrantId + +The Unique identifier for the oAuth2PermissionGrant. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Scope + +A space-separated list of claim values for delegated permissions to include in access tokens for the resource application (API), such as `openid User.Read GroupMember.Read.All`. Each claim must match a value in the API's publishedPermissionScopes property. The total length must not exceed 3850 characters. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraOauth2PermissionGrant](Get-EntraOauth2PermissionGrant.md) + +[New-EntraOauth2PermissionGrant](New-EntraOauth2PermissionGrant.md) + +[Remove-EntraOauth2PermissionGrant](Remove-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUser.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUser.md new file mode 100644 index 0000000000..3ef0651aec --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUser.md @@ -0,0 +1,429 @@ +--- +title: Get-EntraUser +description: This article provides details on the Get-EntraUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUser + +schema: 2.0.0 +--- + +# Get-EntraUser + +## Synopsis + +Gets a user. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraUser + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraUser + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraUser + -UserId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUser` cmdlet gets a user from Microsoft Entra ID. + +## Examples + +### Example 1: Get top three users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Top 3 +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Angel Brown cccccccc-2222-3333-4444-dddddddddddd AngelB@contoso.com AngelB@contoso.com +Avery Smith dddddddd-3333-4444-5555-eeeeeeeeeeee AveryS@contoso.com AveryS@contoso.com +Sawyer Miller eeeeeeee-4444-5555-6666-ffffffffffff SawyerM@contoso.com SawyerM@contoso.com +``` + +This example demonstrates how to get top three users from Microsoft Entra ID. + +### Example 2: Get a user by ID + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -UserId 'SawyerM@contoso.com' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc sawyerm@tenant.com sawyerm@tenant.com +``` + +This command gets the specified user. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. + +### Example 3: Search among retrieved users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -SearchString 'New' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User88 bbbbbbbb-1111-2222-3333-cccccccccccc demo99@tenant.com +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This cmdlet gets all users that match the value of SearchString against the first characters in DisplayName or UserPrincipalName. + +### Example 4: Get a user by userPrincipalName + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "userPrincipalName eq 'SawyerM@contoso.com'" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller cccccccc-2222-3333-4444-dddddddddddd SawyerM@contoso.com +``` + +This command gets the specified user. + +### Example 5: Get a user by MailNickname + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "startswith(MailNickname,'Ada')" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Mark Adams bbbbbbbb-1111-2222-3333-cccccccccccc Adams@contoso.com Adams@contoso.com +``` + +In this example, we retrieve all users whose MailNickname starts with Ada. + +### Example 6: Get SignInActivity of a User + +```powershell +Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' +Get-EntraUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -Property Id, DisplayName, UserPrincipalName -ExpandProperty 'SignInActivity' +``` + +```Output +lastNonInteractiveSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInRequestId : cccccccc-2222-3333-4444-dddddddddddd +lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM +lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM +lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInDateTime : 9/7/2024 9:15:41 AM +id : aaaaaaaa-bbbb-cccc-1111-222222222222 +displayName : Sawyer Miller +userPrincipalName : SawyerM@contoso.com +``` + +This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. + +### Example 7: List users with disabled accounts + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "accountEnabled eq false" | Select-Object DisplayName, Id, Mail, UserPrincipalName +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This example demonstrates how to retrieve all users with disabled accounts. + +### Example 8: List users based in a specific country + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$usersInCanada = Get-EntraUser -Filter "Country eq 'Canada'" +$usersInCanada | Select-Object Id, DisplayName, UserPrincipalName, OfficeLocation, Country | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName OfficeLocation Country +-- ----------- ----------------- -------------- ------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com 23/2102 Canada +``` + +This example demonstrates how to retrieve all users based in Canada. + +### Example 9: List user count per department + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$departmentCounts = Get-EntraUser -All | Group-Object -Property Department | Select-Object Name, @{Name="MemberCount"; Expression={$_.Count}} +$departmentCounts | Format-Table Name, MemberCount -AutoSize +``` + +```Output +Name MemberCount +---- ----------- + 7 +Engineering 2 +Executive Management 1 +Finance 1 +HR 1 +``` + +This example demonstrates how to retrieve user count in each department. + +### Example 10: List disabled users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$disabledUsersWithLicenses = Get-EntraUser -Filter "accountEnabled eq false" -All | Where-Object { + $_.AssignedLicenses -ne $null -and $_.AssignedLicenses.Count -gt 0 +} +$disabledUsersWithLicenses | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AccountEnabled +-- ----------- ----------------- -------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com False +``` + +This example demonstrates how to retrieve disabled users with active licenses. + +### Example 11: Retrieve guest users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All +$guestUsersWithLicenses = foreach ($guest in $guestUsers) { + if ($guest.AssignedLicenses.Count -gt 0) { + [pscustomobject]@{ + Id = $guest.Id + DisplayName = $guest.DisplayName + UserPrincipalName = $guest.UserPrincipalName + AssignedLicenses = ($guest.AssignedLicenses | ForEach-Object { $_.SkuId }) -join ", " + } + } +} +$guestUsersWithLicenses | Format-Table Id, DisplayName, UserPrincipalName, AssignedLicenses -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AssignedLicenses +-- ----------- ----------------- ---------------- +cccccccc-2222-3333-4444-dddddddddddd Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com c42b9cae-ea4f-4ab7-9717-81576235ccac +``` + +This example demonstrates how to retrieve guest users with active licenses. + +### Example 12: Retrieve users without managers + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$allUsers = Get-EntraUser -All +$usersWithoutManagers = foreach ($user in $allUsers) { + $manager = Get-EntraUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue + if (-not $manager) { + [pscustomobject]@{ + Id = $user.Id + DisplayName = $user.DisplayName + UserPrincipalName = $user.UserPrincipalName + } + } +} +$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName +-- ----------- ----------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com +bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com +``` + +This example demonstrates how to retrieve users without managers. + +### Example 13: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +### Example 14: List all guest users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All +$guestUsers | Select-Object DisplayName, UserPrincipalName, Id, createdDateTime, creationType, accountEnabled, UserState | Format-Table -AutoSize +``` + +```Output +DisplayName UserPrincipalName Id CreatedDateTime CreationType AccountEnabled UserState +----------- ----------------- -- --------------- ------------ -------------- --------- +Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com bbbbbbbb-1111-2222-3333-cccccccccccc 9/13/2024 6:37:33 PM Invitation True Accepted +``` + +This example demonstrates how to retrieve list all guest users. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. +Details on querying with OData can be [found here](https://learn.microsoft.com/graph/aad-advanced-queries?tabs=powershell). + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name (UPN) or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraUser](New-EntraUser.md) + +[Remove-EntraUser](Remove-EntraUser.md) + +[Set-EntraUser](Set-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserAppRoleAssignment.md new file mode 100644 index 0000000000..7e62f6e06e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserAppRoleAssignment.md @@ -0,0 +1,184 @@ +--- +title: Get-EntraUserAppRoleAssignment +description: This article provides details on the Get-EntraUserAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraUserAppRoleAssignment + +## Synopsis + +Get a user application role assignment. + +## Syntax + +```powershell +Get-EntraUserAppRoleAssignment + -ObjectId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserAppRoleAssignment` cmdlet gets a user application role assignment. + +## Examples + +### Example 1: Get a user application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +$UserId = (Get-EntraUser -Top 1).ObjectId +Get-EntraUserAppRoleAssignment -ObjectId $UserId +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 + 0ekrQWAUYUCO7cyiA_H4iJ5kL6mN7o 22223333-cccc-4444-dddd-5555eeee6666 13-09-2023 16:41:53 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-5 + 0ekrQWAUYUCO7cyiA_J5kL6mN7oP8q 33334444-dddd-5555-eeee-6666ffff7777 13-09-2023 17:28:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-7 + +``` + +This example retrieves a user application role assignment for the user in $UserId. You can use the command `Get-EntraUser` to get Service principal Object ID. + +- `-ObjectId` parameter specifies the object ID of a user(as a UserPrincipalName or ObjectId). + +### Example 2: Get all application role assignments + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +Get-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -All +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 + 0ekrQWAUYUCO7cyiA_H4iJ5kL6mN7o 22223333-cccc-4444-dddd-5555eeee6666 13-09-2023 16:41:53 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-5 + 0ekrQWAUYUCO7cyiA_J5kL6mN7oP8q 33334444-dddd-5555-eeee-6666ffff7777 13-09-2023 17:28:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-7 +``` + +This example demonstrates how to retrieve all application role assignment for the specified user. + +- `-ObjectId` parameter specifies the object ID of a user(as a UserPrincipalName or ObjectId). + +### Example 3: Get top two application role assignments + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All','Directory.Read.All' +Get-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -Top 2 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 0ekrQWAUYUCO7cyiA_A1bC2dE3fH4i 00001111-aaaa-2222-bbbb-3333cccc4444 31-07-2023 04:29:57 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-1 + 0ekrQWAUYUCO7cyiA_C2dE3fH4iJ5k 11112222-bbbb-3333-cccc-4444dddd5555 12-07-2023 10:09:17 Avery Smith aaaaaaaa-bbbb-cccc-1111-222222222222 User Test-App-2 +``` + +This example demonstrates how to retrieve top two application role assignment for the specified user. + +- `-ObjectId` parameter specifies the object ID of a user(as a UserPrincipalName or ObjectId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[New-EntraUserAppRoleAssignment](New-EntraUserAppRoleAssignment.md) + +[Remove-EntraUserAppRoleAssignment](Remove-EntraUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserCreatedObject.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserCreatedObject.md new file mode 100644 index 0000000000..2d92933068 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserCreatedObject.md @@ -0,0 +1,175 @@ +--- +title: Get-EntraUserCreatedObject +description: This article provides details on the Get-EntraUserCreatedObject Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraUserCreatedObject + +## Synopsis + +Get objects created by the user. + +## Syntax + +```powershell +Get-EntraUserCreatedObject + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserCreatedObject` cmdlet gets objects created by a user in Microsoft Entra ID. + +## Examples + +### Example 1: Get a user-created object + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserCreatedObject -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example retrieves an object created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +### Example 2: Get all user-created objects + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserCreatedObject -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example retrieves all objects created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +### Example 3: Get a top one user-created object + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserCreatedObject -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves top one object created by the specified user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or UserId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a UserPrincipalName or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserDirectReport.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserDirectReport.md new file mode 100644 index 0000000000..50d3fb901f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserDirectReport.md @@ -0,0 +1,175 @@ +--- +title: Get-EntraUserDirectReport +description: This article provides details on the Get-EntraUserDirectReport command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserDirectReport + +schema: 2.0.0 +--- + +# Get-EntraUserDirectReport + +## Synopsis + +Get the user's direct reports. + +## Syntax + +```powershell +Get-EntraUserDirectReport + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserDirectReport` cmdlet gets the direct reports for a user in Microsoft Entra ID. Specify `UserId` parameter gets the direct reports for a user. + +## Examples + +### Example 1: Get a user's direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserDirectReport -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve direct reports for a user in Microsoft Entra ID. + +- `-UserId` Parameter specifies the ID of a user (UserPrincipalName or UserId). + +### Example 2: Get all direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserDirectReport -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to retrieve all direct reports for a user in Microsoft Entra ID. + +- `-UserId` parameter specifies the ID of a user (UserPrincipalName or UserId). + +### Example 3: Get a top two direct reports + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserDirectReport -UserId 'SawyerM@contoso.com' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example demonstrates how to retrieve top five direct reports for a user in Microsoft Entra ID. + +- `-UserId` parameter specifies the ID of a user (UserPrincipalName or UserId). + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user's UserPrincipalName or UserId in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserExtension.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserExtension.md new file mode 100644 index 0000000000..85f9fb1435 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserExtension.md @@ -0,0 +1,111 @@ +--- +title: Get-EntraUserExtension +description: This article provides details on the Get-EntraUserExtension command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserExtension + +schema: 2.0.0 +--- + +# Get-EntraUserExtension + +## Synopsis + +Gets a user extension. + +## Syntax + +```powershell +Get-EntraUserExtension + -UserId + [-Property ] + [] +``` + +## Description + +The Get-EntraUserExtension cmdlet gets a user extension in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve extension attributes for a user + +```powershell +Connect-Entra -Scopes 'User.Read' +$UserId = (Get-EntraUser -ObjectId 'SawyerM@contoso.com').ObjectId +Get-EntraUserExtension -UserId $UserId +``` + +```Output +onPremisesDistinguishedName : +@odata.context : https://graph.microsoft.com/v1.0/$metadata#users(identities,onPremisesDistinguishedName,employeeId,createdDateTime)/$entity +createdDateTime : 18/07/2024 05:13:40 +employeeId : +identities : {@{signInType=userPrincipalName; issuerAssignedId=SawyerM@contoso.com; issuer=SawyerM@contoso.com}} +userIdentities : {@{signInType=userPrincipalName; issuerAssignedId=SawyerM@contoso.com; issuer=SawyerM@contoso.com}} +``` + +This example shows how to retrieve the extension attributes for a specified user. You can use the command `Get-EntraUser` to get user object Id. + +- `-UserId` parameter specifies the user object Id. + +## Parameters + +### -UserId + +Specifies the ID of an object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[Remove-EntraUserExtension](Remove-EntraUserExtension.md) + +[Set-EntraUserExtension](Set-EntraUserExtension.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserLicenseDetail.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserLicenseDetail.md new file mode 100644 index 0000000000..9ce49dbc49 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserLicenseDetail.md @@ -0,0 +1,105 @@ +--- +title: Get-EntraUserLicenseDetail +description: This article provides details on the Get-EntraUserLicenseDetail command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserLicenseDetail + +schema: 2.0.0 +--- + +# Get-EntraUserLicenseDetail + +## Synopsis + +Retrieves license details for a user. + +## Syntax + +```powershell +Get-EntraUserLicenseDetail + -UserId + [-Property ] + [] +``` + +## Description + +This cmdlet retrieves license details for a user. + +## Examples + +### Example 1: Retrieve user license details + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserLicenseDetail -UserId 'SawyerM@contoso.com' +``` + +```Output +Id SkuId SkuPartNumber +-- ----- ------------- +X8Wu1RItQkSNL8zKldQ5DiH6ThjDmF1OlavQcFOpbmc aaaaaaaa-0b0b-1c1c-2d2d-333333333333 INFORMATION_PROTECTION_COMPLIANCE +X8Wu1RItQkSNL8zKldQ5Dk8SXrDMx6BFpqqM94yUaWg bbbbbbbb-1c1c-2d2d-3e3e-444444444444 EMSPREMIUM +X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8 cccccccc-2d2d-3e3e-4f4f-555555555555 ENTERPRISEPREMIUM +``` + +This example demonstrates how to retrieve license details for a user from Microsoft Entra ID. + +## Parameters + +### -UserId + +The object ID of the user for which the license details are retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserManager.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserManager.md new file mode 100644 index 0000000000..9c455e310f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserManager.md @@ -0,0 +1,142 @@ +--- +title: Get-EntraUserManager +description: This article provides details on the Get-EntraUserManager command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserManager + +schema: 2.0.0 +--- + +# Get-EntraUserManager + +## Synopsis + +Gets the manager of a user. + +## Syntax + +```powershell +Get-EntraUserManager + -UserId + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserManager` cmdlet gets the manager of a user in Microsoft Entra ID. Specify +`UserId` parameter to get the specific manager of user. + +## Examples + +### Example 1: Get the manager of a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserManager -UserId 'SawyerM@contoso.com' +``` + +```Output +DeletedDateTime : +Id : 00aa00aa-bb11-cc22-dd33-44ee44ee44ee +@odata.context : https://graph.microsoft.com/beta/$metadata#directoryObjects/$entity +@odata.type : #microsoft.graph.user +accountEnabled : True +businessPhones : {+1 858 555 0109} +city : San Diego +createdDateTime : 2023-07-07T14:18:05Z +country : United States +department : Sales & Marketing +displayName : Sawyer Miller +``` + +This example demonstrates how to retrieve the manager of a specific user. + +- `-UserId` Parameter specifies UserId or User Principal Name of User. + +### Example 2: Retrieve users without managers + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$allUsers = Get-EntraUser -All +$usersWithoutManagers = foreach ($user in $allUsers) { + $manager = Get-EntraUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue + if (-not $manager) { + [pscustomobject]@{ + Id = $user.Id + DisplayName = $user.DisplayName + UserPrincipalName = $user.UserPrincipalName + } + } +} +$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName +-- ----------- ----------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com +bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com +``` + +This example demonstrates how to retrieve users without managers. + +## Parameters + +### -UserId + +The unique identifier of a user in Microsoft Entra ID (User Principal Name or UserId). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraUserManager](Remove-EntraUserManager.md) + +[Set-EntraUserManager](Set-EntraUserManager.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserMembership.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserMembership.md new file mode 100644 index 0000000000..5e9d0015ce --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserMembership.md @@ -0,0 +1,218 @@ +--- +title: Get-EntraUserMembership +description: This article provides details on the Get-EntraUserMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserMembership + +schema: 2.0.0 +--- + +# Get-EntraUserMembership + +## Synopsis + +Get user memberships. + +## Syntax + +```powershell +Get-EntraUserMembership + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserMembership` cmdlet gets user memberships in Microsoft Entra ID. + +## Examples + +### Example 1: Get user memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserMembership -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +33dd33dd-ee44-ff55-aa66-77bb77bb77bb +44ee44ee-ff55-aa66-bb77-88cc88cc88cc +55ff55ff-aa66-bb77-cc88-99dd99dd99dd +``` + +This example demonstrates how to retrieve user memberships in Microsoft Entra ID. + +### Example 2: Get user memberships with additional details + +```powershell +Connect-Entra -Scopes 'User.Read' +$userMemberships = Get-EntraUserMembership -ObjectId 'SawyerM@contoso.com' +$membershipDetails = $userMemberships | ForEach-Object { + $membershipDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + odataType = $membershipDetail.'@odata.type' + displayName = $membershipDetail.displayName + Id = $membershipDetail.Id + } +} +$membershipDetails | Select-Object odataType, displayName, Id +``` + +```Output +odataType displayName Id +--------- ----------- -- +#microsoft.graph.group Contoso Group 33dd33dd-ee44-ff55-aa66-77bb77bb77bb +#microsoft.graph.group Helpdesk Group 55ff55ff-aa66-bb77-cc88-99dd99dd99dd +#microsoft.graph.directoryRole Attribute Assignment Reader 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +#microsoft.graph.directoryRole Attribute Definition Reader 11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This example demonstrates how to retrieve user memberships in Microsoft Entra ID with more lookup details. + +### Example 3: Get All memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserMembership -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +33dd33dd-ee44-ff55-aa66-77bb77bb77bb +44ee44ee-ff55-aa66-bb77-88cc88cc88cc +55ff55ff-aa66-bb77-cc88-99dd99dd99dd +``` + +This example demonstrates how to retrieve users all memberships in Microsoft Entra ID. + +### Example 4: Get top three memberships + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserMembership -UserId 'SawyerM@contoso.com' -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This example demonstrates how to retrieve users top three memberships in Microsoft Entra ID. + +### Example 5: List groups that Sawyer Miller is a member of + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$groups = Get-EntraUserMembership -ObjectId 'SawyerM@contoso.com' +$groups | Select-Object DisplayName, Id, GroupTypes, Visibility | Format-Table -AutoSize +``` + +```Output +DisplayName Id GroupTypes Visibility +----------- -- ---------- ---------- +Contoso Group bbbbbbbb-1111-2222-3333-cccccccccccc {Unified} Public +``` + +This example demonstrates how to retrieve the groups that a user is a member of. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOAuth2PermissionGrant.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOAuth2PermissionGrant.md new file mode 100644 index 0000000000..2a4d668732 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOAuth2PermissionGrant.md @@ -0,0 +1,185 @@ +--- +title: Get-EntraUserOAuth2PermissionGrant +description: This article provides details on the Get-EntraUserOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraUserOAuth2PermissionGrant + +## Synopsis + +Gets an oAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraUserOAuth2PermissionGrant + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for the specified user in Microsoft Entra ID. Specify `UserId` parameter to retrieve an oAuth2PermissionGrant object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation. + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader +- Guest Inviter + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants for a user using object ID parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using object ID parameter. + +- `-UserId` parameter specifies the user ID. + +### Example 2: Retrieve the OAuth2 permission grants for a user using All parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using All parameter. + +- `-ObjectId` parameter specifies the user ID. + +### Example 3: Retrieve top one OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -ObjectId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +``` + +This Example Retrieve top one the OAuth2 permission grant in Microsoft Entra ID. + +- `-UserId` parameter specifies the user ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedDevice.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedDevice.md new file mode 100644 index 0000000000..e5171a2b2a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedDevice.md @@ -0,0 +1,166 @@ +--- +title: Get-EntraUserOwnedDevice +description: This article provides details on the Get-EntraUserOwnedDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserOwnedDevice + +schema: 2.0.0 +--- + +# Get-EntraUserOwnedDevice + +## Synopsis + +Get registered devices owned by a user. + +## Syntax + +```powershell +Get-EntraUserOwnedDevice + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserOwnedDevice` cmdlet gets registered devices owned by the specified user in Microsoft Entra ID. + +## Examples + +### Example 1: Get devices owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserOwnedDevice -UserId 'SawyerM@contoso.com' +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +cccccccc-2222-3333-4444-dddddddddddd bbbb1111-cc22-3333-44dd-555555eeeeee Device2 +``` + +This command gets the registered devices owned by the specified user. + +### Example 2: Get all devices owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserOwnedDevice -UserId 'SawyerM@contoso.com' -All +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +cccccccc-2222-3333-4444-dddddddddddd bbbb1111-cc22-3333-44dd-555555eeeeee Device2 +``` + +This command gets all the registered devices owned by the specified user. + +### Example 3: Get top one device owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserOwnedDevice -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +ObjectId DeviceId DisplayName +-------- -------- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc aaaa0000-bb11-2222-33cc-444444dddddd Device1 +``` + +This command gets top one registered device owned by the specified user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedObject.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedObject.md new file mode 100644 index 0000000000..f98a830d77 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserOwnedObject.md @@ -0,0 +1,208 @@ +--- +title: Get-EntraUserOwnedObject +description: This article provides details on the Get-EntraUserOwnedObject command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraUserOwnedObject + +## Synopsis + +Get objects owned by a user. + +## Syntax + +```powershell +Get-EntraUserOwnedObject + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserOwnedObject` cmdlet gets objects owned by a user in Microsoft Entra ID. Specify `UserId` parameter to get objects owned by user. + +## Examples + +### Example 1: Get objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserOwnedObject -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +hhhhhhhh-5555-6666-7777-iiiiiiiiiiii +``` + +This example retrieves objects owned by the specified user. + +- `-UserId` Parameter specifies the ID of a user as a UserPrincipalName or UserId. + +### Example 2: Get objects owned by a user with additional details + +```powershell +Connect-Entra -Scopes 'User.Read' +$ownedObjects = Get-EntraUserOwnedObject -ObjectId 'SawyerM@contoso.com' + +$objectDetails = $ownedObjects | ForEach-Object { + $objectDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + odataType = $objectDetail.'@odata.type' + displayName = $objectDetail.displayName + Id = $objectDetail.Id + } +} +$objectDetails | Format-Table -Property odataType, displayName, Id -AutoSize +``` + +```Output +odataType displayName Id +--------- ----------- -- +#microsoft.graph.group Contoso FTE Group bbbbbbbb-1111-2222-3333-cccccccccccc +#microsoft.graph.group Digital Engineering Group aaaaaaaa-1111-1111-1111-000000000000 +``` + +This example retrieves objects owned by the specified user with more lookup details. + +### Example 3: Get all objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserOwnedObject -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +ffffffff-4444-5555-6666-gggggggggggg +hhhhhhhh-5555-6666-7777-iiiiiiiiiiii +``` + +This example retrieves all the objects owned by the specified user. + +- `-UserId` parameter specifies the ID of a user as a UserPrincipalName or UserId. + +### Example 4: Get top three objects owned by a user + +```powershell +Connect-Entra -Scopes 'User.Read' +Get-EntraUserOwnedObject -UserId 'SawyerM@contoso.com' -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves the top three objects owned by the specified user. + +- `-UserId` parameter specifies the ID of a user as a UserPrincipalName or UserId. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserRegisteredDevice.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserRegisteredDevice.md new file mode 100644 index 0000000000..d6132b6d0c --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserRegisteredDevice.md @@ -0,0 +1,165 @@ +--- +title: Get-EntraUserRegisteredDevice +description: This article provides details on the Get-EntraUserRegisteredDevice command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserRegisteredDevice + +schema: 2.0.0 +--- + +# Get-EntraUserRegisteredDevice + +## Synopsis + +Get devices registered by a user. + +## Syntax + +```powershell +Get-EntraUserRegisteredDevice + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserRegisteredDevice` cmdlet gets devices registered by a user in Microsoft Entra ID. + +## Examples + +### Example 1: Get registered devices + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserRegisteredDevice -UserId 'SawyerM@contoso.com' +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This command gets the devices that are registered to the specified user. + +### Example 2: Get all registered devices + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserRegisteredDevice -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This command gets all the devices that are registered to the specified user. + +### Example 3: Get one registered device + +```Powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUserRegisteredDevice -UserId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +``` + +This command gets the top one device that are registered to the specified user. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a User Principal Name or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Get-EntraUserThumbnailPhoto.md b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserThumbnailPhoto.md new file mode 100644 index 0000000000..833ca92d90 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Get-EntraUserThumbnailPhoto.md @@ -0,0 +1,109 @@ +--- +title: Get-EntraUserThumbnailPhoto +description: This article provides details on the Get-EntraUserThumbnailPhoto command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraUserThumbnailPhoto + +schema: 2.0.0 +--- + +# Get-EntraUserThumbnailPhoto + +## Synopsis + +Retrieve the thumbnail photo of a user. + +## Syntax + +```powershell +Get-EntraUserThumbnailPhoto + -UserId + [-Property ] + [] +``` + +## Description + +Retrieve the thumbnail photo of a user. + +## Examples + +### Example 1: Retrieve thumbnail photo by Id + +```powershell +Connect-Entra -Scopes 'User.Read','User.Read.All' +Get-EntraUserThumbnailPhoto -UserId 'SawyerM@contoso.com' +``` + +```Output +Id Height Width +-- ------ ----- +default 292 278 +``` + +This example shows how to retrieve the thumbnail photo of a user that is specified through the value of the UserId parameter. + +- `-UserId` parameter specifies the user for which the thumbnail photo is retrieved. + +## Parameters + +### -UserId + +The object ID of the user for which the thumbnail photo is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraUserThumbnailPhoto](Set-EntraUserThumbnailPhoto.md) diff --git a/module/docs/entra-powershell-v1.0/Users/New-EntraUser.md b/module/docs/entra-powershell-v1.0/Users/New-EntraUser.md new file mode 100644 index 0000000000..e5cd4e629a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/New-EntraUser.md @@ -0,0 +1,816 @@ +--- +title: New-EntraUser +description: This article provides details on the New-EntraUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraUser + +schema: 2.0.0 +--- + +# New-EntraUser + +## Synopsis + +Creates a Microsoft Entra ID user. + +## Syntax + +```powershell +New-EntraUser + -DisplayName + -AccountEnabled + -PasswordProfile + [-City ] + [-UserStateChangedOn ] + [-CompanyName ] + [-PreferredLanguage ] + [-FacsimileTelephoneNumber ] + [-GivenName ] + [-Mobile ] + [-UsageLocation ] + [-PostalCode ] + [-AgeGroup ] + [-CreationType ] + [-ExtensionProperty ] + [-ConsentProvidedForMinor ] + [-MailNickName ] + [-ImmutableId ] + [-Country ] + [-SignInNames ] + [-Department ] + [-PasswordPolicies ] + [-JobTitle ] + [-IsCompromised ] + [-UserState ] + [-UserType ] + [-OtherMails ] + [-PhysicalDeliveryOfficeName ] + [-UserPrincipalName ] + [-State ] + [-StreetAddress ] + [-TelephoneNumber ] + [-Surname ] + [-ShowInAddressList ] + [] +``` + +## Description + +The `New-EntraUser` cmdlet creates a user in Microsoft Entra ID. Specify the `DisplayName`,`AccountEnabled`, and `PasswordProfile` parameter to create a user. + +## Examples + +### Example 1: Create a user using MailNickName parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$userParams = @{ + DisplayName = 'Avery Iona' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'AveryI@contoso.com' + AccountEnabled = $true + MailNickName = 'averyi' +} + +New-EntraUser @userParams +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Avery Iona AveryI@contoso.com Member +``` + +This command creates a new user. + +### Example 2: Create a user using AgeGroup parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' + +$userParams = @{ + DisplayName = 'Peyton Davis' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'PeytonD@contoso.com' + AccountEnabled = $true + MailNickName = 'PeytonD' + AgeGroup = 'adult' +} + +New-EntraUser @userParams +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +bbbbbbbb-1111-2222-3333-cccccccccccc Peyton Davis PeytonD@contoso.com Member +``` + +This command creates a new user. + +### Example 3: Create a user using City parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' + +$userParams = @{ + DisplayName = 'Blake Martin' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'BlakeM@contoso.com' + AccountEnabled = $true + MailNickName = 'BlakeM' + City = 'New York' +} + +New-EntraUser @userParams +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +cccccccc-2222-3333-4444-dddddddddddd Blake Martin BlakeM@contoso.com Member +``` + +This command creates a new user. + +### Example 4: Create a user using Department parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' +$userParams = @{ + DisplayName = 'Parker Jones' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'ParkerJ@contoso.com' + AccountEnabled = $true + MailNickName = 'ParkerJ' + Department = 'IT' +} + +New-EntraUser @userParams +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +dddddddd-3333-4444-5555-eeeeeeeeeeee Parker Jones ParkerJ@contoso.com Member +``` + +This command creates a new user. + +### Example 5: Create a user using Mobile parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile +$PasswordProfile.Password = '' + +$UserParams = @{ + DisplayName = 'Sawyer Miller' + PasswordProfile = $PasswordProfile + UserPrincipalName = 'SawyerM@contoso.com' + AccountEnabled = $true + MailNickName = 'SawyerM' + Mobile = '+18989898989' +} + +New-EntraUser @UserParams +``` + +```Output +ObjectId DisplayName UserPrincipalName UserType +-------- ----------- ----------------- -------- +eeeeeeee-4444-5555-6666-ffffffffffff Sawyer Miller SawyerM@contoso.com Member +``` + +This command creates a new user. + +## Parameters + +### -AccountEnabled + +Indicates whether the user's account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -City + +Specifies the user's city. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Country + +Specifies the user's country. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreationType + +Indicates whether the user account is a local account for a Microsoft Entra ID B2C tenant. +Possible values are "LocalAccount" and null. + +- When user creating a local account, the property is required and you must set it to "LocalAccount". +- When user creating a work or school account, don't specify the property or set it to null. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Department + +Specifies the user's department. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the user's display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExtensionProperty + +Add data to custom user properties as the basic **open extensions** or the more versatile **schema extensions**. + +```yaml +Type: System.Collections.Generic.Dictionary`2[System.String,System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GivenName + +Specifies the user's given name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ImmutableId + +This property is used to associate an on-premises user account to their Microsoft Entra ID user object. +This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. + +Important: The $ and _ characters can't be used when specifying this property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsCompromised + +Indicates whether this user is compromised. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -JobTitle + +Specifies the user's job title. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickName + +Specifies the user's mail nickname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Mobile + +Specifies the user's mobile phone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OtherMails + +A list of other email addresses for the user; for example: "", "". + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordPolicies + +Specifies password policies for the user. +This value is an enumeration with one possible value being "DisableStrongPassword", which allows weaker passwords than the default policy to be specified. +"DisablePasswordExpiration" can also be specified. +The two might be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordProfile + +Specifies the user's password profile. + +The parameter type for this parameter is "PasswordProfile". + +In order to pass a parameter of this type, you first need to create a variable in PowerShell with that type: + +$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + +Then you can proceed to set the value of the password in this variable: + +$PasswordProfile.Password = "\" + +And finally you can pass this variable to the cmdlet: + +New-EntraUser -PasswordProfile $PasswordProfile ... + +Other attributes that can be set in the PasswordProfile are + +- $PasswordProfile.EnforceChangePasswordPolicy - a boolean indicating that the change password policy is enababled or disabled for this user $PasswordProfile. + +- ForceChangePasswordNextLogin - a boolean indicating that the user must change the password at the next sign in. + +```yaml +Type: PasswordProfile +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PhysicalDeliveryOfficeName + +Specifies the user's physical delivery office name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PostalCode + +Specifies the user's postal code. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredLanguage + +Specifies the user's preferred language. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ShowInAddressList + +If True, show this user in the address list. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInNames + +Specifies the collection of sign-in names for a local account in a Microsoft Entra ID B2C tenant. + +Each sign-in name must be unique across the company/tenant. + +The property must be specified when you create a local account user; don't specify it when you create a work or school account. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the user's state. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StreetAddress + +Specifies the user's street address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Surname + +Specifies the user's surname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TelephoneNumber + +Specifies a telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsageLocation + +A two letter country code (ISO standard 3166). + +Required for users that are assigned licenses due to legal requirement to check for availability of services in countries. + +Examples include: "US", "JP", and "GB". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserPrincipalName + +The user principal name (UPN) of the user. + +The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. + +By convention, this UPN should map to the user's email name. + +The general format is "alias@domain". + +For work or school accounts, the domain must be present in the tenant's collection of verified domains. + +This property is required when a work or school account is created; it's optional for local accounts. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserType + +A string value that can be used to classify user types in your directory, such as "Member" and "Guest". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -FacsimileTelephoneNumber + +Specifies the user's telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AgeGroup + +Specifies the user's age group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CompanyName + +Specifies the user's company name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentProvidedForMinor + +Sets whether consent was obtained for minors. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserState + +For an external user invited to the tenant using the invitation API, this property represents the invited user's +invitation status. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserStateChangedOn + +Shows the timestamp for the latest change to the userState property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[Remove-EntraUser](Remove-EntraUser.md) + +[Set-EntraUser](Set-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/New-EntraUserAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Users/New-EntraUserAppRoleAssignment.md new file mode 100644 index 0000000000..5da43e1eff --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/New-EntraUserAppRoleAssignment.md @@ -0,0 +1,209 @@ +--- +title: New-EntraUserAppRoleAssignment +description: This article provides details on the New-EntraUserAppRoleAssignment command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraUserAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraUserAppRoleAssignment + +## Synopsis + +Assigns a user to an application role. + +## Syntax + +```powershell +New-EntraUserAppRoleAssignment + -ObjectId + -PrincipalId + -Id + -ResourceId + [] +``` + +## Description + +The `New-EntraUserAppRoleAssignment` cmdlet assigns a user to an application role in Microsoft Entra ID. + +To grant an app role assignment to a user, you need three identifiers: + +- PrincipalId: The Id of the user to whom you are assigning the app role. + +- ResourceId: The Id of the resource servicePrincipal that has defined the app role. + +- Id: The Id of the appRole (defined on the resource service principal) to assign to the user. + +## Examples + +### Example 1: Assign a user to an application without roles + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$appId = (Get-EntraApplication -SearchString '').AppId +$user = Get-EntraUser -SearchString '' +$servicePrincipal = Get-EntraServicePrincipal -Filter "appId eq '$appId'" + +$params = @{ + ObjectId = $user.ObjectId + PrincipalId = $user.ObjectId + ResourceId = $servicePrincipal.ObjectId + Id = [Guid]::Empty +} + +New-EntraUserAppRoleAssignment @params +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- - + A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 18-06-2024 11:22:40 UserPrincipalName aaaaaaaa-bbbb-cccc-1111-222222222222 User App-DisplayName +``` + +This command assigns a user to an application that doesn't have any roles. +You can use the command `Get-EntraUser` to get user object Id. +You can use the command `Get-EntraApplication` to get application Id. +You can use the command `Get-EntraServicePrincipal` to get service principal object Id. + +- `-ObjectId` parameter specifies the Id of a user to whom you are assigning the app role. +- `-PrincipalId` parameter specifies the Id of a user to whom you are assigning the app role. +- `-ResourceId` parameter specifies the Id of a resource servicePrincipal that has defined the app role. +- `-Id` parameter specifies the Id of a appRole (defined on the resource service principal) to assign to the user. + +### Example 2: Assign a user to a specific role within an application + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$userName = 'SawyerM@contoso.com' +$appName = 'Box' +$spo = Get-EntraServicePrincipal -Filter "DisplayName eq '$appName'" +$user = Get-EntraUser -Filter "userPrincipalName eq '$userName'" + +$params = @{ + ObjectId = $user.ObjectId + PrincipalId = $user.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.AppRoles[1].Id +} + +New-EntraUserAppRoleAssignment @params +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00aa00aa-bb11-cc22-dd33-44ee44ee44ee 06/18/2024 09:47:00 Sawyer Miller 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 User Box +``` + +This example demonstrates how to assign a user to an application role in Microsoft Entra ID. +You can use the command `Get-EntraUser` to get user object Id. +You can use the command `Get-EntraServicePrincipal` to get service principal object Id. + +- `-ObjectId` parameter specifies the Id of a user to whom you are assigning the app role. +- `-PrincipalId` parameter specifies the Id of a user to whom you are assigning the app role. +- `-ResourceId` parameter specifies the Id of a resource servicePrincipal that has defined the app role. +- `-Id` parameter specifies the Id of a appRole (defined on the resource service principal) to assign to the user. + +## Parameters + +### -Id + +The ID of the app role to assign. + +If application doesn't have any roles while creating new app role assignment then provide an empty guid, or the Id of the role to assign to the user. + +You can retrieve the application's roles by examining the application object's AppRoles property: + +`Get-EntraApplication -SearchString 'Your-Application-DisplayName' | select Approles | Format-List` + +This cmdlet returns the list of roles that are defined in an application: + +AppRoles: {GUID1, GUID2} + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of the user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID to which the new app role is to be assigned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +The object ID of the principal to which the new app role is assigned. + +When assigning a new role to a user, provide the object ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The object ID of the Service Principal for the application to which the user role is assigned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUserAppRoleAssignment](Get-EntraUserAppRoleAssignment.md) + +[Remove-EntraUserAppRoleAssignment](Remove-EntraUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Remove-EntraUser.md b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUser.md new file mode 100644 index 0000000000..184b9b2190 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUser.md @@ -0,0 +1,88 @@ +--- +title: Remove-EntraUser +description: This article provides details on the Remove-EntraUser command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraUser + +schema: 2.0.0 +--- + +# Remove-EntraUser + +## Synopsis + +Removes a user. + +## Syntax + +```powershell +Remove-EntraUser + -UserId + [] +``` + +## Description + +The `Remove-EntraUser` cmdlet removes a user in Microsoft Entra ID. Specify the `UserId` parameter to remove the specified user in Microsoft Entra ID. + +The calling user must be assigned at least one of the following Microsoft Entra roles: + +- User Administrator + +- Privileged Authentication Administrator + +## Examples + +### Example 1: Remove a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +Remove-EntraUser -UserId 'SawyerM@Contoso.com' +``` + +This command removes the specified user in Microsoft Entra ID. + +## Parameters + +### -UserId + +Specifies the ID of a user (as a UPN or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[New-EntraUser](New-EntraUser.md) + +[Set-EntraUser](Set-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserAppRoleAssignment.md b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserAppRoleAssignment.md new file mode 100644 index 0000000000..0b3e5e66e8 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserAppRoleAssignment.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraUserAppRoleAssignment +description: This article provides details on the Remove-EntraUserAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraUserAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraUserAppRoleAssignment + +## Synopsis + +Removes a user application role assignment. + +## Syntax + +```powershell +Remove-EntraUserAppRoleAssignment + -AppRoleAssignmentId + -ObjectId + [] +``` + +## Description + +The `Remove-EntraUserAppRoleAssignment` cmdlet removes a user application role assignment in Microsoft Entra ID. + +## Examples + +### Example 1: Remove user app role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$RemoveAppRoleParams = @{ + ObjectId = 'SawyerM@Contoso.com' + AppRoleAssignmentId = 'C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w' +} +Remove-EntraUserAppRoleAssignment @RemoveAppRoleParams +``` + +This example demonstrates how to Remove the user app role assignment in Microsoft Entra ID. + +- `-ObjectId` parameter specifies the user ID. +- `-AppRoleAssignmentId` parameter specifies the application role assignment ID. + +Use the `Get-EntraUserAppRoleAssignment` cmdlet to get `AppRoleAssignmentId` details. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of an application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID (as a UserPrincipleName or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUserAppRoleAssignment](Get-EntraUserAppRoleAssignment.md) + +[New-EntraUserAppRoleAssignment](New-EntraUserAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserExtension.md b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserExtension.md new file mode 100644 index 0000000000..2a6094c3d8 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserExtension.md @@ -0,0 +1,130 @@ +--- +title: Remove-EntraUserExtension +description: This article provides details on the Remove-EntraUserExtension command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraUserExtension + +schema: 2.0.0 +--- + +# Remove-EntraUserExtension + +## Synopsis + +Removes a user extension. + +## Syntax + +### SetMultiple + +```powershell +Remove-EntraUserExtension + -ObjectId + -ExtensionNames + [] +``` + +### SetSingle + +```powershell +Remove-EntraUserExtension + -ObjectId + -ExtensionName + [] +``` + +## Description + +The `Remove-EntraUserExtension` cmdlet removes a user extension from Microsoft Entra ID. Specify `ObjectId` and `ExtensionNames` parameters to remove a user extension. + +## Examples + +### Example 1: Remove the user extension + +```powershell +$Params = @{ + ObjectId = 'SawyerM@Contoso.com' + ExtensionName = 'Test Extension' +} +Remove-EntraUserExtension @Params +``` + +This example demonstrates how to remove a user extension from Microsoft Entra ID. + +- `ObjectId` parameter specifies the user Object ID. +- `ExtensionName` parameter specifies the user ExtentionName. + +## Parameters + +### -ExtensionName + +Specifies the name of an extension. + +```yaml +Type: System.String +Parameter Sets: SetSingle +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ExtensionNames + +Specifies an array of extension names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: SetMultiple +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies an object ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUserExtension](Get-EntraUserExtension.md) + +[Set-EntraUserExtension](Set-EntraUserExtension.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserManager.md b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserManager.md new file mode 100644 index 0000000000..347433531b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Remove-EntraUserManager.md @@ -0,0 +1,82 @@ +--- +title: Remove-EntraUserManager +description: This article provides details on the Remove-EntraUserManager command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraUserManager + +schema: 2.0.0 +--- + +# Remove-EntraUserManager + +## Synopsis + +Removes a user's manager. + +## Syntax + +```powershell +Remove-EntraUserManager + -UserId +``` + +## Description + +The `Remove-EntraUserManager` cmdlet removes a user's manager in Microsoft Entra ID. Specify the `UserId` parameter to remove the manager for a user in Microsoft Entra ID. + +## Examples + +### Example 1: Remove the manager of a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$User = Get-EntraUser -UserId 'SawyerM@Contoso.com' +Remove-EntraUserManager -UserId $User.ObjectId +``` + +This example shows how to remove a user's manager. + +You can use `Get-EntraUser` command to get the user's details. + +## Parameters + +### -UserId + +Specifies the ID of a user (as a User Principle Name or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraUserManager](Get-EntraUserManager.md) + +[Set-EntraUserManager](Set-EntraUserManager.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUser.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUser.md new file mode 100644 index 0000000000..179df5950b --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUser.md @@ -0,0 +1,677 @@ +--- +title: Set-EntraUser +description: This article provides details on the Set-EntraUser command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUser + +schema: 2.0.0 +--- + +# Set-EntraUser + +## Synopsis + +Updates a user. + +## Syntax + +```powershell +Set-EntraUser + -UserId + [-PostalCode ] + [-CompanyName ] + [-GivenName ] + [-Mobile ] + [-PreferredLanguage ] + [-CreationType ] + [-UsageLocation ] + [-UserType ] + [-AgeGroup ] + [-MailNickName ] + [-ExtensionProperty ] + [-ConsentProvidedForMinor ] + [-ImmutableId ] + [-Country ] + [-SignInNames ] + [-Department ] + [-StreetAddress ] + [-PasswordPolicies ] + [-JobTitle ] + [-City ] + [-OtherMails ] + [-UserPrincipalName ] + [-DisplayName ] + [-AccountEnabled ] + [-PasswordProfile ] + [-State ] + [-TelephoneNumber ] + [-Surname ] + [-ShowInAddressList ] + [] +``` + +## Description + +The `Set-EntraUser` cmdlet updates a user in Microsoft Entra ID. Specify the `UserId` parameter to update a user in Microsoft Entra ID. + +## Examples + +### Example 1: Update a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$params = @{ + UserId = $user.Id + DisplayName = 'Updated user Name' +} +Set-EntraUser @params +``` + +This example updates the specified user's Display name parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. + +### Example 2: Set the specified user's AccountEnabled parameter + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + AccountEnabled = $true +} +Set-EntraUser @params +``` + +This example updates the specified user's AccountEnabled parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-AccountEnabled` Specifies whether the account is enabled. + +### Example 3: Set all but specified users as minors with parental consent + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +Get-EntraUser -All | Where-Object -FilterScript { $_.DisplayName -notmatch '(George|James|Education)' } | +ForEach-Object { Set-EntraUser -UserId $($_.ObjectId) -AgeGroup 'minor' -ConsentProvidedForMinor 'granted' } +``` + +This example updates the specified user's as minors with parental consent. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-ConsentProvidedForMinor` Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired. + +### Example 4: Set the specified user's property + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All','Directory.AccessAsUser.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + City = 'Add city name' + CompanyName = 'Microsoft' + Country = 'Add country name' + Department = 'Add department name' + GivenName = 'Mircosoft' + ImmutableId = '#1' + JobTitle = 'Manager' + MailNickName = 'Add mailnickname' + Mobile = '9984534564' + OtherMails = 'test12@M365x99297270.OnMicrosoft.com' + PasswordPolicies = 'DisableStrongPassword' + State = 'UP' + StreetAddress = 'Add address' + UserType = 'Member' +} +Set-EntraUser @params +``` + +This example updates the specified user's property. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-UserType` classify user types in your directory, such as "Member" and "Guest." +- `-PasswordPolicies` Specifies password policies for the user. +- `-OtherMails` Specifies other email addresses for the user + +### Example 5: Set the specified user's PasswordProfile parameter + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$params= @{ +UserId = 'SawyerM@contoso.com' +PasswordProfile = @{ + Password= '*****' + ForceChangePasswordNextLogin = $true + EnforceChangePasswordPolicy = $false + } +} +Set-EntraUser @params +``` + +This example updates the specified user's PasswordProfile parameter. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-PasswordProfile` specifies the user's password profile. + +### Example 6: Set user's usage location for license assignment + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +Set-EntraUser -UserId 'SawyerM@contoso.com' -UsageLocation 'US' +``` + +This example updates the specified user's Usage Location for license management. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. +- `-UsageLocation` specifies the user's usage location. Two-letter ISO 3166 country code. Required for licensed users to check service availability. Examples: US, JP, GB. Not nullable. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -City + +Specifies the user's city. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Country + +Specifies the user's country. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CreationType + +Indicates whether the user account is a local account for a Microsoft Entra ID B2C tenant. +Possible values are "LocalAccount" and null. +When creating a local account, the property is required and you must set it to "LocalAccount". +When creating a work or school account, don't specify the property or set it to null. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Department + +Specifies the user's department. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the user's display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExtensionProperty + +Add data to custom user properties as the basic open extensions or the more versatile schema extensions. + +```yaml +Type: System.Collections.Generic.Dictionary`2[System.String,System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GivenName + +Specifies the user's given name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ImmutableId + +This property links an on-premises Active Directory user account to its Microsoft Entra ID user object. You must specify this property when creating a new user account in Graph if the user's userPrincipalName uses a federated domain. + +Important: Do not use the $ and _ characters when specifying this property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -JobTitle + +Specifies the user's job title. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickName + +Specifies a nickname for the user's mail address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Mobile + +Specifies the user's mobile phone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId +Specifies the ID of a user (as a UPN or UserId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OtherMails + +Specifies other email addresses for the user. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordPolicies + +Specifies password policies for the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordProfile + +Specifies the user's password profile. + +```yaml +Type: PasswordProfile +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PostalCode + +Specifies the user's postal code. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredLanguage + +Specifies the user's preferred language. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ShowInAddressList + +Set to True to show this user in the address list. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInNames + +The list of sign in names for this user + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -State + +Specifies the user's state. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StreetAddress + +Specifies the user's street address. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Surname + +Specifies the user's surname. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TelephoneNumber + +Specifies the user's telephone number. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UsageLocation + +A two letter country or region code (ISO standard 3166). Required for users that assigned licenses due to legal requirement to check for availability of services in country and regions. Examples include: "US," "JP," and "GB." Not nullable. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserPrincipalName + +Specifies the user's user principal name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserType + +A string value that can be used to classify user types in your directory, such as "Member" and "Guest." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AgeGroup + +Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, minor, notAdult, and adult. See, [legal-age-group](https://learn.microsoft.com/graph/api/resources/user#legal-age-group-property-definitions). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CompanyName + +The company name, which the user is associated. This property can be useful for describing the company that an external user comes from. The maximum length of the company name is 64 characters. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentProvidedForMinor + +Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraUser](Get-EntraUser.md) + +[New-EntraUser](New-EntraUser.md) + +[Remove-EntraUser](Remove-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUserExtension.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserExtension.md new file mode 100644 index 0000000000..aa866937a5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserExtension.md @@ -0,0 +1,91 @@ +--- +title: Set-EntraUserExtension +description: This article provides details on the Set-EntraUserExtension command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUserExtension + +schema: 2.0.0 +--- + +# Set-EntraUserExtension + +## Synopsis + +Sets a user extension. + +## Syntax + +```powershell +Set-EntraUserExtension + -UserId + [] +``` + +## Description + +The `Set-EntraUserExtension` cmdlet updates a user extension in Microsoft Entra ID. + +## Examples + +### Example 1: Set the value of an extension attribute for a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + ExtensionName = 'extension_e5e29b8a85d941eab8d12162bd004528_extensionAttribute8' + ExtensionValue = 'New Value' +} +Set-EntraUserExtension @params +``` + +This example shows how to update the value of the extension attribute for a specified user. + +- `-UserId` parameter specifies the user Id. +- `-ExtensionName` parameter specifies the name of an extension. +- `-ExtensionValue` parameter specifies the extension name values. + +## Parameters + +### -UserId + +Specifies the ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[Get-EntraUserExtension](Get-EntraUserExtension.md) + +[Remove-EntraUserExtension](Remove-EntraUserExtension.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUserLicense.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserLicense.md new file mode 100644 index 0000000000..a603cf8dd3 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserLicense.md @@ -0,0 +1,209 @@ +--- +title: Set-EntraUserLicense +description: This article provides details on the Set-EntraUserLicense command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUserLicense + +schema: 2.0.0 +--- + +# Set-EntraUserLicense + +## Synopsis + +Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. + +## Syntax + +```powershell +Set-EntraUserLicense + -UserId + -AssignedLicenses + [] +``` + +## Description + +The `Set-EntraUserLicense` adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Writers +- License Administrator +- User Administrator + +**Note**: Before assigning a license, assign a usage location to the user using: +`Set-EntraUser -ObjectId user@contoso.com -UsageLocation ''`. + +## Examples + +### Example 1: Add a license to a user based on a template user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$LicensedUser = Get-EntraUser -ObjectId 'TemplateUser@contoso.com' +$License = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License.SkuId = $LicensedUser.AssignedLicenses.SkuId +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.AddLicenses = $License +$Params = @{ + UserId = 'SawyerM@contoso.com' + AssignedLicenses = $Licenses +} +Set-EntraUserLicense @Params +``` + +```Output +Name Value +---- ----- +externalUserStateChangeDateTi… +businessPhones {8976546787} +postalCode 444601 +createdDateTime 06-11-2023 04:48:19 +surname KTETSs +jobTitle Manager +employeeType +otherMails {SawyerM@contoso.com} +isResourceAccount +usageLocation DE +legalAgeGroupClassification Adult +id cccccccc-2222-3333-4444-dddddddddddd +isLicenseReconciliationNeeded False +``` + +This example demonstrates how to assign a license to a user based on a template user. + +- `-UserId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +### Example 2: Add a license to a user by copying license from another user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$LicensedUser = Get-EntraUser -ObjectId 'AdeleV@contoso.com' +$User = Get-EntraUser -ObjectId 'SawyerM@contoso.com' +$License1 = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License1.SkuId = $LicensedUser.AssignedLicenses.SkuId[0] +$License2 = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense +$License2.SkuId = $LicensedUser.AssignedLicenses.SkuId[1] +$addLicensesArray = @() +$addLicensesArray += $License1 +$addLicensesArray += $License2 +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.AddLicenses = $addLicensesArray +Set-EntraUserLicense -UserId $User.ObjectId -AssignedLicenses $Licenses +``` + +```Output +Name Value +---- ----- +externalUserStateChangeDateTi… +businessPhones {8976546787} +postalCode 444601 +createdDateTime 06-11-2023 04:48:19 +surname KTETSs +jobTitle Manager +employeeType +otherMails {SawyerM@contoso.com} +isResourceAccount +usageLocation DE +legalAgeGroupClassification Adult +id cccccccc-2222-3333-4444-dddddddddddd +isLicenseReconciliationNeeded False +``` + +This example demonstrates how to assign a license to a user by copying license from another user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +### Example 3: Remove an assigned User's License + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$UserPrincipalName = 'SawyerM@contoso.com' +$User = Get-EntraUser -ObjectId $UserPrincipalName +$SkuId = (Get-EntraUserLicenseDetail -ObjectId $UserPrincipalName).SkuId +$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses +$Licenses.RemoveLicenses = $SkuId +Set-EntraUserLicense -UserId $User.ObjectId -AssignedLicenses $Licenses +``` + +```Output +Name Value +---- ----- +displayName SawyerM +id cccccccc-2222-3333-4444-dddddddddddd +jobTitle +surname M +mail +userPrincipalName SawyerM@contoso.com +mobilePhone +preferredLanguage +@odata.context https://graph.microsoft.com/v1.0/$metadata#users/$entity +businessPhones {} +officeLocation +givenName Sawyer +``` + +This example demonstrates how to remove a user's license by retrieving the user details. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-AssignedLicenses` parameter specifies a list of licenses to assign or remove. + +## Parameters + +### -AssignedLicenses + +Specifies a list of licenses to assign or remove. + +```yaml +Type: AssignedLicenses +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUserManager.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserManager.md new file mode 100644 index 0000000000..4b728d157a --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserManager.md @@ -0,0 +1,101 @@ +--- +title: Set-EntraUserManager +description: This article provides details on the Set-EntraUserManager command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUserManager + +schema: 2.0.0 +--- + +# Set-EntraUserManager + +## Synopsis + +Updates a user's manager. + +## Syntax + +```powershell +Set-EntraUserManager + -UserId + -RefObjectId + [] +``` + +## Description + +The `Set-EntraUserManager` cmdlet update the manager for a user in Microsoft Entra ID. Specify the `UserId` and `RefObjectId` parameters to update the manager for a user in Microsoft Entra ID. + +## Examples + +### Example 1: Update a user's manager + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$manager = Get-EntraUser -UserId 'Manager@contoso.com' +$params = @{ + UserId = 'SawyerM@contoso.com' + RefObjectId = $manager.ObjectId +} +Set-EntraUserManager @params +``` + +This example demonstrates how to update the manager for the specified user. + +## Parameters + +### -UserId + +Specifies the ID (as a User Principle Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Get-EntraUserManager](Get-EntraUserManager.md) + +[Remove-EntraUserManager](Remove-EntraUserManager.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUserPassword.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserPassword.md new file mode 100644 index 0000000000..995679785e --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserPassword.md @@ -0,0 +1,164 @@ +--- +title: Set-EntraUserPassword +description: This article provides details on the Set-EntraUserPassword command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUserPassword + +schema: 2.0.0 +--- + +# Set-EntraUserPassword + +## Synopsis + +Sets the password of a user. + +## Syntax + +```powershell +Set-EntraUserPassword + [-ForceChangePasswordNextLogin ] + [-EnforceChangePasswordPolicy ] + -UserId + -Password + [] +``` + +## Description + +The `Set-EntraUserPassword` cmdlet sets the password for a user in Microsoft Entra ID. + +Any user can update their password without belonging to any administrator role. + +## Examples + +### Example 1: Set a user's password + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword = '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePassword +``` + +This command sets the specified user's password. + +- `-UserId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. + +### Example 2: Set a user's password with EnforceChangePasswordPolicy parameter + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword= '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePassword -EnforceChangePasswordPolicy $True +``` + +This command sets the specified user's password with EnforceChangePasswordPolicy parameter. + +- `-UserId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. +- `-EnforceChangePasswordPolicy` parameter force the user to change their password, if set to true. + +### Example 3: Set a user's password with ForceChangePasswordNextLogin parameter + +```powershell +connect-Entra -Scopes 'Directory.AccessAsUser.All' +$newPassword= '' +$securePassword = ConvertTo-SecureString $newPassword -AsPlainText -Force +Set-EntraUserPassword -UserId 'SawyerM@contoso.com' -Password $securePassword -ForceChangePasswordNextLogin $True +``` + +This command sets the specified user's password with ForceChangePasswordNextLogin parameter. + +- `-ObjectId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-Password` parameter specifies the password to set. +- `-ForceChangePasswordNextLogin` parameter forces a user to change their password during their next log in. + +## Parameters + +### -EnforceChangePasswordPolicy + +If set to true, force the user to change their password. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ForceChangePasswordNextLogin + +Forces a user to change their password during their next sign in. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID of a user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Password + +Specifies the password. + +```yaml +Type: System.SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Users/Set-EntraUserThumbnailPhoto.md b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserThumbnailPhoto.md new file mode 100644 index 0000000000..301e6118f5 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Set-EntraUserThumbnailPhoto.md @@ -0,0 +1,130 @@ +--- +title: Set-EntraUserThumbnailPhoto +description: This article provides details on the Set-EntraUserThumbnailPhoto command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraUserThumbnailPhoto + +schema: 2.0.0 +--- + +# Set-EntraUserThumbnailPhoto + +## Synopsis + +Set the thumbnail photo for a user. + +## Syntax + +### File (Default) + +```powershell +Set-EntraUserThumbnailPhoto + [-UserId ] + -FilePath + [] +``` + +### Stream + +```powershell +Set-EntraUserThumbnailPhoto + -FileStream + [-UserId ] + [] +``` + +### ByteArray + +```powershell +Set-EntraUserThumbnailPhoto + [-UserId ] + -ImageByteArray + [] +``` + +## Description + +The `Set-EntraUserThumbnailPhoto` cmdlet is used to set the thumbnail photo for a user. + +Updating any user's photo in the organization requires the User.ReadWrite.All permission. Updating only the signed-in user's photo requires the User.ReadWrite permission. + +## Examples + +### Example 1: Sets the thumbnail photo + +```powershell +Connect-Entra -Scopes 'User.ReadWrite','User.ReadWrite.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + FilePath = 'D:\UserThumbnailPhoto.jpg' +} +Set-EntraUserThumbnailPhoto @params +``` + +This example sets the thumbnail photo of the user specified with the UserId parameter to the image specified with the FilePath parameter. + +- `-UserId` parameter specifies the ID of a user in Microsoft Entra ID. +- `-FilePath` parameter specifies the file path of the image to be uploaded as the user thumbnail photo. + +## Parameters + +### -FilePath + +The file path of the image to be uploaded as the user thumbnail photo. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +The Object ID of the user for which the user thumbnail photo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraUserThumbnailPhoto](Get-EntraUserThumbnailPhoto.md) diff --git a/module/docs/entra-powershell-v1.0/Users/Update-EntraSignedInUserPassword.md b/module/docs/entra-powershell-v1.0/Users/Update-EntraSignedInUserPassword.md new file mode 100644 index 0000000000..52d86af54f --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Update-EntraSignedInUserPassword.md @@ -0,0 +1,106 @@ +--- +title: Update-EntraSignedInUserPassword +description: This article provides details on the Update-EntraSignedInUserPassword command. + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Update-EntraSignedInUserPassword + +schema: 2.0.0 +--- + +# Update-EntraSignedInUserPassword + +## Synopsis + +Updates the password for the signed-in user. + +## Syntax + +```powershell +Update-EntraSignedInUserPassword + -NewPassword + -CurrentPassword + [] +``` + +## Description + +The `Update-EntraSignedInUserPassword` cmdlet updates the password for the signed-in user in Microsoft Entra ID. + +Enable users to update their own passwords. Any user can change their password without requiring administrator privileges. + +## Examples + +### Example 1: Update a password + +```powershell +Connect-Entra -Scopes 'Directory.AccessAsUser.All' +$CurrentPassword = ConvertTo-SecureString '' -AsPlainText -Force +$NewPassword = ConvertTo-SecureString '' -AsPlainText -Force +$params = @{ + CurrentPassword = $CurrentPassword + NewPassword = $NewPassword +} +Update-EntraSignedInUserPassword @params +``` + +This example shows how to update the password for the signed-in user. + +- `-CurrentPassword` parameter specifies the current password of the signed-in user. +- `-NewPassword` parameter specifies the new password for the signed-in user. + +## Parameters + +### -CurrentPassword + +Specifies the current password of the signed-in user. + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NewPassword + +Specifies the new password for the signed-in user. + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [changePassword](https://learn.microsoft.com/graph/api/user-changepassword). + +## Related links diff --git a/module/docs/entra-powershell-v1.0/Users/Update-EntraUserFromFederated.md b/module/docs/entra-powershell-v1.0/Users/Update-EntraUserFromFederated.md new file mode 100644 index 0000000000..5ff2784f25 --- /dev/null +++ b/module/docs/entra-powershell-v1.0/Users/Update-EntraUserFromFederated.md @@ -0,0 +1,105 @@ +--- +title: Update-EntraUserFromFederated +description: This article provides details on the Update-EntraUserFromFederated command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Entra.Users-Help.xml +Module Name: Microsoft.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Entra/Update-EntraUserFromFederated + +schema: 2.0.0 +--- + +# Update-EntraUserFromFederated + +## Synopsis + +Updates a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. + +## Syntax + +```powershell +Update-EntraUserFromFederated + -UserPrincipalName + [-NewPassword ] + [] +``` + +## Description + +The `Update-EntraUserFromFederated` cmdlet is used to update a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. A new password must be provided for the user. + +This process writes the new password to Microsoft Entra ID and, if configured with password writeback, pushes it to on-premises Active Directory. The admin can provide a new password or let the system generate one. The user will be prompted to change their password at their next sign-in. + +For delegated scenarios, the administrator needs at least the Authentication Administrator or Privileged Authentication Administrator Microsoft Entra role. + +Admins with User Administrator, Helpdesk Administrator, or Password Administrator roles can also reset passwords for non-admin users and a limited set of admin roles. + +## Examples + +### Example 1: Update a user in a domain + +```powershell +Connect-Entra -Scopes 'UserAuthenticationMethod.ReadWrite.All' +Update-EntraUserFromFederated -UserPrincipalName 'pattifuller@contoso.com' +``` + +This command updates a user in a domain. + +- `-UserPrincipalName` parameter specifies the Microsoft Entra ID UserID for the user to convert. + +## Parameters + +### -UserPrincipalName + +The Microsoft Entra ID UserID for the user to convert. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -NewPassword + +The new password of the user. + +For tenants using hybrid password scenarios, specifying a new password is required. If you omit the password for a cloud-only account, the system generates one automatically. This generated password is a Unicode string without additional encoding. Before acceptance, the password is validated against the tenant's banned password list and must meet the tenant's cloud and/or on-premises password requirements. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +- For more information, see [resetPassword](https://learn.microsoft.com/graph/api/authenticationmethod-resetpassword). + +## Related Links diff --git a/module_legacy/.sourcemap-maml-0.json b/module_legacy/.sourcemap-maml-0.json new file mode 100644 index 0000000000..6b05e77948 --- /dev/null +++ b/module_legacy/.sourcemap-maml-0.json @@ -0,0 +1 @@ +{"files":{}} \ No newline at end of file diff --git a/module/Entra/AdditionalFunctions/Add-EntraAdministrativeUnitMember.ps1 b/module_legacy/Entra/AdditionalFunctions/Add-EntraAdministrativeUnitMember.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Add-EntraAdministrativeUnitMember.ps1 rename to module_legacy/Entra/AdditionalFunctions/Add-EntraAdministrativeUnitMember.ps1 diff --git a/module/Entra/AdditionalFunctions/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/Entra/AdditionalFunctions/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 rename to module_legacy/Entra/AdditionalFunctions/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 diff --git a/module/Entra/AdditionalFunctions/Add-EntraEnvironment.ps1 b/module_legacy/Entra/AdditionalFunctions/Add-EntraEnvironment.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Add-EntraEnvironment.ps1 rename to module_legacy/Entra/AdditionalFunctions/Add-EntraEnvironment.ps1 diff --git a/module/Entra/AdditionalFunctions/Add-EntraScopedRoleMembership.ps1 b/module_legacy/Entra/AdditionalFunctions/Add-EntraScopedRoleMembership.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Add-EntraScopedRoleMembership.ps1 rename to module_legacy/Entra/AdditionalFunctions/Add-EntraScopedRoleMembership.ps1 diff --git a/module/Entra/AdditionalFunctions/Connect-Entra.ps1 b/module_legacy/Entra/AdditionalFunctions/Connect-Entra.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Connect-Entra.ps1 rename to module_legacy/Entra/AdditionalFunctions/Connect-Entra.ps1 diff --git a/module/Entra/AdditionalFunctions/Disconnect-Entra.ps1 b/module_legacy/Entra/AdditionalFunctions/Disconnect-Entra.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Disconnect-Entra.ps1 rename to module_legacy/Entra/AdditionalFunctions/Disconnect-Entra.ps1 diff --git a/module/Entra/AdditionalFunctions/Find-EntraPermission.ps1 b/module_legacy/Entra/AdditionalFunctions/Find-EntraPermission.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Find-EntraPermission.ps1 rename to module_legacy/Entra/AdditionalFunctions/Find-EntraPermission.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraAccountSku.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAccountSku.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraAccountSku.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraAccountSku.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 new file mode 100644 index 0000000000..f41c26d504 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnit.ps1 @@ -0,0 +1,87 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAdministrativeUnit { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = '/v1.0/directory/administrativeUnits' + $properties = '$select=*' + $params['Uri'] = "$baseUri/?$properties" + if ($null -ne $PSBoundParameters['AdministrativeUnitId']) { + $params['AdministrativeUnitId'] = $PSBoundParameters['AdministrativeUnitId'] + $params['Uri'] = "$baseUri/$($params.AdministrativeUnitId)?$properties" + } + if ($PSBoundParameters.ContainsKey('Top')) { + $topCount = $PSBoundParameters['Top'] + if ($topCount -gt 999) { + $params['Uri'] += "&`$top=999" + } else { + $params['Uri'] += "&`$top=$topCount" + } + } + if ($null -ne $PSBoundParameters['Filter']) { + $Filter = $PSBoundParameters['Filter'] + $f = '$' + 'Filter' + $params['Uri'] += "&$f=$Filter" + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params['Uri'] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params['Uri'] = $params['Uri'].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch { + Write-Error $_.Exception.Message + } + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimeStamp -Value deletedDateTime + } + } + + if ($data) { + $aulist = @() + foreach ($item in $data) { + $auType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAdministrativeUnit + $item.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $auType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $aulist += $auType + } + $aulist + } + } +} diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 new file mode 100644 index 0000000000..6714ad4531 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraAdministrativeUnitMember.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraAdministrativeUnitMember { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Nullable`1[System.Int32]] $Top, + [Alias('ObjectId')] + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $AdministrativeUnitId, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All + ) + + PROCESS { + $params = @{} + $topCount = $null + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $baseUri = "/v1.0/directory/administrativeUnits/$AdministrativeUnitId/members?`$select=*" + $params['Uri'] = "$baseUri" + if ($null -ne $PSBoundParameters['AdministrativeUnitId']) { + $params['AdministrativeUnitId'] = $PSBoundParameters['AdministrativeUnitId'] + } + if ($PSBoundParameters.ContainsKey('Top')) { + $topCount = $PSBoundParameters['Top'] + if ($topCount -gt 999) { + $minTop = 999 + $params['Uri'] += "&`$top=999" + } else { + $params['Uri'] += "&`$top=$topCount" + } + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params['Uri'] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + if ($minTop) { + $params['Uri'] = $params['Uri'].Replace("`$top=$minTop", "`$top=$topValue") + } else { + $params['Uri'] = $params['Uri'].Replace("`$top=$topCount", "`$top=$topValue") + } + $increment -= $topValue + } + $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $($params.Uri) -Method GET) + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch { + Write-Error $_.Exception.Message + } + $data | ForEach-Object { + if ($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id + } + } + if ($data) { + $memberList = @() + foreach ($response in $data) { + $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject + if (-not ($response -is [psobject])) { + $response = [pscustomobject]@{ Value = $response } + } + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $memberList += $memberType + } + $memberList + } + } +} diff --git a/module/Entra/AdditionalFunctions/Get-EntraApplicationTemplate.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraApplicationTemplate.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraApplicationTemplate.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraApplicationTemplate.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 new file mode 100644 index 0000000000..e0b0f438f6 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraAttributeSet.ps1 @@ -0,0 +1,44 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraAttributeSet { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias('Id')] + [System.String] $AttributeSetId + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params['Uri'] = 'https://graph.microsoft.com/v1.0/directory/attributeSets/' + $params['Method'] = 'GET' + if ($null -ne $PSBoundParameters['AttributeSetId']) { + $params['Uri'] += $AttributeSetId + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } catch { + Write-Error $_.Exception.Message + } + if ($response) { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 new file mode 100644 index 0000000000..6d895093c3 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditDirectoryLog.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraAuditDirectoryLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/directoryAudits' + $params['Method'] = 'GET' + $params['Uri'] = "$baseUri" + '?' + + if ($PSBoundParameters.ContainsKey('Top')) { + $topCount = $PSBoundParameters['Top'] + if ($topCount -gt 999) { + $params['Uri'] += "&`$top=999" + } else { + $params['Uri'] += "&`$top=$topCount" + } + } + if ($null -ne $PSBoundParameters['Id']) { + $LogId = $PSBoundParameters['Id'] + $params['Uri'] = "$baseUri/$($LogId)" + } + if ($null -ne $PSBoundParameters['Filter']) { + $Filter = $PSBoundParameters['Filter'] + $f = '$Filter' + $params['Uri'] += "&$f=$Filter" + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params['Uri'] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params['Uri'] = $params['Uri'].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch { + Write-Error $_.Exception.Message + } + + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryAudit + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +} diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 new file mode 100644 index 0000000000..b6790c9421 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraAuditSignInLog.ps1 @@ -0,0 +1,87 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraAuditSignInLog { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias('Id')] + [System.String] $SignInId, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = 'https://graph.microsoft.com/v1.0/auditLogs/signIns' + $params['Method'] = 'GET' + $params['Uri'] = "$baseUri" + $query = $null + + if ($PSBoundParameters.ContainsKey('Top')) { + $topCount = $PSBoundParameters['Top'] + if ($topCount -gt 999) { + $query += "&`$top=999" + } else { + $query += "&`$top=$topCount" + } + } + + if ($null -ne $PSBoundParameters['SignInId']) { + $logId = $PSBoundParameters['SignInId'] + $params['Uri'] = "$baseUri/$($logId)" + } + if ($null -ne $PSBoundParameters['Filter']) { + $Filter = $PSBoundParameters['Filter'] + $f = '$filter' + $query += "&$f=$Filter" + } + + if ($null -ne $query) { + $query = '?' + $query.TrimStart('&') + $params['Uri'] += $query + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 100 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while (($response.'@odata.nextLink' -and (($all -and ($increment -lt 0)) -or $increment -gt 0))) { + $params['Uri'] = $response.'@odata.nextLink' + if ($increment -gt 0) { + $topValue = [Math]::Min($increment, 999) + $params['Uri'] = $params['Uri'].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 100 | ConvertFrom-Json + } + } catch { + Write-Error $_.Exception.Message + } + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphSignIn + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } +} diff --git a/module/Entra/AdditionalFunctions/Get-EntraAuthorizationPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraAuthorizationPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraAuthorizationPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraAuthorizationPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraContext.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraContext.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraContext.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraContext.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 new file mode 100644 index 0000000000..11a5b81666 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinition.ps1 @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraCustomSecurityAttributeDefinition { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $Method = 'GET' + $Uri = 'https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/' + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters['Id']) { + $Uri += $Id + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest -Uri $Uri -Method $Method -Headers $customHeaders) | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } catch { + Write-Error $_.Exception.Message + } + if ($response) { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphCustomSecurityAttributeDefinition + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 new file mode 100644 index 0000000000..6108059460 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraCustomSecurityAttributeDefinitionAllowedValue { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $CustomSecurityAttributeDefinitionId + ) + + PROCESS { + $params = @{} + $params['Uri'] = "https://graph.microsoft.com/v1.0/directory/customSecurityAttributeDefinitions/$CustomSecurityAttributeDefinitionId/allowedValues/" + $params['Method'] = 'GET' + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters['Id']) { + $params['Uri'] += $Id + } + if ($null -ne $PSBoundParameters['Filter']) { + $params['Uri'] += '?$filter=' + $Filter + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = (Invoke-GraphRequest @params -Headers $customHeaders) | ConvertTo-Json -Depth 5 | ConvertFrom-Json + try { + $response = $response.value + } catch { + Write-Error $_.Exception.Message + } + if ($response) { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphAllowedValue + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} diff --git a/module/Entra/AdditionalFunctions/Get-EntraDirSyncConfiguration.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraDirSyncConfiguration.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraDirSyncConfiguration.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraDirSyncConfiguration.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraDirSyncFeature.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraDirSyncFeature.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraDirSyncFeature.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraDirSyncFeature.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 new file mode 100644 index 0000000000..4816031db3 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraDirectoryObjectOnPremisesProvisioningError.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraDirectoryObjectOnPremisesProvisioningError { + [CmdletBinding(DefaultParameterSetName = 'GetById')] + param ( + [Parameter(ParameterSetName = 'GetById')][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw 'TenantId must be of type [System.Guid].' } })][System.Guid] $TenantId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters['TenantId']) { + $params['TenantId'] = $PSBoundParameters['TenantId'] + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $Object = @('users', 'groups', 'contacts') + $response = @() + + try { + foreach ($obj in $object) { + $obj = ($obj | Out-String).trimend() + $uri = 'https://graph.microsoft.com/v1.0/' + $obj + '?$select=onPremisesProvisioningErrors' + $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors + } + } catch { + Write-Error $_.Exception.Message + } + if ([string]::IsNullOrWhiteSpace($response)) { + Write-Host 'False' + } else { + $response + } + + } +} +Set-Alias -Name Get-EntraHasObjectsWithDirSyncProvisioningError -Value Get-EntraDirectoryObjectOnPremisesProvisioningError -Scope Global -Force diff --git a/module/Entra/AdditionalFunctions/Get-EntraDomainFederationSettings.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraDomainFederationSettings.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraDomainFederationSettings.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraDomainFederationSettings.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraEnvironment.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraEnvironment.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraEnvironment.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraEnvironment.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 new file mode 100644 index 0000000000..4fdf2022a6 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraFeatureRolloutPolicy.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraFeatureRolloutPolicy { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = 'GetVague', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $SearchString, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Filter, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $baseUri = 'https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies' + $params['Method'] = 'GET' + $params['Uri'] = "$baseUri" + $query = $null + + if ($null -ne $PSBoundParameters['Id']) { + $Id = $PSBoundParameters['Id'] + $params['Uri'] = "https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/$Id" + } + if ($null -ne $PSBoundParameters['SearchString']) { + $FilterValue = $PSBoundParameters['SearchString'] + $filter = "displayName eq '$FilterValue' or startswith(displayName,'$FilterValue')" + $f = '$' + 'Filter' + $query += "&$f=$Filter" + } + if ($null -ne $PSBoundParameters['Filter']) { + $Filter = $PSBoundParameters['Filter'] + $f = '$' + 'Filter' + $query += "&$f=$Filter" + } + if ($null -ne $PSBoundParameters['Property']) { + $selectProperties = $PSBoundParameters['Property'] + $selectProperties = $selectProperties -Join ',' + $query += "&`$select=$($selectProperties)" + } + if ($null -ne $query) { + $query = '?' + $query.TrimStart('&') + $params['Uri'] += $query + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $data = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $data = $data.value | ConvertTo-Json | ConvertFrom-Json + } catch { + Write-Error $_.Exception.Message + } + + if ($data) { + $userList = @() + foreach ($response in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy + $response.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + $userList + } + } +} diff --git a/module/Entra/AdditionalFunctions/Get-EntraFederationProperty.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraFederationProperty.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraFederationProperty.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraFederationProperty.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 new file mode 100644 index 0000000000..dacf4401a7 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Get-EntraObjectSetting.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Get-EntraObjectSetting { + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(ParameterSetName = 'GetById', Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $Id, + [Parameter(ParameterSetName = 'GetQuery', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Int32] $Top, + [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [switch] $All, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetType, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $TargetObjectId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $topCount = $null + $baseUri = "https://graph.microsoft.com/v1.0/$TargetType/$TargetObjectId/settings" + $params['Method'] = 'GET' + $params['Uri'] = $baseUri + '?$select=*' + if ($null -ne $PSBoundParameters['Property']) { + $selectProperties = $PSBoundParameters['Property'] + $selectProperties = $selectProperties -Join ',' + $params['Uri'] = $baseUri + "?`$select=$($selectProperties)" + } + if ($PSBoundParameters.ContainsKey('Top') -and (-not $PSBoundParameters.ContainsKey('All'))) { + $topCount = $PSBoundParameters['Top'] + if ($topCount -gt 999) { + $params['Uri'] += "&`$top=999" + } else { + $params['Uri'] += "&`$top=$topCount" + } + } + if ($null -ne $PSBoundParameters['Id']) { + $Id = $PSBoundParameters['Id'] + $params['Uri'] = "$baseUri/$($Id)" + } + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Invoke-GraphRequest @params -Headers $customHeaders + $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json + try { + $data = $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $all = $All.IsPresent + $increment = $topCount - $data.Count + while ($response.'@odata.nextLink' -and (($all) -or ($increment -gt 0 -and -not $all))) { + $params['Uri'] = $response.'@odata.nextLink' + if (-not $all) { + $topValue = [Math]::Min($increment, 999) + $params['Uri'] = $params['Uri'].Replace('$top=999', "`$top=$topValue") + $increment -= $topValue + } + $response = Invoke-GraphRequest @params + $data += $response.value | ConvertTo-Json -Depth 10 | ConvertFrom-Json + } + } catch { + Write-Error $_.Exception.Message + } + + $targetTypeList = @() + + if ($TargetType.ToLower() -eq 'groups') { + foreach ($res in $data) { + $groupType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphGroupSetting + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $groupType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $groupType + } + } + + if ($TargetType.ToLower() -eq 'users') { + foreach ($res in $data) { + $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphUserSettings + $res.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $targetTypeList += $userType + } + } + + $targetTypeList + } +} diff --git a/module/Entra/AdditionalFunctions/Get-EntraPartnerInformation.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraPartnerInformation.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraPartnerInformation.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraPartnerInformation.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraPasswordPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraPasswordPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraPasswordPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraPasswordPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraScopedRoleMembership.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraScopedRoleMembership.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraScopedRoleMembership.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraScopedRoleMembership.ps1 diff --git a/module/Entra/AdditionalFunctions/Get-EntraUserAuthenticationMethod.ps1 b/module_legacy/Entra/AdditionalFunctions/Get-EntraUserAuthenticationMethod.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Get-EntraUserAuthenticationMethod.ps1 rename to module_legacy/Entra/AdditionalFunctions/Get-EntraUserAuthenticationMethod.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraAdministrativeUnit.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraAdministrativeUnit.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraAdministrativeUnit.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraAdministrativeUnit.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraApplicationFromApplicationTemplate.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraApplicationFromApplicationTemplate.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraApplicationFromApplicationTemplate.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraApplicationFromApplicationTemplate.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraAttributeSet.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraAttributeSet.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraAttributeSet.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraAttributeSet.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraCustomHeaders.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraCustomHeaders.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraCustomHeaders.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraCustomHeaders.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraCustomSecurityAttributeDefinition.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraCustomSecurityAttributeDefinition.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraCustomSecurityAttributeDefinition.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraCustomSecurityAttributeDefinition.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraFeatureRolloutPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraFeatureRolloutPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraFeatureRolloutPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraFeatureRolloutPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraOauth2PermissionGrant.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraOauth2PermissionGrant.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraOauth2PermissionGrant.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraOauth2PermissionGrant.ps1 diff --git a/module/Entra/AdditionalFunctions/New-EntraPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/New-EntraPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/New-EntraPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/New-EntraPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/README.md b/module_legacy/Entra/AdditionalFunctions/README.md similarity index 100% rename from module/Entra/AdditionalFunctions/README.md rename to module_legacy/Entra/AdditionalFunctions/README.md diff --git a/module/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnit.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnit.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnit.ps1 rename to module_legacy/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnit.ps1 diff --git a/module/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnitMember.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnitMember.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnitMember.ps1 rename to module_legacy/Entra/AdditionalFunctions/Remove-EntraAdministrativeUnitMember.ps1 diff --git a/module/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 rename to module_legacy/Entra/AdditionalFunctions/Remove-EntraFeatureRolloutPolicyDirectoryObject.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 new file mode 100644 index 0000000000..c7ecfc6ee5 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Remove-EntraPolicy.ps1 @@ -0,0 +1,44 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Remove-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + $policyTypes = 'activityBasedTimeoutPolicies', 'defaultAppManagementPolicy', 'appManagementPolicies', 'authenticationFlowsPolicy', 'authenticationMethodsPolicy', 'claimsMappingPolicies', 'featureRolloutPolicies', 'homeRealmDiscoveryPolicies', 'permissionGrantPolicies', 'tokenIssuancePolicies', 'tokenLifetimePolicies' + + foreach ($policyType in $policyTypes) { + $uri = 'https://graph.microsoft.com/v1.0/policies/' + $policyType + '/' + $id + try { + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET + break + } catch { + Write-Error $_.Exception.Message + } + } + # Unused variable + #$policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + + $policyType = $Matches[1] + + Write-Debug('============================ Matches ============================') + + Write-Debug($Matches[1]) + + if (($null -ne $PSBoundParameters['id']) -and ($null -ne $policyType )) { + $URI = 'https://graph.microsoft.com/v1.0/policies/' + $policyType + '/' + $id + } + $Method = 'DELETE' + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method + $response + } +} diff --git a/module/Entra/AdditionalFunctions/Remove-EntraScopedRoleMembership.ps1 b/module_legacy/Entra/AdditionalFunctions/Remove-EntraScopedRoleMembership.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Remove-EntraScopedRoleMembership.ps1 rename to module_legacy/Entra/AdditionalFunctions/Remove-EntraScopedRoleMembership.ps1 diff --git a/module/Entra/AdditionalFunctions/Reset-EntraStrongAuthenticationMethodByUpn.ps1 b/module_legacy/Entra/AdditionalFunctions/Reset-EntraStrongAuthenticationMethodByUpn.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Reset-EntraStrongAuthenticationMethodByUpn.ps1 rename to module_legacy/Entra/AdditionalFunctions/Reset-EntraStrongAuthenticationMethodByUpn.ps1 diff --git a/module/Entra/AdditionalFunctions/Restore-EntraDeletedDirectoryObject.ps1 b/module_legacy/Entra/AdditionalFunctions/Restore-EntraDeletedDirectoryObject.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Restore-EntraDeletedDirectoryObject.ps1 rename to module_legacy/Entra/AdditionalFunctions/Restore-EntraDeletedDirectoryObject.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraAdministrativeUnit.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraAdministrativeUnit.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraAdministrativeUnit.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraAdministrativeUnit.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraAttributeSet.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraAttributeSet.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraAttributeSet.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraAttributeSet.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinition.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinition.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinition.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinition.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraDirSyncConfiguration.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncConfiguration.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraDirSyncConfiguration.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncConfiguration.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraDirSyncEnabled.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncEnabled.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraDirSyncEnabled.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncEnabled.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraDirSyncFeature.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncFeature.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraDirSyncFeature.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraDirSyncFeature.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraDomainFederationSettings.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraDomainFederationSettings.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraDomainFederationSettings.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraDomainFederationSettings.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraFeatureRolloutPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraFeatureRolloutPolicy.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraFeatureRolloutPolicy.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraFeatureRolloutPolicy.ps1 diff --git a/module/Entra/AdditionalFunctions/Set-EntraPartnerInformation.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraPartnerInformation.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraPartnerInformation.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraPartnerInformation.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 new file mode 100644 index 0000000000..6efba4dda8 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Set-EntraPolicy.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +function Set-EntraPolicy { + [CmdletBinding(DefaultParameterSetName = 'InvokeByDynamicParameters')] + param ( + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.String] $AlternativeIdentifier, + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $Id, + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.Collections.Generic.List`1[System.String]] $Definition, + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.String] $DisplayName, + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.String] $Type, + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, + [Parameter(ParameterSetName = 'InvokeByDynamicParameters')] + [System.Nullable`1[System.Boolean]] $IsOrganizationDefault + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + $policyTypeMap = @{ + 'ActivityBasedTimeoutPolicy' = 'activityBasedTimeoutPolicies' + 'ApplicationManagementPolicy' = 'appManagementPolicies' + 'DefaultAppManagementPolicy' = 'defaultAppManagementPolicy' + 'AuthenticationFlowsPolicy' = 'authenticationFlowsPolicy' + 'AuthenticationMethodsPolicy' = 'authenticationMethodsPolicy' + 'ClaimsMappingPolicy' = 'claimsMappingPolicies' + 'FeatureRolloutPolicy' = 'featureRolloutPolicies' + 'HomeRealmDiscoveryPolicy' = 'homeRealmDiscoveryPolicies' + 'PermissionGrantPolicy' = 'permissionGrantPolicies' + 'TokenIssuancePolicy' = 'tokenIssuancePolicies' + 'TokenLifetimePolicy' = 'tokenLifetimePolicies' + } + + $policyTypes = $policyTypeMap.Values + + if ($null -ne $PSBoundParameters['type']) { + $type = if ($policyTypeMap.ContainsKey($type)) { $policyTypeMap[$type] } else { + Write-Error "Set-EntraBetADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + return + } + } else { + $type = $null + } + + if (!$type) { + foreach ($pType in $policyTypes) { + $uri = 'https://graph.microsoft.com/v1.0/policies/' + $pType + '/' + $id + try { + $response = Invoke-GraphRequest -Uri $uri -Method GET + break + } catch { + Write-Error $_.Exception.Message + } + } + # Unused variable + #$policy = ($response.'@odata.context') -match 'policies/([^/]+)/\$entity' + $type = $Matches[1] + } + + if ($policyTypes -notcontains $type) { + Write-Error "Set-AzureADPolicy : Error occurred while executing SetPolicy + Code: Request_BadRequest + Message: Invalid value specified for property 'type' of resource 'Policy'." + } else { + if ($null -ne $PSBoundParameters['Definition']) { + $params['Definition'] = $PSBoundParameters['Definition'] + } + if ($null -ne $PSBoundParameters['DisplayName']) { + $params['DisplayName'] = $PSBoundParameters['DisplayName'] + } + if ($null -ne $PSBoundParameters['Definition']) { + $params['Definition'] = $PSBoundParameters['Definition'] + } + if ($null -ne $PSBoundParameters['IsOrganizationDefault']) { + $params['IsOrganizationDefault'] = $PSBoundParameters['IsOrganizationDefault'] + } + if (($null -ne $PSBoundParameters['id']) -and ($null -ne $type )) { + $URI = 'https://graph.microsoft.com/v1.0/policies/' + $type + '/' + $id + } + + $Method = 'PATCH' + + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $body = $params | ConvertTo-Json + Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Body $body -Method $Method + + } + + } +} diff --git a/module/Entra/AdditionalFunctions/Set-EntraServicePrincipal.ps1 b/module_legacy/Entra/AdditionalFunctions/Set-EntraServicePrincipal.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Set-EntraServicePrincipal.ps1 rename to module_legacy/Entra/AdditionalFunctions/Set-EntraServicePrincipal.ps1 diff --git a/module/Entra/AdditionalFunctions/Test-EntraScript.ps1 b/module_legacy/Entra/AdditionalFunctions/Test-EntraScript.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Test-EntraScript.ps1 rename to module_legacy/Entra/AdditionalFunctions/Test-EntraScript.ps1 diff --git a/module/Entra/AdditionalFunctions/Update-EntraOAuth2PermissionGrant.ps1 b/module_legacy/Entra/AdditionalFunctions/Update-EntraOAuth2PermissionGrant.ps1 similarity index 100% rename from module/Entra/AdditionalFunctions/Update-EntraOAuth2PermissionGrant.ps1 rename to module_legacy/Entra/AdditionalFunctions/Update-EntraOAuth2PermissionGrant.ps1 diff --git a/module_legacy/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 b/module_legacy/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 new file mode 100644 index 0000000000..5ea9649c87 --- /dev/null +++ b/module_legacy/Entra/AdditionalFunctions/Update-EntraUserFromFederated.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Update-EntraUserFromFederated { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $UserPrincipalName = $PSBoundParameters.UserPrincipalName + $UserId = Get-MgUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual + if ($null -ne $UserId) + { + $AuthenticationMethodId = Get-MgUserAuthenticationMethod -UserId $UserId.Id + $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id + $params["UserId"] = $UserId.Id + } + } + if ($PSBoundParameters.ContainsKey("NewPassword")) { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $AuthenticationMethodId) + { + $response = Reset-MgUserAuthenticationMethodPassword @params -Headers $customHeaders + } + $response + } +} +Set-Alias -Name Convert-EntraFederatedUser -Value Update-EntraUserFromFederated -Scope Global -Force + diff --git a/module_legacy/Entra/config/ModuleMetadata.json b/module_legacy/Entra/config/ModuleMetadata.json new file mode 100644 index 0000000000..553c0eabdf --- /dev/null +++ b/module_legacy/Entra/config/ModuleMetadata.json @@ -0,0 +1,35 @@ +{ + "guid": "742dccd1-bf4b-46a0-a3f2-14e0bb508233", + "authors": "Microsoft", + "owners": "Microsoft", + "description": "Microsoft Entra PowerShell v1.0: Microsoft Entra PowerShell is a scenario-driven module that allows administrators to efficiently manage Entra ID resources, including users, groups, applications, and policies, among others", + "requireLicenseAcceptance": "true", + "requiredModules" : [ + "Microsoft.Graph.Users", + "Microsoft.Graph.Users.Actions", + "Microsoft.Graph.Users.Functions", + "Microsoft.Graph.Groups", + "Microsoft.Graph.Identity.DirectoryManagement", + "Microsoft.Graph.Identity.Governance", + "Microsoft.Graph.Identity.SignIns", + "Microsoft.Graph.Applications", + "Microsoft.Graph.Reports" + ], + "requiredModulesVersion": "2.15.0", + "copyright": "© Microsoft Corporation. All rights reserved.", + "licenseUri": "https://aka.ms/devservicesagreement", + "projectUri": "https://github.com/microsoftgraph/entra-powershell", + "iconUri": "https://raw.githubusercontent.com/microsoftgraph/msgraph-sdk-powershell/master/documentation/images/graph_color256.png", + "tags": [ + "MicrosoftGraph", + "Microsoft", + "Graph", + "PowerShell", + "AzureAD", + "PSModule", + "Entra" + ], + "releaseNotes": "See https://github.com/microsoftgraph/entra-powershell.", + "version": "0.18.0", + "Prerelease": "preview" + } diff --git a/module_legacy/Entra/config/ModuleSettings.json b/module_legacy/Entra/config/ModuleSettings.json new file mode 100644 index 0000000000..6863871d5c --- /dev/null +++ b/module_legacy/Entra/config/ModuleSettings.json @@ -0,0 +1,22 @@ +{ + "sourceModule" : "AzureAD", + "moduleName" : "Microsoft.Graph.Entra", + "newPrefix" : "Entra", + "typePrefix" : "Microsoft.Open.", + "destinationModuleName" : [ + "Microsoft.Graph.DirectoryObjects", + "Microsoft.Graph.Users", + "Microsoft.Graph.Users.Actions", + "Microsoft.Graph.Users.Functions", + "Microsoft.Graph.Groups", + "Microsoft.Graph.Identity.DirectoryManagement", + "Microsoft.Graph.Identity.Governance", + "Microsoft.Graph.Identity.SignIns", + "Microsoft.Graph.Applications", + "Microsoft.Graph.Reports" + ], + "destinationModuleVersion": "2.15.0", + "sourceModulePrefix" : ["AzureADMS","AzureAD"], + "destinationPrefix" : ["Mg"], + "loadMessage": "" + } diff --git a/module_legacy/Entra/config/dependencyMapping.json b/module_legacy/Entra/config/dependencyMapping.json new file mode 100644 index 0000000000..8be7e5e2e4 --- /dev/null +++ b/module_legacy/Entra/config/dependencyMapping.json @@ -0,0 +1,10 @@ +{ + "Microsoft.Graph.Entra.Users":["Microsoft.Graph.Users","Microsoft.Graph.Users.Actions","Microsoft.Graph.Users.Functions"], + "Microsoft.Graph.Entra.Authentication":["Microsoft.Graph.Authentication"], + "Microsoft.Graph.Entra.Groups":["Microsoft.Graph.Groups"], + "Microsoft.Graph.Entra.DirectoryManagement":["Microsoft.Graph.Identity.DirectoryManagement"], + "Microsoft.Graph.Entra.Governance":["Microsoft.Graph.Identity.Governance"], + "Microsoft.Graph.Entra.SignIns":["Microsoft.Graph.Identity.SignIns"], + "Microsoft.Graph.Entra.Applications":["Microsoft.Graph.Applications"], + "Microsoft.Graph.Entra.Reports":["Microsoft.Graph.Reports"] +} \ No newline at end of file diff --git a/module_legacy/Entra/config/moduleMapping.json b/module_legacy/Entra/config/moduleMapping.json new file mode 100644 index 0000000000..174b5022c1 --- /dev/null +++ b/module_legacy/Entra/config/moduleMapping.json @@ -0,0 +1,263 @@ +{ + "Add-EntraAdministrativeUnitMember": "DirectoryManagement", + "Add-EntraLifecyclePolicyGroup": "Groups", + "Get-EntraAccountSku": "DirectoryManagement", + "Get-EntraAdministrativeUnit": "DirectoryManagement", + "Get-EntraAdministrativeUnitMember": "DirectoryManagement", + "New-EntraAdministrativeUnit": "DirectoryManagement", + "Remove-EntraAdministrativeUnit": "DirectoryManagement", + "Remove-EntraAdministrativeUnitMember": "DirectoryManagement", + "Set-EntraAdministrativeUnit": "DirectoryManagement", + "Get-EntraApplicationProxyApplication": "Applications", + "New-EntraApplicationProxyApplication": "Applications", + "Remove-EntraApplicationProxyApplication": "Applications", + "Set-EntraApplicationProxyApplication": "Applications", + "Get-EntraApplicationOwner":"Applications", + "Get-EntraApplicationPasswordCredential":"Applications", + "Get-EntraApplicationServiceEndpoint":"Applications", + "Get-EntraApplicationTemplate":"Applications", + "Get-EntraDeletedApplication":"Applications", + "Set-EntraApplicationProxyApplicationCustomDomainCertificate": "Applications", + "Set-EntraApplicationProxyApplicationSingleSignOn": "Applications", + "Get-EntraApplicationProxyApplicationConnectorGroup": "Applications", + "Get-EntraApplicationProxyConnector": "Applications", + "Get-EntraApplicationProxyConnectorGroup": "Applications", + "Get-EntraApplicationProxyConnectorGroupMember": "Applications", + "Get-EntraApplicationProxyConnectorGroupMembers": "Applications", + "Get-EntraApplicationProxyConnectorMemberOf": "Applications", + "New-EntraApplicationProxyConnectorGroup": "Applications", + "Remove-EntraApplicationProxyApplicationConnectorGroup": "Applications", + "Remove-EntraApplicationProxyConnectorGroup": "Applications", + "Set-EntraApplicationProxyConnector": "Applications", + "Set-EntraApplicationProxyConnectorGroup": "Applications", + "Add-EntraApplicationOwner": "Applications", + "Get-EntraApplication": "Applications", + "Get-EntraApplicationExtensionProperty": "Applications", + "Get-EntraApplicationKeyCredential": "Applications", + "Get-EntraApplicationLogo": "Applications", + "Add-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Add-EntraServicePrincipalOwner": "Applications", + "Get-EntraServicePrincipal": "Applications", + "Get-EntraServicePrincipalCreatedObject": "Applications", + "Get-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Get-EntraServicePrincipalKeyCredential": "Applications", + "Get-EntraServicePrincipalMembership": "Applications", + "Get-EntraServicePrincipalOAuth2PermissionGrant": "Applications", + "Get-EntraServicePrincipalOwnedObject": "Applications", + "Get-EntraServicePrincipalOwner": "Applications", + "Get-EntraServicePrincipalPasswordCredential": "Applications", + "New-EntraApplication": "Applications", + "New-EntraApplicationExtensionProperty": "Applications", + "New-EntraApplicationKey": "Applications", + "New-EntraApplicationKeyCredential": "Applications", + "New-EntraApplicationPassword": "Applications", + "New-EntraApplicationPasswordCredential": "Applications", + "New-EntraServicePrincipal": "Applications", + "New-EntraServicePrincipalKeyCredential": "Applications", + "New-EntraServicePrincipalPasswordCredential": "Applications", + "Remove-EntraApplication": "Applications", + "Remove-EntraApplicationExtensionProperty": "Applications", + "Remove-EntraApplicationKey": "Applications", + "Remove-EntraApplicationKeyCredential": "Applications", + "Remove-EntraApplicationOwner": "Applications", + "Remove-EntraApplicationPassword": "Applications", + "Remove-EntraApplicationPasswordCredential": "Applications", + "Remove-EntraApplicationVerifiedPublisher": "Applications", + "Remove-EntraDeletedApplication": "Applications", + "Remove-EntraDeletedDirectoryObject": "Applications", + "Remove-EntraServicePrincipal": "Applications", + "Remove-EntraServicePrincipalDelegatedPermissionClassification": "Applications", + "Remove-EntraServicePrincipalKeyCredential": "Applications", + "Remove-EntraServicePrincipalOwner": "Applications", + "Remove-EntraServicePrincipalPasswordCredential": "Applications", + "Restore-EntraDeletedApplication": "Applications", + "Select-EntraGroupIdsServicePrincipalIsMemberOf": "Applications", + "Set-EntraApplication": "Applications", + "Set-EntraApplicationLogo": "Applications", + "Set-EntraApplicationVerifiedPublisher": "Applications", + "Set-EntraServicePrincipal": "Applications", + "Get-EntraTrustedCertificateAuthority": "SignIns", + "New-EntraTrustedCertificateAuthority": "SignIns", + "Remove-EntraTrustedCertificateAuthority": "SignIns", + "Set-EntraTrustedCertificateAuthority": "SignIns", + "Get-EntraContact": "DirectoryManagement", + "Get-EntraContactDirectReport": "DirectoryManagement", + "Get-EntraContactManager": "DirectoryManagement", + "Get-EntraContactMembership": "DirectoryManagement", + "Get-EntraContactThumbnailPhoto": "DirectoryManagement", + "Remove-EntraContact": "DirectoryManagement", + "Get-EntraContract": "DirectoryManagement", + "Add-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Add-EntraDeviceRegisteredUser": "DirectoryManagement", + "Get-EntraDevice": "DirectoryManagement", + "Get-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Get-EntraDeviceRegisteredUser": "DirectoryManagement", + "New-EntraDevice": "DirectoryManagement", + "Remove-EntraDevice": "DirectoryManagement", + "Remove-EntraDeviceRegisteredOwner": "DirectoryManagement", + "Remove-EntraDeviceRegisteredUser": "DirectoryManagement", + "Set-EntraDevice": "DirectoryManagement", + "Add-EntraDirectoryRoleMember": "DirectoryManagement", + "Get-EntraDeletedDirectoryObject": "DirectoryManagement", + "Get-EntraDirectoryRole": "DirectoryManagement", + "Enable-EntraDirectoryRole": "DirectoryManagement", + "Get-EntraDirectoryRoleMember": "DirectoryManagement", + "Get-EntraDirectoryRoleTemplate": "DirectoryManagement", + "Get-EntraDirSyncConfiguration": "DirectoryManagement", + "Get-EntraHasObjectsWithDirSyncProvisioningError": "DirectoryManagement", + "Remove-EntraDirectoryRoleMember": "DirectoryManagement", + "Restore-EntraDeletedDirectoryObject": "DirectoryManagement", + "Set-EntraDirSyncConfiguration": "DirectoryManagement", + "Set-EntraDirSyncEnabled": "DirectoryManagement", + "Set-EntraDirSyncFeature": "DirectoryManagement", + "Get-EntraDomain": "DirectoryManagement", + "Get-EntraDomainFederationSettings": "DirectoryManagement", + "Get-EntraDomainNameReference": "DirectoryManagement", + "Get-EntraDirectoryManagementerviceConfigurationRecord": "DirectoryManagement", + "Get-EntraDomainVerificationDnsRecord": "DirectoryManagement", + "New-EntraDomain": "DirectoryManagement", + "Remove-EntraDomain": "DirectoryManagement", + "Set-EntraDomain": "DirectoryManagement", + "Set-EntraDomainFederationSettings": "DirectoryManagement", + "Get-EntraExtensionProperty": "DirectoryManagement", + "Get-EntraFederationProperty": "DirectoryManagement", + "Add-EntraGroupMember": "Groups", + "Add-EntraGroupOwner": "Groups", + "Set-EntraFeatureRolloutPolicy": "SignIns", + "Get-EntraDeletedGroup": "Groups", + "Get-EntraGroup": "Groups", + "Get-EntraGroupAppRoleAssignment": "Groups", + "Get-EntraGroupLifecyclePolicy": "Groups", + "Get-EntraGroupMember": "Groups", + "Get-EntraGroupOwner": "Groups", + "Get-EntraGroupPermissionGrant": "Groups", + "Get-EntraLifecyclePolicyGroup": "Groups", + "Get-EntraPolicy": "SignIns", + "New-EntraPolicy": "SignIns", + "Remove-EntraPolicy": "SignIns", + "Set-EntraPolicy": "SignIns", + "New-EntraGroup": "Groups", + "New-EntraGroupAppRoleAssignment": "Groups", + "New-EntraGroupLifecyclePolicy": "Groups", + "Remove-EntraGroup": "Groups", + "Remove-EntraGroupAppRoleAssignment": "Groups", + "Remove-EntraGroupLifecyclePolicy": "Groups", + "Remove-EntraGroupMember": "Groups", + "Remove-EntraGroupOwner": "Groups", + "Remove-EntraLifecyclePolicyGroup": "Groups", + "Reset-EntraLifeCycleGroup": "Groups", + "Select-EntraGroupIdsContactIsMemberOf": "Groups", + "Select-EntraGroupIdsGroupIsMemberOf": "Groups", + "Select-EntraGroupIdsUserIsMemberOf": "Groups", + "Set-EntraGroup": "Groups", + "Set-EntraGroupLifecyclePolicy": "Groups", + "Get-EntraAuthorizationPolicy": "SignIns", + "Get-EntraConditionalAccessPolicy": "SignIns", + "Get-EntraIdentityProvider": "SignIns", + "Get-EntraOAuth2PermissionGrant": "SignIns", + "Get-EntraPasswordPolicy": "DirectoryManagement", + "Get-EntraPermissionGrantConditionSet": "SignIns", + "Get-EntraPermissionGrantPolicy": "SignIns", + "Get-EntraScopedRoleMembership": "DirectoryManagement", + "New-EntraOauth2PermissionGrant": "SignIns", + "New-EntraConditionalAccessPolicy": "SignIns", + "New-EntraIdentityProvider": "SignIns", + "New-EntraInvitation": "Invitations", + "New-EntraPermissionGrantConditionSet": "SignIns", + "New-EntraPermissionGrantPolicy": "SignIns", + "Remove-EntraConditionalAccessPolicy": "SignIns", + "Remove-EntraIdentityProvider": "SignIns", + "Remove-EntraOAuth2PermissionGrant": "SignIns", + "Remove-EntraPermissionGrantConditionSet": "SignIns", + "Remove-EntraPermissionGrantPolicy": "SignIns", + "Remove-EntraScopedRoleMembership": "DirectoryManagement", + "Revoke-EntraSignedInUserAllRefreshToken": "Authentication", + "Revoke-EntraUserAllRefreshToken": "Authentication", + "Set-EntraAuthorizationPolicy": "SignIns", + "Set-EntraConditionalAccessPolicy": "SignIns", + "Set-EntraIdentityProvider": "SignIns", + "Set-EntraPermissionGrantConditionSet": "SignIns", + "Set-EntraPermissionGrantPolicy": "SignIns", + "New-EntraNamedLocationPolicy": "SignIns", + "Remove-EntraNamedLocationPolicy": "SignIns", + "Set-EntraNamedLocationPolicy": "SignIns", + "Get-EntraNamedLocationPolicy": "SignIns", + "Get-EntraPartnerInformation": "DirectoryManagement", + "Set-EntraPartnerInformation": "DirectoryManagement", + "Get-EntraSubscribedSku": "DirectoryManagement", + "Get-EntraTenantDetail": "DirectoryManagement", + "Set-EntraTenantDetail": "DirectoryManagement", + "Add-EntraScopedRoleMembership": "DirectoryManagement", + "Get-EntraUser": "Users", + "Get-EntraUserAppRoleAssignment": "Users", + "Get-EntraUserCreatedObject": "Users", + "Get-EntraUserDirectReport": "Users", + "Get-EntraUserExtension": "Users", + "Get-EntraUserLicenseDetail": "Users", + "Get-EntraUserManager": "Users", + "Get-EntraUserMembership": "Users", + "Get-EntraUserOAuth2PermissionGrant": "Users", + "Get-EntraUserOwnedDevice": "Users", + "Get-EntraUserOwnedObject": "Users", + "Get-EntraUserRegisteredDevice": "Users", + "Get-EntraUserThumbnailPhoto": "Users", + "New-EntraUser": "Users", + "New-EntraUserAppRoleAssignment": "Users", + "Remove-EntraUser": "Users", + "Remove-EntraUserAppRoleAssignment": "Users", + "Remove-EntraUserExtension": "Users", + "Remove-EntraUserManager": "Users", + "Set-EntraUser": "Users", + "Set-EntraUserExtension": "Users", + "Set-EntraUserLicense": "Users", + "Set-EntraUserManager": "Users", + "Set-EntraUserPassword": "Users", + "Set-EntraUserThumbnailPhoto": "Users", + "Update-EntraSignedInUserPassword": "Users", + "Reset-EntraStrongAuthenticationMethodByUpn": "Authentication", + "Get-EntraAttributeSet": "DirectoryManagement", + "New-EntraAttributeSet": "DirectoryManagement", + "Set-EntraAttributeSet": "DirectoryManagement", + "Add-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Set-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraCustomSecurityAttributeDefinitionAllowedValue": "DirectoryManagement", + "Get-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "New-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "Set-EntraCustomSecurityAttributeDefinition": "DirectoryManagement", + "Add-EntraEnvironment": "Authentication", + "Confirm-EntraDomain": "DirectoryManagement", + "Connect-Entra": "Authentication", + "Disconnect-Entra": "Authentication", + "Enable-EntraAzureADAlias": "Migration", + "Find-EntraPermission": "Authentication", + "Get-CrossCloudVerificationCode": "DirectoryManagement", + "Get-EntraContext": "Authentication", + "Get-EntraEnvironment": "Authentication", + "Get-EntraObjectByObjectId": "DirectoryManagement", + "Test-EntraScript": "Migration", + "Get-EntraUnsupportedCommand": "Migration", + "Get-EntraObjectSetting": "Groups", + "New-EntraApplicationFromApplicationTemplate": "Applications", + "New-EntraFeatureRolloutPolicy": "SignIns", + "Remove-EntraFeatureRolloutPolicyDirectoryObject": "SignIns", + "Remove-EntraFeatureRolloutPolicy": "SignIns", + "Remove-EntraExternalDomainFederation": "DirectoryManagement", + "Get-EntraDirSyncFeature": "DirectoryManagement", + "Get-EntraAuditDirectoryLog": "Reports", + "Get-EntraAuditSignInLog": "Reports", + "Get-EntraDirectoryObjectOnPremisesProvisioningError": "DirectoryManagement", + "Get-EntraDirectoryRoleAssignment": "Governance", + "Get-EntraDirectoryRoleDefinition": "Governance", + "Get-EntraFeatureRolloutPolicy": "SignIns", + "Get-EntraServicePrincipalAppRoleAssignedTo": "Applications", + "Get-EntraServicePrincipalAppRoleAssignment": "Applications", + "New-EntraDirectoryRoleAssignment": "Governance", + "New-EntraDirectoryRoleDefinition": "Governance", + "New-EntraServicePrincipalAppRoleAssignment": "Applications", + "Remove-EntraDirectoryRoleAssignment": "Governance", + "Remove-EntraDirectoryRoleDefinition": "Governance", + "Remove-EntraServicePrincipalAppRoleAssignment": "Applications", + "Set-EntraDirectoryRoleDefinition": "Governance", + "Update-EntraUserFromFederated": "Users", + "Get-EntraDomainServiceConfigurationRecord":"DirectoryManagement" +} \ No newline at end of file diff --git a/module/Entra/customizations/Add-EntraApplicationOwner.ps1 b/module_legacy/Entra/customizations/Add-EntraApplicationOwner.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraApplicationOwner.ps1 rename to module_legacy/Entra/customizations/Add-EntraApplicationOwner.ps1 diff --git a/module/Entra/customizations/Add-EntraDeviceRegisteredOwner.ps1 b/module_legacy/Entra/customizations/Add-EntraDeviceRegisteredOwner.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraDeviceRegisteredOwner.ps1 rename to module_legacy/Entra/customizations/Add-EntraDeviceRegisteredOwner.ps1 diff --git a/module/Entra/customizations/Add-EntraDeviceRegisteredUser.ps1 b/module_legacy/Entra/customizations/Add-EntraDeviceRegisteredUser.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraDeviceRegisteredUser.ps1 rename to module_legacy/Entra/customizations/Add-EntraDeviceRegisteredUser.ps1 diff --git a/module/Entra/customizations/Add-EntraDirectoryRoleMember.ps1 b/module_legacy/Entra/customizations/Add-EntraDirectoryRoleMember.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraDirectoryRoleMember.ps1 rename to module_legacy/Entra/customizations/Add-EntraDirectoryRoleMember.ps1 diff --git a/module/Entra/customizations/Add-EntraGroupMember.ps1 b/module_legacy/Entra/customizations/Add-EntraGroupMember.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraGroupMember.ps1 rename to module_legacy/Entra/customizations/Add-EntraGroupMember.ps1 diff --git a/module/Entra/customizations/Add-EntraGroupOwner.ps1 b/module_legacy/Entra/customizations/Add-EntraGroupOwner.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraGroupOwner.ps1 rename to module_legacy/Entra/customizations/Add-EntraGroupOwner.ps1 diff --git a/module/Entra/customizations/Add-EntraLifecyclePolicyGroup.ps1 b/module_legacy/Entra/customizations/Add-EntraLifecyclePolicyGroup.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraLifecyclePolicyGroup.ps1 rename to module_legacy/Entra/customizations/Add-EntraLifecyclePolicyGroup.ps1 diff --git a/module/Entra/customizations/Add-EntraServicePrincipalOwner.ps1 b/module_legacy/Entra/customizations/Add-EntraServicePrincipalOwner.ps1 similarity index 100% rename from module/Entra/customizations/Add-EntraServicePrincipalOwner.ps1 rename to module_legacy/Entra/customizations/Add-EntraServicePrincipalOwner.ps1 diff --git a/module/Entra/customizations/Confirm-EntraDomain.ps1 b/module_legacy/Entra/customizations/Confirm-EntraDomain.ps1 similarity index 100% rename from module/Entra/customizations/Confirm-EntraDomain.ps1 rename to module_legacy/Entra/customizations/Confirm-EntraDomain.ps1 diff --git a/module/Entra/customizations/Generic.ps1 b/module_legacy/Entra/customizations/Generic.ps1 similarity index 100% rename from module/Entra/customizations/Generic.ps1 rename to module_legacy/Entra/customizations/Generic.ps1 diff --git a/module/Entra/customizations/Get-EntraApplication.ps1 b/module_legacy/Entra/customizations/Get-EntraApplication.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplication.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplication.ps1 diff --git a/module/Entra/customizations/Get-EntraApplicationKeyCredential.ps1 b/module_legacy/Entra/customizations/Get-EntraApplicationKeyCredential.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplicationKeyCredential.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplicationKeyCredential.ps1 diff --git a/module/Entra/customizations/Get-EntraApplicationLogo.ps1 b/module_legacy/Entra/customizations/Get-EntraApplicationLogo.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplicationLogo.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplicationLogo.ps1 diff --git a/module/Entra/customizations/Get-EntraApplicationOwner.ps1 b/module_legacy/Entra/customizations/Get-EntraApplicationOwner.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplicationOwner.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplicationOwner.ps1 diff --git a/module/Entra/customizations/Get-EntraApplicationPasswordCredential.ps1 b/module_legacy/Entra/customizations/Get-EntraApplicationPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplicationPasswordCredential.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplicationPasswordCredential.ps1 diff --git a/module/Entra/customizations/Get-EntraApplicationServiceEndpoint.ps1 b/module_legacy/Entra/customizations/Get-EntraApplicationServiceEndpoint.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraApplicationServiceEndpoint.ps1 rename to module_legacy/Entra/customizations/Get-EntraApplicationServiceEndpoint.ps1 diff --git a/module/Entra/customizations/Get-EntraConditionalAccessPolicy.ps1 b/module_legacy/Entra/customizations/Get-EntraConditionalAccessPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraConditionalAccessPolicy.ps1 rename to module_legacy/Entra/customizations/Get-EntraConditionalAccessPolicy.ps1 diff --git a/module/Entra/customizations/Get-EntraContact.ps1 b/module_legacy/Entra/customizations/Get-EntraContact.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraContact.ps1 rename to module_legacy/Entra/customizations/Get-EntraContact.ps1 diff --git a/module/Entra/customizations/Get-EntraContactDirectReport.ps1 b/module_legacy/Entra/customizations/Get-EntraContactDirectReport.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraContactDirectReport.ps1 rename to module_legacy/Entra/customizations/Get-EntraContactDirectReport.ps1 diff --git a/module/Entra/customizations/Get-EntraContactMembership.ps1 b/module_legacy/Entra/customizations/Get-EntraContactMembership.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraContactMembership.ps1 rename to module_legacy/Entra/customizations/Get-EntraContactMembership.ps1 diff --git a/module/Entra/customizations/Get-EntraDeletedApplication.ps1 b/module_legacy/Entra/customizations/Get-EntraDeletedApplication.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDeletedApplication.ps1 rename to module_legacy/Entra/customizations/Get-EntraDeletedApplication.ps1 diff --git a/module/Entra/customizations/Get-EntraDeletedDirectoryObject.ps1 b/module_legacy/Entra/customizations/Get-EntraDeletedDirectoryObject.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDeletedDirectoryObject.ps1 rename to module_legacy/Entra/customizations/Get-EntraDeletedDirectoryObject.ps1 diff --git a/module/Entra/customizations/Get-EntraDeletedGroup.ps1 b/module_legacy/Entra/customizations/Get-EntraDeletedGroup.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDeletedGroup.ps1 rename to module_legacy/Entra/customizations/Get-EntraDeletedGroup.ps1 diff --git a/module/Entra/customizations/Get-EntraDevice.ps1 b/module_legacy/Entra/customizations/Get-EntraDevice.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDevice.ps1 rename to module_legacy/Entra/customizations/Get-EntraDevice.ps1 diff --git a/module/Entra/customizations/Get-EntraDeviceRegisteredOwner.ps1 b/module_legacy/Entra/customizations/Get-EntraDeviceRegisteredOwner.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDeviceRegisteredOwner.ps1 rename to module_legacy/Entra/customizations/Get-EntraDeviceRegisteredOwner.ps1 diff --git a/module/Entra/customizations/Get-EntraDeviceRegisteredUser.ps1 b/module_legacy/Entra/customizations/Get-EntraDeviceRegisteredUser.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDeviceRegisteredUser.ps1 rename to module_legacy/Entra/customizations/Get-EntraDeviceRegisteredUser.ps1 diff --git a/module/Entra/customizations/Get-EntraDirectoryRoleAssignment.ps1 b/module_legacy/Entra/customizations/Get-EntraDirectoryRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDirectoryRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Get-EntraDirectoryRoleAssignment.ps1 diff --git a/module/Entra/customizations/Get-EntraDirectoryRoleDefinition.ps1 b/module_legacy/Entra/customizations/Get-EntraDirectoryRoleDefinition.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDirectoryRoleDefinition.ps1 rename to module_legacy/Entra/customizations/Get-EntraDirectoryRoleDefinition.ps1 diff --git a/module/Entra/customizations/Get-EntraDirectoryRoleMember.ps1 b/module_legacy/Entra/customizations/Get-EntraDirectoryRoleMember.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDirectoryRoleMember.ps1 rename to module_legacy/Entra/customizations/Get-EntraDirectoryRoleMember.ps1 diff --git a/module/Entra/customizations/Get-EntraDomain.ps1 b/module_legacy/Entra/customizations/Get-EntraDomain.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDomain.ps1 rename to module_legacy/Entra/customizations/Get-EntraDomain.ps1 diff --git a/module/Entra/customizations/Get-EntraDomainNameReference.ps1 b/module_legacy/Entra/customizations/Get-EntraDomainNameReference.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDomainNameReference.ps1 rename to module_legacy/Entra/customizations/Get-EntraDomainNameReference.ps1 diff --git a/module/Entra/customizations/Get-EntraDomainServiceConfigurationRecord.ps1 b/module_legacy/Entra/customizations/Get-EntraDomainServiceConfigurationRecord.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDomainServiceConfigurationRecord.ps1 rename to module_legacy/Entra/customizations/Get-EntraDomainServiceConfigurationRecord.ps1 diff --git a/module/Entra/customizations/Get-EntraDomainVerificationDnsRecord.ps1 b/module_legacy/Entra/customizations/Get-EntraDomainVerificationDnsRecord.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraDomainVerificationDnsRecord.ps1 rename to module_legacy/Entra/customizations/Get-EntraDomainVerificationDnsRecord.ps1 diff --git a/module/Entra/customizations/Get-EntraExtensionProperty.ps1 b/module_legacy/Entra/customizations/Get-EntraExtensionProperty.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraExtensionProperty.ps1 rename to module_legacy/Entra/customizations/Get-EntraExtensionProperty.ps1 diff --git a/module/Entra/customizations/Get-EntraGroup.ps1 b/module_legacy/Entra/customizations/Get-EntraGroup.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraGroup.ps1 rename to module_legacy/Entra/customizations/Get-EntraGroup.ps1 diff --git a/module/Entra/customizations/Get-EntraGroupAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Get-EntraGroupAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraGroupAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Get-EntraGroupAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Get-EntraGroupMember.ps1 b/module_legacy/Entra/customizations/Get-EntraGroupMember.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraGroupMember.ps1 rename to module_legacy/Entra/customizations/Get-EntraGroupMember.ps1 diff --git a/module/Entra/customizations/Get-EntraGroupOwner.ps1 b/module_legacy/Entra/customizations/Get-EntraGroupOwner.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraGroupOwner.ps1 rename to module_legacy/Entra/customizations/Get-EntraGroupOwner.ps1 diff --git a/module/Entra/customizations/Get-EntraIdentityProvider.ps1 b/module_legacy/Entra/customizations/Get-EntraIdentityProvider.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraIdentityProvider.ps1 rename to module_legacy/Entra/customizations/Get-EntraIdentityProvider.ps1 diff --git a/module/Entra/customizations/Get-EntraLifecyclePolicyGroup.ps1 b/module_legacy/Entra/customizations/Get-EntraLifecyclePolicyGroup.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraLifecyclePolicyGroup.ps1 rename to module_legacy/Entra/customizations/Get-EntraLifecyclePolicyGroup.ps1 diff --git a/module/Entra/customizations/Get-EntraNamedLocationPolicy.ps1 b/module_legacy/Entra/customizations/Get-EntraNamedLocationPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraNamedLocationPolicy.ps1 rename to module_legacy/Entra/customizations/Get-EntraNamedLocationPolicy.ps1 diff --git a/module/Entra/customizations/Get-EntraObjectByObjectId.ps1 b/module_legacy/Entra/customizations/Get-EntraObjectByObjectId.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraObjectByObjectId.ps1 rename to module_legacy/Entra/customizations/Get-EntraObjectByObjectId.ps1 diff --git a/module/Entra/customizations/Get-EntraPermissionGrantConditionSet.ps1 b/module_legacy/Entra/customizations/Get-EntraPermissionGrantConditionSet.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraPermissionGrantConditionSet.ps1 rename to module_legacy/Entra/customizations/Get-EntraPermissionGrantConditionSet.ps1 diff --git a/module/Entra/customizations/Get-EntraPermissionGrantPolicy.ps1 b/module_legacy/Entra/customizations/Get-EntraPermissionGrantPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraPermissionGrantPolicy.ps1 rename to module_legacy/Entra/customizations/Get-EntraPermissionGrantPolicy.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipal.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipal.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipal.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipal.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignedTo.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalCreatedObject.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalCreatedObject.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalCreatedObject.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalCreatedObject.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalKeyCredential.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalKeyCredential.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalKeyCredential.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalKeyCredential.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalMembership.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalMembership.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalMembership.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalMembership.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalOAuth2PermissionGrant.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalOwnedObject.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalOwnedObject.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalOwnedObject.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalOwnedObject.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalOwner.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalOwner.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalOwner.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalOwner.ps1 diff --git a/module/Entra/customizations/Get-EntraServicePrincipalPasswordCredential.ps1 b/module_legacy/Entra/customizations/Get-EntraServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraServicePrincipalPasswordCredential.ps1 rename to module_legacy/Entra/customizations/Get-EntraServicePrincipalPasswordCredential.ps1 diff --git a/module/Entra/customizations/Get-EntraSubscribedSku.ps1 b/module_legacy/Entra/customizations/Get-EntraSubscribedSku.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraSubscribedSku.ps1 rename to module_legacy/Entra/customizations/Get-EntraSubscribedSku.ps1 diff --git a/module/Entra/customizations/Get-EntraTenantDetail.ps1 b/module_legacy/Entra/customizations/Get-EntraTenantDetail.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraTenantDetail.ps1 rename to module_legacy/Entra/customizations/Get-EntraTenantDetail.ps1 diff --git a/module/Entra/customizations/Get-EntraTrustedCertificateAuthority.ps1 b/module_legacy/Entra/customizations/Get-EntraTrustedCertificateAuthority.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraTrustedCertificateAuthority.ps1 rename to module_legacy/Entra/customizations/Get-EntraTrustedCertificateAuthority.ps1 diff --git a/module/Entra/customizations/Get-EntraUser.ps1 b/module_legacy/Entra/customizations/Get-EntraUser.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUser.ps1 rename to module_legacy/Entra/customizations/Get-EntraUser.ps1 diff --git a/module/Entra/customizations/Get-EntraUserAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Get-EntraUserAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Get-EntraUserCreatedObject.ps1 b/module_legacy/Entra/customizations/Get-EntraUserCreatedObject.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserCreatedObject.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserCreatedObject.ps1 diff --git a/module/Entra/customizations/Get-EntraUserDirectReport.ps1 b/module_legacy/Entra/customizations/Get-EntraUserDirectReport.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserDirectReport.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserDirectReport.ps1 diff --git a/module/Entra/customizations/Get-EntraUserExtension.ps1 b/module_legacy/Entra/customizations/Get-EntraUserExtension.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserExtension.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserExtension.ps1 diff --git a/module/Entra/customizations/Get-EntraUserLicenseDetail.ps1 b/module_legacy/Entra/customizations/Get-EntraUserLicenseDetail.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserLicenseDetail.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserLicenseDetail.ps1 diff --git a/module/Entra/customizations/Get-EntraUserManager.ps1 b/module_legacy/Entra/customizations/Get-EntraUserManager.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserManager.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserManager.ps1 diff --git a/module/Entra/customizations/Get-EntraUserMembership.ps1 b/module_legacy/Entra/customizations/Get-EntraUserMembership.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserMembership.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserMembership.ps1 diff --git a/module/Entra/customizations/Get-EntraUserOAuth2PermissionGrant.ps1 b/module_legacy/Entra/customizations/Get-EntraUserOAuth2PermissionGrant.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserOAuth2PermissionGrant.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserOAuth2PermissionGrant.ps1 diff --git a/module/Entra/customizations/Get-EntraUserOwnedDevice.ps1 b/module_legacy/Entra/customizations/Get-EntraUserOwnedDevice.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserOwnedDevice.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserOwnedDevice.ps1 diff --git a/module/Entra/customizations/Get-EntraUserOwnedObject.ps1 b/module_legacy/Entra/customizations/Get-EntraUserOwnedObject.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserOwnedObject.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserOwnedObject.ps1 diff --git a/module/Entra/customizations/Get-EntraUserRegisteredDevice.ps1 b/module_legacy/Entra/customizations/Get-EntraUserRegisteredDevice.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserRegisteredDevice.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserRegisteredDevice.ps1 diff --git a/module/Entra/customizations/Get-EntraUserThumbnailPhoto.ps1 b/module_legacy/Entra/customizations/Get-EntraUserThumbnailPhoto.ps1 similarity index 100% rename from module/Entra/customizations/Get-EntraUserThumbnailPhoto.ps1 rename to module_legacy/Entra/customizations/Get-EntraUserThumbnailPhoto.ps1 diff --git a/module/Entra/customizations/New-EntraApplication.ps1 b/module_legacy/Entra/customizations/New-EntraApplication.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraApplication.ps1 rename to module_legacy/Entra/customizations/New-EntraApplication.ps1 diff --git a/module/Entra/customizations/New-EntraApplicationExtensionProperty.ps1 b/module_legacy/Entra/customizations/New-EntraApplicationExtensionProperty.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraApplicationExtensionProperty.ps1 rename to module_legacy/Entra/customizations/New-EntraApplicationExtensionProperty.ps1 diff --git a/module/Entra/customizations/New-EntraApplicationKeyCredential.ps1 b/module_legacy/Entra/customizations/New-EntraApplicationKeyCredential.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraApplicationKeyCredential.ps1 rename to module_legacy/Entra/customizations/New-EntraApplicationKeyCredential.ps1 diff --git a/module/Entra/customizations/New-EntraApplicationPassword.ps1 b/module_legacy/Entra/customizations/New-EntraApplicationPassword.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraApplicationPassword.ps1 rename to module_legacy/Entra/customizations/New-EntraApplicationPassword.ps1 diff --git a/module/Entra/customizations/New-EntraApplicationPasswordCredential.ps1 b/module_legacy/Entra/customizations/New-EntraApplicationPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraApplicationPasswordCredential.ps1 rename to module_legacy/Entra/customizations/New-EntraApplicationPasswordCredential.ps1 diff --git a/module/Entra/customizations/New-EntraConditionalAccessPolicy.ps1 b/module_legacy/Entra/customizations/New-EntraConditionalAccessPolicy.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraConditionalAccessPolicy.ps1 rename to module_legacy/Entra/customizations/New-EntraConditionalAccessPolicy.ps1 diff --git a/module/Entra/customizations/New-EntraDirectoryRoleAssignment.ps1 b/module_legacy/Entra/customizations/New-EntraDirectoryRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraDirectoryRoleAssignment.ps1 rename to module_legacy/Entra/customizations/New-EntraDirectoryRoleAssignment.ps1 diff --git a/module/Entra/customizations/New-EntraDirectoryRoleDefinition.ps1 b/module_legacy/Entra/customizations/New-EntraDirectoryRoleDefinition.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraDirectoryRoleDefinition.ps1 rename to module_legacy/Entra/customizations/New-EntraDirectoryRoleDefinition.ps1 diff --git a/module/Entra/customizations/New-EntraDomain.ps1 b/module_legacy/Entra/customizations/New-EntraDomain.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraDomain.ps1 rename to module_legacy/Entra/customizations/New-EntraDomain.ps1 diff --git a/module/Entra/customizations/New-EntraGroupAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/New-EntraGroupAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraGroupAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/New-EntraGroupAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/New-EntraIdentityProvider.ps1 b/module_legacy/Entra/customizations/New-EntraIdentityProvider.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraIdentityProvider.ps1 rename to module_legacy/Entra/customizations/New-EntraIdentityProvider.ps1 diff --git a/module/Entra/customizations/New-EntraInvitation.ps1 b/module_legacy/Entra/customizations/New-EntraInvitation.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraInvitation.ps1 rename to module_legacy/Entra/customizations/New-EntraInvitation.ps1 diff --git a/module/Entra/customizations/New-EntraNamedLocationPolicy.ps1 b/module_legacy/Entra/customizations/New-EntraNamedLocationPolicy.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraNamedLocationPolicy.ps1 rename to module_legacy/Entra/customizations/New-EntraNamedLocationPolicy.ps1 diff --git a/module/Entra/customizations/New-EntraPermissionGrantConditionSet.ps1 b/module_legacy/Entra/customizations/New-EntraPermissionGrantConditionSet.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraPermissionGrantConditionSet.ps1 rename to module_legacy/Entra/customizations/New-EntraPermissionGrantConditionSet.ps1 diff --git a/module/Entra/customizations/New-EntraPermissionGrantPolicy.ps1 b/module_legacy/Entra/customizations/New-EntraPermissionGrantPolicy.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraPermissionGrantPolicy.ps1 rename to module_legacy/Entra/customizations/New-EntraPermissionGrantPolicy.ps1 diff --git a/module/Entra/customizations/New-EntraServicePrincipal.ps1 b/module_legacy/Entra/customizations/New-EntraServicePrincipal.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraServicePrincipal.ps1 rename to module_legacy/Entra/customizations/New-EntraServicePrincipal.ps1 diff --git a/module/Entra/customizations/New-EntraServicePrincipalAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/New-EntraServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/New-EntraServicePrincipalAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/New-EntraServicePrincipalPasswordCredential.ps1 b/module_legacy/Entra/customizations/New-EntraServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraServicePrincipalPasswordCredential.ps1 rename to module_legacy/Entra/customizations/New-EntraServicePrincipalPasswordCredential.ps1 diff --git a/module/Entra/customizations/New-EntraTrustedCertificateAuthority.ps1 b/module_legacy/Entra/customizations/New-EntraTrustedCertificateAuthority.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraTrustedCertificateAuthority.ps1 rename to module_legacy/Entra/customizations/New-EntraTrustedCertificateAuthority.ps1 diff --git a/module/Entra/customizations/New-EntraUser.ps1 b/module_legacy/Entra/customizations/New-EntraUser.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraUser.ps1 rename to module_legacy/Entra/customizations/New-EntraUser.ps1 diff --git a/module/Entra/customizations/New-EntraUserAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/New-EntraUserAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/New-EntraUserAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/New-EntraUserAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/README.md b/module_legacy/Entra/customizations/README.md similarity index 100% rename from module/Entra/customizations/README.md rename to module_legacy/Entra/customizations/README.md diff --git a/module/Entra/customizations/Remove-EntraAdministrativeUnit.ps1 b/module_legacy/Entra/customizations/Remove-EntraAdministrativeUnit.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraAdministrativeUnit.ps1 rename to module_legacy/Entra/customizations/Remove-EntraAdministrativeUnit.ps1 diff --git a/module/Entra/customizations/Remove-EntraAdministrativeUnitMember.ps1 b/module_legacy/Entra/customizations/Remove-EntraAdministrativeUnitMember.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraAdministrativeUnitMember.ps1 rename to module_legacy/Entra/customizations/Remove-EntraAdministrativeUnitMember.ps1 diff --git a/module/Entra/customizations/Remove-EntraApplicationKeyCredential.ps1 b/module_legacy/Entra/customizations/Remove-EntraApplicationKeyCredential.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraApplicationKeyCredential.ps1 rename to module_legacy/Entra/customizations/Remove-EntraApplicationKeyCredential.ps1 diff --git a/module/Entra/customizations/Remove-EntraApplicationOwner.ps1 b/module_legacy/Entra/customizations/Remove-EntraApplicationOwner.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraApplicationOwner.ps1 rename to module_legacy/Entra/customizations/Remove-EntraApplicationOwner.ps1 diff --git a/module/Entra/customizations/Remove-EntraApplicationPasswordCredential.ps1 b/module_legacy/Entra/customizations/Remove-EntraApplicationPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraApplicationPasswordCredential.ps1 rename to module_legacy/Entra/customizations/Remove-EntraApplicationPasswordCredential.ps1 diff --git a/module/Entra/customizations/Remove-EntraApplicationVerifiedPublisher.ps1 b/module_legacy/Entra/customizations/Remove-EntraApplicationVerifiedPublisher.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraApplicationVerifiedPublisher.ps1 rename to module_legacy/Entra/customizations/Remove-EntraApplicationVerifiedPublisher.ps1 diff --git a/module/Entra/customizations/Remove-EntraConditionalAccessPolicy.ps1 b/module_legacy/Entra/customizations/Remove-EntraConditionalAccessPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraConditionalAccessPolicy.ps1 rename to module_legacy/Entra/customizations/Remove-EntraConditionalAccessPolicy.ps1 diff --git a/module/Entra/customizations/Remove-EntraDeletedApplication.ps1 b/module_legacy/Entra/customizations/Remove-EntraDeletedApplication.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDeletedApplication.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDeletedApplication.ps1 diff --git a/module/Entra/customizations/Remove-EntraDeletedDirectoryObject.ps1 b/module_legacy/Entra/customizations/Remove-EntraDeletedDirectoryObject.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDeletedDirectoryObject.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDeletedDirectoryObject.ps1 diff --git a/module/Entra/customizations/Remove-EntraDeviceRegisteredOwner.ps1 b/module_legacy/Entra/customizations/Remove-EntraDeviceRegisteredOwner.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDeviceRegisteredOwner.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDeviceRegisteredOwner.ps1 diff --git a/module/Entra/customizations/Remove-EntraDeviceRegisteredUser.ps1 b/module_legacy/Entra/customizations/Remove-EntraDeviceRegisteredUser.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDeviceRegisteredUser.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDeviceRegisteredUser.ps1 diff --git a/module/Entra/customizations/Remove-EntraDirectoryRoleAssignment.ps1 b/module_legacy/Entra/customizations/Remove-EntraDirectoryRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDirectoryRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDirectoryRoleAssignment.ps1 diff --git a/module/Entra/customizations/Remove-EntraDirectoryRoleDefinition.ps1 b/module_legacy/Entra/customizations/Remove-EntraDirectoryRoleDefinition.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDirectoryRoleDefinition.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDirectoryRoleDefinition.ps1 diff --git a/module/Entra/customizations/Remove-EntraDirectoryRoleMember.ps1 b/module_legacy/Entra/customizations/Remove-EntraDirectoryRoleMember.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDirectoryRoleMember.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDirectoryRoleMember.ps1 diff --git a/module/Entra/customizations/Remove-EntraDomain.ps1 b/module_legacy/Entra/customizations/Remove-EntraDomain.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraDomain.ps1 rename to module_legacy/Entra/customizations/Remove-EntraDomain.ps1 diff --git a/module/Entra/customizations/Remove-EntraGroupAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Remove-EntraGroupAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraGroupAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Remove-EntraGroupAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Remove-EntraGroupMember.ps1 b/module_legacy/Entra/customizations/Remove-EntraGroupMember.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraGroupMember.ps1 rename to module_legacy/Entra/customizations/Remove-EntraGroupMember.ps1 diff --git a/module/Entra/customizations/Remove-EntraGroupOwner.ps1 b/module_legacy/Entra/customizations/Remove-EntraGroupOwner.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraGroupOwner.ps1 rename to module_legacy/Entra/customizations/Remove-EntraGroupOwner.ps1 diff --git a/module/Entra/customizations/Remove-EntraLifecyclePolicyGroup.ps1 b/module_legacy/Entra/customizations/Remove-EntraLifecyclePolicyGroup.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraLifecyclePolicyGroup.ps1 rename to module_legacy/Entra/customizations/Remove-EntraLifecyclePolicyGroup.ps1 diff --git a/module/Entra/customizations/Remove-EntraNamedLocationPolicy.ps1 b/module_legacy/Entra/customizations/Remove-EntraNamedLocationPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraNamedLocationPolicy.ps1 rename to module_legacy/Entra/customizations/Remove-EntraNamedLocationPolicy.ps1 diff --git a/module/Entra/customizations/Remove-EntraPermissionGrantConditionSet.ps1 b/module_legacy/Entra/customizations/Remove-EntraPermissionGrantConditionSet.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraPermissionGrantConditionSet.ps1 rename to module_legacy/Entra/customizations/Remove-EntraPermissionGrantConditionSet.ps1 diff --git a/module/Entra/customizations/Remove-EntraPermissionGrantPolicy.ps1 b/module_legacy/Entra/customizations/Remove-EntraPermissionGrantPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraPermissionGrantPolicy.ps1 rename to module_legacy/Entra/customizations/Remove-EntraPermissionGrantPolicy.ps1 diff --git a/module/Entra/customizations/Remove-EntraScopedRoleMembership.ps1 b/module_legacy/Entra/customizations/Remove-EntraScopedRoleMembership.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraScopedRoleMembership.ps1 rename to module_legacy/Entra/customizations/Remove-EntraScopedRoleMembership.ps1 diff --git a/module/Entra/customizations/Remove-EntraServicePrincipalAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Remove-EntraServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Remove-EntraServicePrincipalAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 b/module_legacy/Entra/customizations/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 rename to module_legacy/Entra/customizations/Remove-EntraServicePrincipalDelegatedPermissionClassification.ps1 diff --git a/module/Entra/customizations/Remove-EntraServicePrincipalKeyCredential.ps1 b/module_legacy/Entra/customizations/Remove-EntraServicePrincipalKeyCredential.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraServicePrincipalKeyCredential.ps1 rename to module_legacy/Entra/customizations/Remove-EntraServicePrincipalKeyCredential.ps1 diff --git a/module/Entra/customizations/Remove-EntraServicePrincipalOwner.ps1 b/module_legacy/Entra/customizations/Remove-EntraServicePrincipalOwner.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraServicePrincipalOwner.ps1 rename to module_legacy/Entra/customizations/Remove-EntraServicePrincipalOwner.ps1 diff --git a/module/Entra/customizations/Remove-EntraServicePrincipalPasswordCredential.ps1 b/module_legacy/Entra/customizations/Remove-EntraServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraServicePrincipalPasswordCredential.ps1 rename to module_legacy/Entra/customizations/Remove-EntraServicePrincipalPasswordCredential.ps1 diff --git a/module/Entra/customizations/Remove-EntraTrustedCertificateAuthority.ps1 b/module_legacy/Entra/customizations/Remove-EntraTrustedCertificateAuthority.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraTrustedCertificateAuthority.ps1 rename to module_legacy/Entra/customizations/Remove-EntraTrustedCertificateAuthority.ps1 diff --git a/module/Entra/customizations/Remove-EntraUserAppRoleAssignment.ps1 b/module_legacy/Entra/customizations/Remove-EntraUserAppRoleAssignment.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraUserAppRoleAssignment.ps1 rename to module_legacy/Entra/customizations/Remove-EntraUserAppRoleAssignment.ps1 diff --git a/module/Entra/customizations/Remove-EntraUserManager.ps1 b/module_legacy/Entra/customizations/Remove-EntraUserManager.ps1 similarity index 100% rename from module/Entra/customizations/Remove-EntraUserManager.ps1 rename to module_legacy/Entra/customizations/Remove-EntraUserManager.ps1 diff --git a/module/Entra/customizations/Reset-EntraLifeCycleGroup.ps1 b/module_legacy/Entra/customizations/Reset-EntraLifeCycleGroup.ps1 similarity index 100% rename from module/Entra/customizations/Reset-EntraLifeCycleGroup.ps1 rename to module_legacy/Entra/customizations/Reset-EntraLifeCycleGroup.ps1 diff --git a/module/Entra/customizations/Restore-EntraDeletedApplication.ps1 b/module_legacy/Entra/customizations/Restore-EntraDeletedApplication.ps1 similarity index 100% rename from module/Entra/customizations/Restore-EntraDeletedApplication.ps1 rename to module_legacy/Entra/customizations/Restore-EntraDeletedApplication.ps1 diff --git a/module/Entra/customizations/Revoke-EntraSignedInUserAllRefreshToken.ps1 b/module_legacy/Entra/customizations/Revoke-EntraSignedInUserAllRefreshToken.ps1 similarity index 100% rename from module/Entra/customizations/Revoke-EntraSignedInUserAllRefreshToken.ps1 rename to module_legacy/Entra/customizations/Revoke-EntraSignedInUserAllRefreshToken.ps1 diff --git a/module/Entra/customizations/Revoke-EntraUserAllRefreshToken.ps1 b/module_legacy/Entra/customizations/Revoke-EntraUserAllRefreshToken.ps1 similarity index 100% rename from module/Entra/customizations/Revoke-EntraUserAllRefreshToken.ps1 rename to module_legacy/Entra/customizations/Revoke-EntraUserAllRefreshToken.ps1 diff --git a/module/Entra/customizations/Select-EntraGroupIdsContactIsMemberOf.ps1 b/module_legacy/Entra/customizations/Select-EntraGroupIdsContactIsMemberOf.ps1 similarity index 100% rename from module/Entra/customizations/Select-EntraGroupIdsContactIsMemberOf.ps1 rename to module_legacy/Entra/customizations/Select-EntraGroupIdsContactIsMemberOf.ps1 diff --git a/module/Entra/customizations/Select-EntraGroupIdsGroupIsMemberOf.ps1 b/module_legacy/Entra/customizations/Select-EntraGroupIdsGroupIsMemberOf.ps1 similarity index 100% rename from module/Entra/customizations/Select-EntraGroupIdsGroupIsMemberOf.ps1 rename to module_legacy/Entra/customizations/Select-EntraGroupIdsGroupIsMemberOf.ps1 diff --git a/module/Entra/customizations/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 b/module_legacy/Entra/customizations/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 similarity index 100% rename from module/Entra/customizations/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 rename to module_legacy/Entra/customizations/Select-EntraGroupIdsServicePrincipalIsMemberOf.ps1 diff --git a/module/Entra/customizations/Select-EntraGroupIdsUserIsMemberOf.ps1 b/module_legacy/Entra/customizations/Select-EntraGroupIdsUserIsMemberOf.ps1 similarity index 100% rename from module/Entra/customizations/Select-EntraGroupIdsUserIsMemberOf.ps1 rename to module_legacy/Entra/customizations/Select-EntraGroupIdsUserIsMemberOf.ps1 diff --git a/module/Entra/customizations/Set-EntraApplication.ps1 b/module_legacy/Entra/customizations/Set-EntraApplication.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraApplication.ps1 rename to module_legacy/Entra/customizations/Set-EntraApplication.ps1 diff --git a/module/Entra/customizations/Set-EntraApplicationLogo.ps1 b/module_legacy/Entra/customizations/Set-EntraApplicationLogo.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraApplicationLogo.ps1 rename to module_legacy/Entra/customizations/Set-EntraApplicationLogo.ps1 diff --git a/module/Entra/customizations/Set-EntraAuthorizationPolicy.ps1 b/module_legacy/Entra/customizations/Set-EntraAuthorizationPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraAuthorizationPolicy.ps1 rename to module_legacy/Entra/customizations/Set-EntraAuthorizationPolicy.ps1 diff --git a/module/Entra/customizations/Set-EntraConditionalAccessPolicy.ps1 b/module_legacy/Entra/customizations/Set-EntraConditionalAccessPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraConditionalAccessPolicy.ps1 rename to module_legacy/Entra/customizations/Set-EntraConditionalAccessPolicy.ps1 diff --git a/module/Entra/customizations/Set-EntraDevice.ps1 b/module_legacy/Entra/customizations/Set-EntraDevice.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraDevice.ps1 rename to module_legacy/Entra/customizations/Set-EntraDevice.ps1 diff --git a/module/Entra/customizations/Set-EntraDirectoryRoleDefinition.ps1 b/module_legacy/Entra/customizations/Set-EntraDirectoryRoleDefinition.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraDirectoryRoleDefinition.ps1 rename to module_legacy/Entra/customizations/Set-EntraDirectoryRoleDefinition.ps1 diff --git a/module/Entra/customizations/Set-EntraDomain.ps1 b/module_legacy/Entra/customizations/Set-EntraDomain.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraDomain.ps1 rename to module_legacy/Entra/customizations/Set-EntraDomain.ps1 diff --git a/module/Entra/customizations/Set-EntraIdentityProvider.ps1 b/module_legacy/Entra/customizations/Set-EntraIdentityProvider.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraIdentityProvider.ps1 rename to module_legacy/Entra/customizations/Set-EntraIdentityProvider.ps1 diff --git a/module/Entra/customizations/Set-EntraNamedLocationPolicy.ps1 b/module_legacy/Entra/customizations/Set-EntraNamedLocationPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraNamedLocationPolicy.ps1 rename to module_legacy/Entra/customizations/Set-EntraNamedLocationPolicy.ps1 diff --git a/module/Entra/customizations/Set-EntraPermissionGrantConditionSet.ps1 b/module_legacy/Entra/customizations/Set-EntraPermissionGrantConditionSet.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraPermissionGrantConditionSet.ps1 rename to module_legacy/Entra/customizations/Set-EntraPermissionGrantConditionSet.ps1 diff --git a/module/Entra/customizations/Set-EntraPermissionGrantPolicy.ps1 b/module_legacy/Entra/customizations/Set-EntraPermissionGrantPolicy.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraPermissionGrantPolicy.ps1 rename to module_legacy/Entra/customizations/Set-EntraPermissionGrantPolicy.ps1 diff --git a/module/Entra/customizations/Set-EntraTenantDetail.ps1 b/module_legacy/Entra/customizations/Set-EntraTenantDetail.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraTenantDetail.ps1 rename to module_legacy/Entra/customizations/Set-EntraTenantDetail.ps1 diff --git a/module/Entra/customizations/Set-EntraTrustedCertificateAuthority.ps1 b/module_legacy/Entra/customizations/Set-EntraTrustedCertificateAuthority.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraTrustedCertificateAuthority.ps1 rename to module_legacy/Entra/customizations/Set-EntraTrustedCertificateAuthority.ps1 diff --git a/module/Entra/customizations/Set-EntraUser.ps1 b/module_legacy/Entra/customizations/Set-EntraUser.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraUser.ps1 rename to module_legacy/Entra/customizations/Set-EntraUser.ps1 diff --git a/module_legacy/Entra/customizations/Set-EntraUserExtension.ps1 b/module_legacy/Entra/customizations/Set-EntraUserExtension.ps1 new file mode 100644 index 0000000000..8386204f3b --- /dev/null +++ b/module_legacy/Entra/customizations/Set-EntraUserExtension.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +@{ + SourceName = "Set-AzureADUserExtension" + TargetName = $null + Parameters = $null + Outputs = $null + CustomScript = @' + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Alias('ObjectId')] + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $UserId, + + [Parameter(ParameterSetName = "SetMultiple", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.Collections.Generic.Dictionary`2[System.String,System.String]] $ExtensionNameValues, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionValue, + + [Parameter(ParameterSetName = "SetSingle", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [System.String] $ExtensionName + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserId"]) + { + $params["UserId"] = $PSBoundParameters["UserId"] + } + if ($null -ne $PSBoundParameters["ProgressAction"]) + { + $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] + } + if ($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if ($null -ne $PSBoundParameters["ExtensionNameValues"]) + { + $params["ExtensionNameValues"] = $PSBoundParameters["ExtensionNameValues"] + } + if ($null -ne $PSBoundParameters["ExtensionValue"]) + { + $params["ExtensionValue"] = $PSBoundParameters["ExtensionValue"] + } + if ($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if ($null -ne $PSBoundParameters["ExtensionName"]) + { + $params["ExtensionName"] = $PSBoundParameters["ExtensionName"] + } + if ($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if ($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if ($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if ($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if ($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if ($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + if ($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($PSBoundParameters.ContainsKey("Debug")) + { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($PSBoundParameters.ContainsKey("Verbose")) + { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + + $response = Update-MgUserExtension @params -Headers $customHeaders + $response | ForEach-Object { + if($null -ne $_) { + Add-Member -InputObject $_ -MemberType AliasProperty -Name UserId -Value Id + + } + } + $response + } +'@ +} diff --git a/module/Entra/customizations/Set-EntraUserLicense.ps1 b/module_legacy/Entra/customizations/Set-EntraUserLicense.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraUserLicense.ps1 rename to module_legacy/Entra/customizations/Set-EntraUserLicense.ps1 diff --git a/module/Entra/customizations/Set-EntraUserManager.ps1 b/module_legacy/Entra/customizations/Set-EntraUserManager.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraUserManager.ps1 rename to module_legacy/Entra/customizations/Set-EntraUserManager.ps1 diff --git a/module/Entra/customizations/Set-EntraUserPassword.ps1 b/module_legacy/Entra/customizations/Set-EntraUserPassword.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraUserPassword.ps1 rename to module_legacy/Entra/customizations/Set-EntraUserPassword.ps1 diff --git a/module/Entra/customizations/Set-EntraUserThumbnailPhoto.ps1 b/module_legacy/Entra/customizations/Set-EntraUserThumbnailPhoto.ps1 similarity index 100% rename from module/Entra/customizations/Set-EntraUserThumbnailPhoto.ps1 rename to module_legacy/Entra/customizations/Set-EntraUserThumbnailPhoto.ps1 diff --git a/module/Entra/customizations/Types.ps1 b/module_legacy/Entra/customizations/Types.ps1 similarity index 100% rename from module/Entra/customizations/Types.ps1 rename to module_legacy/Entra/customizations/Types.ps1 diff --git a/module/Entra/customizations/Update-EntraSignedInUserPassword.ps1 b/module_legacy/Entra/customizations/Update-EntraSignedInUserPassword.ps1 similarity index 100% rename from module/Entra/customizations/Update-EntraSignedInUserPassword.ps1 rename to module_legacy/Entra/customizations/Update-EntraSignedInUserPassword.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Confirm-EntraBetaDomain.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Confirm-EntraBetaDomain.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Confirm-EntraBetaDomain.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Confirm-EntraBetaDomain.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Connect-Entra.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Connect-Entra.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Connect-Entra.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Connect-Entra.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Disconnect-Entra.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Disconnect-Entra.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Disconnect-Entra.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Disconnect-Entra.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Enable-EntraBetaGlobalSecureAccessTenant.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Enable-EntraBetaGlobalSecureAccessTenant.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Enable-EntraBetaGlobalSecureAccessTenant.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Enable-EntraBetaGlobalSecureAccessTenant.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaAccountSku.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaAccountSku.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaAccountSku.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaAccountSku.ps1 diff --git a/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 new file mode 100644 index 0000000000..6f8a6ce25d --- /dev/null +++ b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationPasswordCredential.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraBetaApplicationPasswordCredential { + [CmdletBinding(DefaultParameterSetName = '')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] + [Alias('ObjectId')] + [System.String] $ApplicationId, + [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)] + [System.String[]] $Property + ) + + PROCESS { + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + $params = @{} + $baseUri = "https://graph.microsoft.com/beta/applications/$ApplicationId/passwordCredentials" + $params['Method'] = 'GET' + $params['Uri'] = "$baseUri" + + $response = Invoke-GraphRequest @params -Headers $customHeaders | ConvertTo-Json | ConvertFrom-Json + try { + $response = $response.value + } catch { + Write-Error $_.Exception.Message + } + $response | ForEach-Object { + if ($null -ne $_) { + $CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_.CustomKeyIdentifier))) + Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $CustomKeyIdentifier -Force + Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value endDateTime + Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value startDateTime + } + } + if ($response) { + $userList = @() + foreach ($data in $response) { + $userType = New-Object Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPasswordCredential + $data.PSObject.Properties | ForEach-Object { + $propertyName = $_.Name + $propertyValue = $_.Value + $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force + } + $userList += $userType + } + if ($null -ne $PSBoundParameters['Property']) { + $userList | Select-Object $PSBoundParameters['Property'] + } else { + $userList + } + } + } +} diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnector.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnector.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnector.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnector.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorGroupMembers.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaApplicationProxyConnectorMemberOf.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncConfiguration.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncConfiguration.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncConfiguration.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncConfiguration.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncFeature.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncFeature.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncFeature.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirSyncFeature.ps1 diff --git a/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 new file mode 100644 index 0000000000..afdd658571 --- /dev/null +++ b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.ps1 @@ -0,0 +1,39 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Get-EntraBetaDirectoryObjectOnPremisesProvisioningError { + [CmdletBinding(DefaultParameterSetName = 'GetById')] + param ( + [Parameter(ParameterSetName = 'GetById')][ValidateNotNullOrEmpty()][ValidateScript({ if ($_ -is [System.Guid]) { $true } else { throw 'TenantId must be of type [System.Guid].' } })][System.Guid] $TenantId + ) + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + if ($null -ne $PSBoundParameters['TenantId']) { + $params['TenantId'] = $PSBoundParameters['TenantId'] + } + Write-Debug('============================ TRANSFORMATIONS ============================') + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + $Object = @('users', 'groups', 'contacts') + $response = @() + + try { + foreach ($obj in $object) { + $obj = ($obj | Out-String).TrimEnd() + $uri = 'https://graph.microsoft.com/beta/' + $obj + '?$select=onPremisesProvisioningErrors' + $response += ((Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method GET).value).onPremisesProvisioningErrors + } + } catch { + Write-Error $_.Exception.Message + } + + if ([string]::IsNullOrWhiteSpace($response)) { + Write-Host 'False' + } else { + $response + } + } +} +Set-Alias -Name Get-EntraBetaHasObjectsWithDirSyncProvisioningError -Value Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -Scope Global -Force diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaDomainFederationSettings.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDomainFederationSettings.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaDomainFederationSettings.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaDomainFederationSettings.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaFederationProperty.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaFederationProperty.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaFederationProperty.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaFederationProperty.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaGlobalSecureAccessTenantStatus.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaPartnerInformation.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPartnerInformation.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaPartnerInformation.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPartnerInformation.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaPasswordPolicy.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPasswordPolicy.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaPasswordPolicy.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPasswordPolicy.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplication.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplication.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplication.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplication.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplicationSegment.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplicationSegment.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplicationSegment.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaPrivateAccessApplicationSegment.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationMethod.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationMethod.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationMethod.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationMethod.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationRequirement.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationRequirement.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationRequirement.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraBetaUserAuthenticationRequirement.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Get-EntraContext.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Get-EntraContext.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Get-EntraContext.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Get-EntraContext.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyApplication.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyApplication.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyApplication.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyApplication.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaApplicationProxyConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaCustomHeaders.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaCustomHeaders.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaCustomHeaders.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaCustomHeaders.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaOauth2PermissionGrant.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaOauth2PermissionGrant.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaOauth2PermissionGrant.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaOauth2PermissionGrant.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplication.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplication.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplication.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplication.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplicationSegment.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplicationSegment.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplicationSegment.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/New-EntraBetaPrivateAccessApplicationSegment.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/README.md b/module_legacy/EntraBeta/AdditionalFunctions/README.md similarity index 100% rename from module/EntraBeta/AdditionalFunctions/README.md rename to module_legacy/EntraBeta/AdditionalFunctions/README.md diff --git a/module/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaApplicationProxyConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Remove-EntraBetaPrivateAccessApplicationSegment.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Reset-EntraBetaStrongAuthenticationMethodByUpn.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Restore-EntraBetaDeletedDirectoryObject.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Restore-EntraBetaDeletedDirectoryObject.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Restore-EntraBetaDeletedDirectoryObject.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Restore-EntraBetaDeletedDirectoryObject.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplication.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplication.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplication.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplication.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyApplicationSingleSignOn.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnector.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnector.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnector.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnector.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnectorGroup.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnectorGroup.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnectorGroup.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaApplicationProxyConnectorGroup.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncConfiguration.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncConfiguration.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncConfiguration.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncConfiguration.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncEnabled.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncEnabled.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncEnabled.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncEnabled.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncFeature.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncFeature.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncFeature.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDirSyncFeature.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaDomainFederationSettings.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDomainFederationSettings.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaDomainFederationSettings.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaDomainFederationSettings.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaPartnerInformation.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaPartnerInformation.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaPartnerInformation.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaPartnerInformation.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Set-EntraBetaServicePrincipal.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaServicePrincipal.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Set-EntraBetaServicePrincipal.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Set-EntraBetaServicePrincipal.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Test-EntraScript.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Test-EntraScript.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Test-EntraScript.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Test-EntraScript.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Update-EntraBetaOauth2PermissionGrant.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaOauth2PermissionGrant.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Update-EntraBetaOauth2PermissionGrant.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaOauth2PermissionGrant.ps1 diff --git a/module/EntraBeta/AdditionalFunctions/Update-EntraBetaUserAuthenticationRequirement.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaUserAuthenticationRequirement.ps1 similarity index 100% rename from module/EntraBeta/AdditionalFunctions/Update-EntraBetaUserAuthenticationRequirement.ps1 rename to module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaUserAuthenticationRequirement.ps1 diff --git a/module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 b/module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 new file mode 100644 index 0000000000..b38a700051 --- /dev/null +++ b/module_legacy/EntraBeta/AdditionalFunctions/Update-EntraBetaUserFromFederated.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +function Update-EntraBetaUserFromFederated { + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Scope="Function", Target="*")] + [CmdletBinding(DefaultParameterSetName = 'GetQuery')] + param ( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][string] $NewPassword, + [Parameter(Mandatory=$false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName=$true)][guid] $TenantId + + ) + + PROCESS { + $params = @{} + $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand + + if ($null -ne $PSBoundParameters["UserPrincipalName"]) { + $UserPrincipalName = $PSBoundParameters.UserPrincipalName + $UserId = Get-MgBetaUser -Search "UserPrincipalName:$UserPrincipalName" -ConsistencyLevel eventual + if ($null -ne $UserId) + { + $AuthenticationMethodId = Get-MgBetaUserAuthenticationMethod -UserId $UserId.Id + $params["AuthenticationMethodId"] = $AuthenticationMethodId.Id + $params["UserId"] = $UserId.Id + } + } + if ($PSBoundParameters.ContainsKey("NewPassword")) { + $params["NewPassword"] = $PSBoundParameters["NewPassword"] + } + if ($PSBoundParameters.ContainsKey("Verbose")) { + $params["Verbose"] = $PSBoundParameters["Verbose"] + } + if ($PSBoundParameters.ContainsKey("Debug")) { + $params["Debug"] = $PSBoundParameters["Debug"] + } + if($null -ne $PSBoundParameters["WarningVariable"]) + { + $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] + } + if($null -ne $PSBoundParameters["InformationVariable"]) + { + $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] + } + if($null -ne $PSBoundParameters["InformationAction"]) + { + $params["InformationAction"] = $PSBoundParameters["InformationAction"] + } + if($null -ne $PSBoundParameters["OutVariable"]) + { + $params["OutVariable"] = $PSBoundParameters["OutVariable"] + } + if($null -ne $PSBoundParameters["OutBuffer"]) + { + $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] + } + if($null -ne $PSBoundParameters["ErrorVariable"]) + { + $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] + } + if($null -ne $PSBoundParameters["PipelineVariable"]) + { + $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] + } + if($null -ne $PSBoundParameters["ErrorAction"]) + { + $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] + } + if($null -ne $PSBoundParameters["WarningAction"]) + { + $params["WarningAction"] = $PSBoundParameters["WarningAction"] + } + Write-Debug("============================ TRANSFORMATIONS ============================") + $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug + Write-Debug("=========================================================================`n") + if($null -ne $AuthenticationMethodId) + { + $response = Reset-MgBetaUserAuthenticationMethodPassword @params -Headers $customHeaders + } + $response + } +} +Set-Alias -Name Convert-EntraBetaFederatedUser -Value Update-EntraBetaUserFromFederated -Scope Global -Force + diff --git a/module_legacy/EntraBeta/config/ModuleMetadata.json b/module_legacy/EntraBeta/config/ModuleMetadata.json new file mode 100644 index 0000000000..9cf8ad0ff4 --- /dev/null +++ b/module_legacy/EntraBeta/config/ModuleMetadata.json @@ -0,0 +1,36 @@ +{ + "guid": "3a8a0270-121c-4455-845d-497458213f96", + "authors": "Microsoft", + "owners": "Microsoft", + "description": "Microsoft Entra PowerShell Beta: Microsoft Entra PowerShell is a scenario-driven module that allows administrators to efficiently manage Entra ID resources, including users, groups, applications, and policies, among others", + "requireLicenseAcceptance": "true", + "requiredModules" : [ + "Microsoft.Graph.Beta.Users", + "Microsoft.Graph.Beta.Users.Actions", + "Microsoft.Graph.Beta.Users.Functions", + "Microsoft.Graph.Beta.Groups", + "Microsoft.Graph.Beta.Identity.DirectoryManagement", + "Microsoft.Graph.Beta.Identity.Governance", + "Microsoft.Graph.Beta.Identity.SignIns", + "Microsoft.Graph.Beta.Applications", + "Microsoft.Graph.Beta.Reports" + ], + "requiredModulesVersion": "2.15.0", + "copyright": "© Microsoft Corporation. All rights reserved.", + "licenseUri": "https://aka.ms/devservicesagreement", + "projectUri": " https://github.com/microsoftgraph/entra-powershell", + "iconUri": "https://raw.githubusercontent.com/microsoftgraph/msgraph-sdk-powershell/master/documentation/images/graph_color256.png", + "tags": [ + "MicrosoftGraph", + "Microsoft", + "Graph", + "PowerShell", + "AzureAD", + "AzureADPreview", + "PSModule", + "Entra" + ], + "releaseNotes": "See https://github.com/microsoftgraph/entra-powershell.", + "version": "0.18.0", + "Prerelease": "preview" + } diff --git a/module_legacy/EntraBeta/config/ModuleSettings.json b/module_legacy/EntraBeta/config/ModuleSettings.json new file mode 100644 index 0000000000..16ef03892a --- /dev/null +++ b/module_legacy/EntraBeta/config/ModuleSettings.json @@ -0,0 +1,22 @@ +{ + "sourceModule" : "AzureADPreview", + "moduleName" : "Microsoft.Graph.Entra.Beta", + "newPrefix" : "EntraBeta", + "typePrefix" : "Microsoft.Open.", + "destinationModuleName" : [ + "Microsoft.Graph.Beta.DirectoryObjects", + "Microsoft.Graph.Beta.Users", + "Microsoft.Graph.Beta.Users.Actions", + "Microsoft.Graph.Beta.Users.Functions", + "Microsoft.Graph.Beta.Groups", + "Microsoft.Graph.Beta.Identity.DirectoryManagement", + "Microsoft.Graph.Beta.Identity.Governance", + "Microsoft.Graph.Beta.Identity.SignIns", + "Microsoft.Graph.Beta.Applications", + "Microsoft.Graph.Beta.Reports" + ], + "destinationModuleVersion": "2.15.0", + "sourceModulePrefix" : ["AzureADMS","AzureAD"], + "destinationPrefix" : ["MgBeta"], + "loadMessage": "" + } diff --git a/module_legacy/EntraBeta/config/dependencyMapping.json b/module_legacy/EntraBeta/config/dependencyMapping.json new file mode 100644 index 0000000000..ada536d812 --- /dev/null +++ b/module_legacy/EntraBeta/config/dependencyMapping.json @@ -0,0 +1,11 @@ +{ + "Microsoft.Graph.Entra.Beta.Users":["Microsoft.Graph.Beta.Users","Microsoft.Graph.Beta.Users.Actions","Microsoft.Graph.Beta.Users.Functions"], + "Microsoft.Graph.Entra.Beta.Authentication":["Microsoft.Graph.Authentication"], + "Microsoft.Graph.Entra.Beta.Groups":["Microsoft.Graph.Beta.Groups"], + "Microsoft.Graph.Entra.Beta.DirectoryManagement":["Microsoft.Graph.Beta.Identity.DirectoryManagement"], + "Microsoft.Graph.Entra.Beta.Governance":["Microsoft.Graph.Beta.Identity.Governance"], + "Microsoft.Graph.Entra.Beta.SignIns":["Microsoft.Graph.Beta.Identity.SignIns"], + "Microsoft.Graph.Entra.Beta.Applications":["Microsoft.Graph.Beta.Applications"], + "Microsoft.Graph.Entra.Beta.Reports":["Microsoft.Graph.Beta.Reports"], + "Microsoft.Graph.Entra.Beta.Invitations":["Microsoft.Graph.Beta.Identity.SignIns"] +} \ No newline at end of file diff --git a/module_legacy/EntraBeta/config/moduleMapping.json b/module_legacy/EntraBeta/config/moduleMapping.json new file mode 100644 index 0000000000..9ba9b07aac --- /dev/null +++ b/module_legacy/EntraBeta/config/moduleMapping.json @@ -0,0 +1,16 @@ +{ + "Authentication":"", + "Directory":"", + "Application":"", + "ApplicationProxy":"", + "User":"", + "Group":"", + "ServicePrincipal":"", + "AdministrativeUnit":"", + "Contact":"", + "Domain":"", + "Permission":"", + "Device":"", + "Policy":"", + "CertificateAuthority":"" +} \ No newline at end of file diff --git a/module/EntraBeta/customizations/Add-EntraBetaAdministrativeUnitMember.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaAdministrativeUnitMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaAdministrativeUnitMember.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaAdministrativeUnitMember.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaApplicationOwner.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaApplicationOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaApplicationOwner.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaApplicationOwner.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaApplicationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaApplicationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaApplicationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaApplicationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredOwner.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredOwner.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredOwner.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredUser.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredUser.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaDeviceRegisteredUser.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaDirectoryRoleMember.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaDirectoryRoleMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaDirectoryRoleMember.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaDirectoryRoleMember.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaGroupMember.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaGroupMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaGroupMember.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaGroupMember.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaGroupOwner.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaGroupOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaGroupOwner.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaGroupOwner.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaLifecyclePolicyGroup.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaLifecyclePolicyGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaLifecyclePolicyGroup.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaLifecyclePolicyGroup.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaScopedRoleMembership.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaScopedRoleMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaScopedRoleMembership.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaScopedRoleMembership.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaServicePrincipalOwner.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaServicePrincipalOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaServicePrincipalOwner.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaServicePrincipalOwner.ps1 diff --git a/module/EntraBeta/customizations/Add-EntraBetaServicePrincipalPolicy.ps1 b/module_legacy/EntraBeta/customizations/Add-EntraBetaServicePrincipalPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Add-EntraBetaServicePrincipalPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Add-EntraBetaServicePrincipalPolicy.ps1 diff --git a/module/EntraBeta/customizations/Generic.ps1 b/module_legacy/EntraBeta/customizations/Generic.ps1 similarity index 100% rename from module/EntraBeta/customizations/Generic.ps1 rename to module_legacy/EntraBeta/customizations/Generic.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplication.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplication.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplication.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationKeyCredential.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationKeyCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationKeyCredential.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationKeyCredential.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationLogo.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationLogo.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationLogo.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationLogo.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationOwner.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationOwner.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationOwner.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationProxyApplication.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationProxyApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationProxyApplication.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationProxyApplication.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationSignInDetailedSummary.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationSignInDetailedSummary.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationSignInDetailedSummary.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationSignInDetailedSummary.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationSignInSummary.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationSignInSummary.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationSignInSummary.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationSignInSummary.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaApplicationTemplate.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationTemplate.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaApplicationTemplate.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaApplicationTemplate.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaAttributeSet.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaAttributeSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaAttributeSet.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaAttributeSet.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaAuditDirectoryLog.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaAuditDirectoryLog.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaAuditDirectoryLog.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaAuditDirectoryLog.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaAuditSignInLog.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaAuditSignInLog.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaAuditSignInLog.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaAuditSignInLog.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaAuthorizationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaAuthorizationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaAuthorizationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaAuthorizationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaConditionalAccessPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaConditionalAccessPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaConditionalAccessPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaConditionalAccessPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaContact.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaContact.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaContact.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaContact.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaContactDirectReport.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaContactDirectReport.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaContactDirectReport.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaContactDirectReport.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaContactMembership.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaContactMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaContactMembership.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaContactMembership.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinition.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDeletedApplication.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDeletedApplication.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedApplication.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDeletedDirectoryObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedDirectoryObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDeletedDirectoryObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedDirectoryObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDeletedGroup.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDeletedGroup.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDeletedGroup.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDevice.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDevice.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDevice.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDevice.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredOwner.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredOwner.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredOwner.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredUser.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredUser.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDeviceRegisteredUser.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleDefinition.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleDefinition.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleMember.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDirectoryRoleMember.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDirectoryRoleMember.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDirectorySettingTemplate.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDirectorySettingTemplate.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDirectorySettingTemplate.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDirectorySettingTemplate.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDomain.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDomain.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDomain.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDomain.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDomainNameReference.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDomainNameReference.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDomainNameReference.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDomainNameReference.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDomainServiceConfigurationRecord.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDomainServiceConfigurationRecord.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDomainServiceConfigurationRecord.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDomainServiceConfigurationRecord.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaDomainVerificationDnsRecord.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaDomainVerificationDnsRecord.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaDomainVerificationDnsRecord.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaDomainVerificationDnsRecord.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaFeatureRolloutPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaFeatureRolloutPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaFeatureRolloutPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaFeatureRolloutPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaGroup.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaGroup.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaGroup.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaGroupAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaGroupAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaGroupAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaGroupAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaGroupMember.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaGroupMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaGroupMember.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaGroupMember.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaGroupOwner.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaGroupOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaGroupOwner.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaGroupOwner.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaIdentityProvider.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaIdentityProvider.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaIdentityProvider.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaIdentityProvider.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaLifecyclePolicyGroup.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaLifecyclePolicyGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaLifecyclePolicyGroup.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaLifecyclePolicyGroup.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaNamedLocationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaNamedLocationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaNamedLocationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaNamedLocationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaObjectByObjectId.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaObjectByObjectId.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaObjectByObjectId.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaObjectByObjectId.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaObjectSetting.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaObjectSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaObjectSetting.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaObjectSetting.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPasswordSingleSignOnCredential.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPasswordSingleSignOnCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPasswordSingleSignOnCredential.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPasswordSingleSignOnCredential.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPermissionGrantConditionSet.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPermissionGrantConditionSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPermissionGrantConditionSet.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPermissionGrantConditionSet.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPermissionGrantPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPermissionGrantPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPermissionGrantPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPermissionGrantPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPolicyAppliedObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPolicyAppliedObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPolicyAppliedObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPolicyAppliedObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPrivilegedResource.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedResource.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPrivilegedResource.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedResource.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleDefinition.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleDefinition.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleSetting.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleSetting.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaPrivilegedRoleSetting.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaScopedRoleMembership.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaScopedRoleMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaScopedRoleMembership.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaScopedRoleMembership.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipal.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipal.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipal.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipal.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignedTo.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalCreatedObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalCreatedObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalCreatedObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalCreatedObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalKeyCredential.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalKeyCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalKeyCredential.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalKeyCredential.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalMembership.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalMembership.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalMembership.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwnedObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwnedObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwnedObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwnedObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwner.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwner.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalOwner.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalPasswordCredential.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalPasswordCredential.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalPasswordCredential.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaServicePrincipalPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaServicePrincipalPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaServicePrincipalPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaSubscribedSku.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaSubscribedSku.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaSubscribedSku.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaSubscribedSku.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaTenantDetail.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaTenantDetail.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaTenantDetail.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaTenantDetail.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaTrustFrameworkPolicy.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaTrustFrameworkPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaTrustFrameworkPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaTrustFrameworkPolicy.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaTrustedCertificateAuthority.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaTrustedCertificateAuthority.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaTrustedCertificateAuthority.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaTrustedCertificateAuthority.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUser.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUser.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUser.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserCreatedObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserCreatedObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserCreatedObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserCreatedObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserDirectReport.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserDirectReport.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserDirectReport.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserDirectReport.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserExtension.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserExtension.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserExtension.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserExtension.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserLicenseDetail.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserLicenseDetail.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserLicenseDetail.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserLicenseDetail.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserManager.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserManager.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserManager.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserManager.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserMembership.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserMembership.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserMembership.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserOAuth2PermissionGrant.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserOAuth2PermissionGrant.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserOAuth2PermissionGrant.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserOAuth2PermissionGrant.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserOwnedDevice.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserOwnedDevice.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserOwnedDevice.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserOwnedDevice.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserOwnedObject.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserOwnedObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserOwnedObject.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserOwnedObject.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserRegisteredDevice.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserRegisteredDevice.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserRegisteredDevice.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserRegisteredDevice.ps1 diff --git a/module/EntraBeta/customizations/Get-EntraBetaUserThumbnailPhoto.ps1 b/module_legacy/EntraBeta/customizations/Get-EntraBetaUserThumbnailPhoto.ps1 similarity index 100% rename from module/EntraBeta/customizations/Get-EntraBetaUserThumbnailPhoto.ps1 rename to module_legacy/EntraBeta/customizations/Get-EntraBetaUserThumbnailPhoto.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaAdministrativeUnit.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaAdministrativeUnit.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaAdministrativeUnit.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaAdministrativeUnit.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaAdministrativeUnitMember.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaAdministrativeUnitMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaAdministrativeUnitMember.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaAdministrativeUnitMember.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplication.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplication.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplication.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplicationExtensionProperty.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplicationExtensionProperty.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplicationExtensionProperty.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplicationExtensionProperty.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplicationFromApplicationTemplate.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplicationFromApplicationTemplate.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplicationFromApplicationTemplate.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplicationFromApplicationTemplate.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplicationKeyCredential.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplicationKeyCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplicationKeyCredential.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplicationKeyCredential.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplicationPassword.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplicationPassword.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplicationPassword.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplicationPassword.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaApplicationPasswordCredential.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaApplicationPasswordCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaApplicationPasswordCredential.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaApplicationPasswordCredential.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaAttributeSet.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaAttributeSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaAttributeSet.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaAttributeSet.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaConditionalAccessPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaConditionalAccessPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaConditionalAccessPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaConditionalAccessPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaCustomSecurityAttributeDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaCustomSecurityAttributeDefinition.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaCustomSecurityAttributeDefinition.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaDirectoryRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaDirectoryRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaDirectoryRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaDirectoryRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaDirectoryRoleDefinition.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaDirectoryRoleDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaDirectoryRoleDefinition.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaDirectoryRoleDefinition.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaDirectorySetting.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaDirectorySetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaDirectorySetting.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaDirectorySetting.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaDomain.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaDomain.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaDomain.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaDomain.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaFeatureRolloutPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaFeatureRolloutPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaFeatureRolloutPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaFeatureRolloutPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaGroupAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaGroupAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaGroupAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaGroupAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaIdentityProvider.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaIdentityProvider.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaIdentityProvider.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaIdentityProvider.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaInvitation.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaInvitation.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaInvitation.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaInvitation.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaNamedLocationPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaNamedLocationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaNamedLocationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaNamedLocationPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaObjectSetting.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaObjectSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaObjectSetting.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaObjectSetting.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaPasswordSingleSignOnCredential.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaPasswordSingleSignOnCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaPasswordSingleSignOnCredential.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaPasswordSingleSignOnCredential.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaPermissionGrantConditionSet.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaPermissionGrantConditionSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaPermissionGrantConditionSet.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaPermissionGrantConditionSet.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaPermissionGrantPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaPermissionGrantPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaPermissionGrantPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaPermissionGrantPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaServicePrincipal.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipal.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaServicePrincipal.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipal.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipalAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaServicePrincipalPasswordCredential.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaServicePrincipalPasswordCredential.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaServicePrincipalPasswordCredential.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaTrustFrameworkPolicy.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaTrustFrameworkPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaTrustFrameworkPolicy.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaTrustFrameworkPolicy.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaTrustedCertificateAuthority.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaTrustedCertificateAuthority.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaTrustedCertificateAuthority.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaTrustedCertificateAuthority.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaUser.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaUser.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaUser.ps1 diff --git a/module/EntraBeta/customizations/New-EntraBetaUserAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/New-EntraBetaUserAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/New-EntraBetaUserAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/New-EntraBetaUserAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaAdministrativeUnitMember.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaAdministrativeUnitMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaAdministrativeUnitMember.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaAdministrativeUnitMember.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationKeyCredential.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationKeyCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationKeyCredential.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationKeyCredential.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationOwner.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationOwner.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationOwner.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationPasswordCredential.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationPasswordCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationPasswordCredential.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationPasswordCredential.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationProxyApplication.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationProxyApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationProxyApplication.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationProxyApplication.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaApplicationVerifiedPublisher.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationVerifiedPublisher.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaApplicationVerifiedPublisher.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaApplicationVerifiedPublisher.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaConditionalAccessPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaConditionalAccessPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaConditionalAccessPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaConditionalAccessPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDeletedApplication.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDeletedApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDeletedApplication.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDeletedApplication.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDeletedDirectoryObject.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDeletedDirectoryObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDeletedDirectoryObject.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDeletedDirectoryObject.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredOwner.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredOwner.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredOwner.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredUser.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredUser.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDeviceRegisteredUser.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleDefinition.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleDefinition.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleMember.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleMember.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDirectoryRoleMember.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaDomain.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaDomain.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaDomain.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaDomain.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaGroupAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaGroupAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaGroupMember.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupMember.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaGroupMember.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupMember.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaGroupOwner.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaGroupOwner.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaGroupOwner.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaLifecyclePolicyGroup.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaLifecyclePolicyGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaLifecyclePolicyGroup.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaLifecyclePolicyGroup.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaNamedLocationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaNamedLocationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaNamedLocationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaNamedLocationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaObjectSetting.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaObjectSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaObjectSetting.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaObjectSetting.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaPasswordSingleSignOnCredential.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaPermissionGrantConditionSet.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaPermissionGrantConditionSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaPermissionGrantConditionSet.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaPermissionGrantConditionSet.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaPermissionGrantPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaPermissionGrantPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaPermissionGrantPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaPermissionGrantPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaScopedRoleMembership.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaScopedRoleMembership.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaScopedRoleMembership.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaScopedRoleMembership.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalOwner.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalOwner.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalOwner.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalOwner.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPasswordCredential.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPolicy.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaServicePrincipalPolicy.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaTrustedCertificateAuthority.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaTrustedCertificateAuthority.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaTrustedCertificateAuthority.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaTrustedCertificateAuthority.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaUserAppRoleAssignment.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaUserAppRoleAssignment.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaUserAppRoleAssignment.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaUserAppRoleAssignment.ps1 diff --git a/module/EntraBeta/customizations/Remove-EntraBetaUserManager.ps1 b/module_legacy/EntraBeta/customizations/Remove-EntraBetaUserManager.ps1 similarity index 100% rename from module/EntraBeta/customizations/Remove-EntraBetaUserManager.ps1 rename to module_legacy/EntraBeta/customizations/Remove-EntraBetaUserManager.ps1 diff --git a/module/EntraBeta/customizations/Reset-EntraBetaLifeCycleGroup.ps1 b/module_legacy/EntraBeta/customizations/Reset-EntraBetaLifeCycleGroup.ps1 similarity index 100% rename from module/EntraBeta/customizations/Reset-EntraBetaLifeCycleGroup.ps1 rename to module_legacy/EntraBeta/customizations/Reset-EntraBetaLifeCycleGroup.ps1 diff --git a/module/EntraBeta/customizations/Restore-EntraBetaDeletedApplication.ps1 b/module_legacy/EntraBeta/customizations/Restore-EntraBetaDeletedApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Restore-EntraBetaDeletedApplication.ps1 rename to module_legacy/EntraBeta/customizations/Restore-EntraBetaDeletedApplication.ps1 diff --git a/module/EntraBeta/customizations/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 b/module_legacy/EntraBeta/customizations/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 similarity index 100% rename from module/EntraBeta/customizations/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 rename to module_legacy/EntraBeta/customizations/Revoke-EntraBetaSignedInUserAllRefreshToken.ps1 diff --git a/module/EntraBeta/customizations/Revoke-EntraBetaUserAllRefreshToken.ps1 b/module_legacy/EntraBeta/customizations/Revoke-EntraBetaUserAllRefreshToken.ps1 similarity index 100% rename from module/EntraBeta/customizations/Revoke-EntraBetaUserAllRefreshToken.ps1 rename to module_legacy/EntraBeta/customizations/Revoke-EntraBetaUserAllRefreshToken.ps1 diff --git a/module/EntraBeta/customizations/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 b/module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 similarity index 100% rename from module/EntraBeta/customizations/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 rename to module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsContactIsMemberOf.ps1 diff --git a/module/EntraBeta/customizations/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 b/module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 similarity index 100% rename from module/EntraBeta/customizations/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 rename to module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsGroupIsMemberOf.ps1 diff --git a/module/EntraBeta/customizations/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 b/module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 similarity index 100% rename from module/EntraBeta/customizations/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 rename to module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.ps1 diff --git a/module/EntraBeta/customizations/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 b/module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 similarity index 100% rename from module/EntraBeta/customizations/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 rename to module_legacy/EntraBeta/customizations/Select-EntraBetaGroupIdsUserIsMemberOf.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaAdministrativeUnit.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaAdministrativeUnit.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaAdministrativeUnit.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaAdministrativeUnit.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaApplication.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaApplication.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaApplication.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaApplication.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaApplicationLogo.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaApplicationLogo.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaApplicationLogo.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaApplicationLogo.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaAttributeSet.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaAttributeSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaAttributeSet.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaAttributeSet.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaAuthorizationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaAuthorizationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaAuthorizationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaAuthorizationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaConditionalAccessPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaConditionalAccessPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaConditionalAccessPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaConditionalAccessPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinition.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaDevice.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaDevice.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaDevice.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaDevice.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaDirectoryRoleDefinition.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaDirectoryRoleDefinition.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaDirectoryRoleDefinition.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaDirectoryRoleDefinition.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaDirectorySetting.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaDirectorySetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaDirectorySetting.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaDirectorySetting.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaDomain.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaDomain.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaDomain.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaDomain.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaFeatureRolloutPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaFeatureRolloutPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaFeatureRolloutPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaFeatureRolloutPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaIdentityProvider.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaIdentityProvider.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaIdentityProvider.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaIdentityProvider.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaNamedLocationPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaNamedLocationPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaNamedLocationPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaNamedLocationPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaObjectSetting.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaObjectSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaObjectSetting.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaObjectSetting.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaPasswordSingleSignOnCredential.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaPasswordSingleSignOnCredential.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaPasswordSingleSignOnCredential.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaPasswordSingleSignOnCredential.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaPermissionGrantConditionSet.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaPermissionGrantConditionSet.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaPermissionGrantConditionSet.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaPermissionGrantConditionSet.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaPermissionGrantPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaPermissionGrantPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaPermissionGrantPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaPermissionGrantPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaPrivilegedRoleSetting.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaPrivilegedRoleSetting.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaPrivilegedRoleSetting.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaPrivilegedRoleSetting.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaTenantDetail.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaTenantDetail.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaTenantDetail.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaTenantDetail.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaTrustFrameworkPolicy.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaTrustFrameworkPolicy.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaTrustFrameworkPolicy.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaTrustFrameworkPolicy.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaTrustedCertificateAuthority.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaTrustedCertificateAuthority.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaTrustedCertificateAuthority.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaTrustedCertificateAuthority.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaUser.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaUser.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaUser.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaUser.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaUserLicense.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaUserLicense.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaUserLicense.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaUserLicense.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaUserManager.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaUserManager.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaUserManager.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaUserManager.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaUserPassword.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaUserPassword.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaUserPassword.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaUserPassword.ps1 diff --git a/module/EntraBeta/customizations/Set-EntraBetaUserThumbnailPhoto.ps1 b/module_legacy/EntraBeta/customizations/Set-EntraBetaUserThumbnailPhoto.ps1 similarity index 100% rename from module/EntraBeta/customizations/Set-EntraBetaUserThumbnailPhoto.ps1 rename to module_legacy/EntraBeta/customizations/Set-EntraBetaUserThumbnailPhoto.ps1 diff --git a/module/EntraBeta/customizations/Types.ps1 b/module_legacy/EntraBeta/customizations/Types.ps1 similarity index 100% rename from module/EntraBeta/customizations/Types.ps1 rename to module_legacy/EntraBeta/customizations/Types.ps1 diff --git a/module/EntraBeta/customizations/Update-EntraBetaSignedInUserPassword.ps1 b/module_legacy/EntraBeta/customizations/Update-EntraBetaSignedInUserPassword.ps1 similarity index 100% rename from module/EntraBeta/customizations/Update-EntraBetaSignedInUserPassword.ps1 rename to module_legacy/EntraBeta/customizations/Update-EntraBetaSignedInUserPassword.ps1 diff --git a/module_legacy/breadcrumb/toc.yml b/module_legacy/breadcrumb/toc.yml new file mode 100644 index 0000000000..61d8fca61e --- /dev/null +++ b/module_legacy/breadcrumb/toc.yml @@ -0,0 +1,3 @@ +- name: Docs + tocHref: / + topicHref: / \ No newline at end of file diff --git a/module_legacy/docfx.json b/module_legacy/docfx.json new file mode 100644 index 0000000000..ff5bf913ff --- /dev/null +++ b/module_legacy/docfx.json @@ -0,0 +1,124 @@ +{ + "build": { + "content": [ + { + "dest": "entra-preview", + "files": [ + "breadcrumb/toc.yml" + ] + }, + { + "dest": "entra-preview", + "files": [ + "**/*.md", + "**/*.yml" + ], + "src": "docs/entra-powershell-v1.0", + "version": "entra-powershell-preview" + }, + { + "dest": "module", + "exclude": [ + "toc.yml" + ], + "files": [ + "**/*.yml" + ], + "src": "entra-powershell-preview", + "version": "entra-powershell-preview" + }, + { + "dest": "module", + "files": [ + "**/About/*.md" + ], + "src": "entra-powershell-preview", + "version": "entra-powershell-preview" + }, + { + "dest": "module/entra-powershell-preview", + "files": [ + "toc.yml" + ], + "src": "entra-powershell-preview", + "version": "entra-powershell-preview" + }, + { + "dest": "entra-preview", + "files": [ + "**/*.md", + "**/*.yml" + ], + "src": "docs/entra-powershell-beta", + "version": "entra-powershell-beta-preview" + }, + { + "dest": "module", + "exclude": [ + "toc.yml" + ], + "files": [ + "**/*.yml" + ], + "src": "entra-powershell-beta-preview", + "version": "entra-powershell-beta-preview" + }, + { + "dest": "module", + "files": [ + "**/About/*.md" + ], + "src": "entra-powershell-beta-preview", + "version": "entra-powershell-beta-preview" + }, + { + "dest": "module/entra-powershell-beta-preview", + "files": [ + "toc.yml" + ], + "src": "entra-powershell-beta-preview", + "version": "entra-powershell-beta-preview" + }, + { + "dest": "entra-preview", + "files": [ + "**/*.md", + "**/*.yml" + ], + "src": "virtual-folder" + }, + { + "dest": "module", + "files": [ + "**/*.md", + "**/*.yml" + ], + "src": "virtual-folder-module" + } + ], + "versions": { + "entra-powershell-preview": { + "dest": "entra-powershell-preview" + }, + "entra-powershell-beta-preview": { + "dest": "entra-powershell-beta-preview" + } + }, + "overwrite": [], + "externalReference": [], + "globalMetadata": { + "breadcrumb_path": "/powershell/samples/breadcrumb/toc.json", + "extendBreadcrumb": true, + "feedback_system": "Standard", + "ms.devlang": "powershell", + "ms.prod": "powershell", + "ms.topic": "reference", + "ms.author": "stevemutungi", + "author": "SteveMutungi254" + }, + "template": [], + "markdownEngineName": "markdig", + "exportRawModel": true, + "exportViewModel": true + } +} diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..abc9358e6e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,113 @@ +--- +title: Add-EntraBetaAdministrativeUnitMember +description: This article provides details on the Add-EntraBetaAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 08/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Add-EntraBetaAdministrativeUnitMember + +## Synopsis + +Adds an administrative unit member. + +## Syntax + +```powershell +Add-EntraBetaAdministrativeUnitMember + -RefObjectId + -AdministrativeUnitId + [] +``` + +## Description + +The `Add-EntraBetaAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. + +Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. + +To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$User = Get-EntraBetaUser -SearchString '' +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraBetaAdministrativeUnitMember @params +``` + +This example shows how to add an administrative unit member. You can use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit ID. You can use the command `Get-EntraBetaUser` to get user ID. + +- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of a Microsoft Entra ID administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the unique ID of the specific Microsoft Entra ID object that is assigned as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) + +[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) + +[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..a5de700ae1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner.md @@ -0,0 +1,106 @@ +--- +title: Add-EntraBetaApplicationOwner +description: This article provides details on the Add-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaApplicationOwner + +## Synopsis + +Adds an owner to an application. + +## Syntax + +```powershell +Add-EntraBetaApplicationOwner + -ApplicationId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. + +## Examples + +### Example 1: Add a user as an owner to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$ApplicationId = (Get-EntraBetaApplication -SearchString '').ObjectId +$UserObjectId = (Get-EntraBetaUser -SearchString '').ObjectId +$params = @{ + ApplicationId = $ApplicationId + RefObjectId = $UserObjectId +} +Add-EntraBetaApplicationOwner @params +``` + +This example demonstrates how to add an owner to an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the ID of an application. +- `-RefObjectId` parameter specifies the ID of a user. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) + +[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaApplicationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDeviceRegisteredUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaGroupOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaLifecyclePolicyGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaLifecyclePolicyGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaLifecyclePolicyGroup.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..0abed3e38e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership.md @@ -0,0 +1,137 @@ +--- +title: Add-EntraBetaScopedRoleMembership +description: This article provides details on the Add-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Add-EntraBetaScopedRoleMembership + +## Synopsis + +Assign a Microsoft Entra role with an administrative unit scope. + +## Syntax + +```powershell +Add-EntraBetaScopedRoleMembership + -AdministrativeUnitId + [-RoleMemberInfo ] + [-RoleObjectId ] + [] +``` + +## Description + +The `Add-EntraBetaScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. + +For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add a scoped role membership to an administrative unit + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$User = Get-EntraBetaUser -SearchString 'MarkWood' +$Role = Get-EntraBetaDirectoryRole -Filter "DisplayName eq ''" +$Unit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$RoleMember = New-Object -TypeName Microsoft.Open.AzureAD.Model.RoleMemberInfo +$RoleMember.ObjectId = $User.ObjectId +$params = @{ + AdministrativeUnitId = $Unit.ObjectId + RoleObjectId = $Role.ObjectId + RoleMemberInfo = $RoleMember +} +Add-EntraBetaScopedRoleMembership @params +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The example shows how to add a user to the specified role within the specified administrative unit. + +- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. +- `-RoleObjectId` Parameter specifies the ID of a directory role. +- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RoleMemberInfo + +Specifies a RoleMemberInfo object. + +```yaml +Type: System.RoleMemberInfo +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleObjectId + +Specifies DirectoryRole ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) + +[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..4a6b1f8156 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,109 @@ +--- +title: Add-EntraBetaServicePrincipalOwner +description: This article provides details on the Add-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Add-EntraBetaServicePrincipalOwner + +## Synopsis + +Adds an owner to a service principal. + +## Syntax + +```powershell +Add-EntraBetaServicePrincipalOwner + -ServicePrincipalId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraBetaServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Add a user as an owner to a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipalId = (Get-EntraBetaServicePrincipal -Top 1).ObjectId +$OwnerId = (Get-EntraBetaUser -Top 1).ObjectId +$Params = @{ + ServicePrincipalId = $ServicePrincipalId + RefObjectId = $OwnerId +} +Add-EntraBetaServicePrincipalOwner @Params +``` + +This example demonstrates how to add an owner to a service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-RefObjectId` parameter specifies the user object Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaUser](Get-EntraBetaUser.md) + +[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Add-EntraBetaServicePrincipalPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Confirm-EntraBetaDomain.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Confirm-EntraBetaDomain.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Confirm-EntraBetaDomain.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Confirm-EntraBetaDomain.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Connect-Entra.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Connect-Entra.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Connect-Entra.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Connect-Entra.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Disconnect-Entra.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Disconnect-Entra.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Disconnect-Entra.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Disconnect-Entra.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraAzureADAlias.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraAzureADAlias.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraAzureADAlias.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraAzureADAlias.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaDirectoryRole.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaDirectoryRole.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaDirectoryRole.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaDirectoryRole.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md new file mode 100644 index 0000000000..ab4e6780d0 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant.md @@ -0,0 +1,73 @@ +--- +title: Enable-EntraBetaGlobalSecureAccessTenant +description: This article provides details on the Enable-EntraBetaGlobalSecureAccessTenant command. + +ms.topic: reference +ms.date: 10/31/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Enable-EntraBetaGlobalSecureAccessTenant +schema: 2.0.0 +--- + +# Enable-EntraBetaGlobalSecureAccessTenant + +## Synopsis + +Onboard the Global Secure Access service in the tenant. + +## Syntax + +```powershell +Enable-EntraBetaGlobalSecureAccessTenant +``` + +## Description + +The `Enable-EntraBetaGlobalSecureAccessTenant` cmdlet onboards the Global Secure Access service in the tenant. + +In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the necessary permissions: + +- Global Secure Access Administrator +- Security Administrator + +## Examples + +### Example 1: Enable Global Secure Access for a tenant + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Enable-EntraBetaGlobalSecureAccessTenant +``` + +```Output +@odata.context : https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity +onboardingStatus : onboarded +onboardingErrorMessage : +``` + +This command onboards the Global Secure Access service in the tenant. + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaGlobalSecureAccessTenantStatus](Get-EntraBetaGlobalSecureAccessTenantStatus.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAccountSku.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAccountSku.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAccountSku.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAccountSku.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnit.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnit.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnit.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnit.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..68bb562f1d --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraBetaAdministrativeUnitMember +description: This article provides details on the Get-EntraBetaAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Get-EntraBetaAdministrativeUnitMember + +## Synopsis + +Gets a member of an administrative unit. + +## Syntax + +```powershell +Get-EntraBetaAdministrativeUnitMember + -AdministrativeUnitId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. + +In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Directory Readers: Read basic properties on administrative units +- Global Reader: Read all properties of administrative units, including members +- Privileged Role Administrator: Create and manage administrative units (including members) + +## Examples + +### Example 1: Get an administrative unit member by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 2: Get all administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of all administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 3: Get top three administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example returns top three administrative unit members from specified administrative unit ObjectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) + +[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) + +[Remove-EntraBetaAdministrativeUnitMember](Remove-EntraBetaAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplication.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..f492b340fd --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaApplicationExtensionProperty +description: This article provides details on the Get-EntraBetaApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationExtensionProperty + +## Synopsis + +Gets application extension properties. + +## Syntax + +```powershell +Get-EntraBetaApplicationExtensionProperty + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. + +## Examples + +### Example 1: Get extension properties + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$Application = Get-EntraBetaApplication -SearchString '' +Get-EntraBetaApplicationExtensionProperty -ApplicationId $Application.Id +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ------------- ---------------------- ---- ------------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} +``` + +This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraBetaApplication` to get application ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) + +[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..83970daafb --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,87 @@ +--- +title: Get-EntraBetaApplicationKeyCredential +description: This article provides details on the Get-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationKeyCredential + +## Synopsis + +Gets the key credentials for an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationKeyCredential + -ObjectId + [] +``` + +## Description + +The `Get-EntraBetaApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. + +## Examples + +### Example 1: Get key credentials + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationKeyCredential -ObjectId $application.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- +{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify +``` + +This command gets the key credentials for the specified application. +`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraBetaApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) + +[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md new file mode 100644 index 0000000000..7ddcd2cfda --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo.md @@ -0,0 +1,136 @@ +--- +title: Get-EntraBetaApplicationLogo +description: This article provides details on the Get-EntraBetaApplicationLogo command. + + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationLogo + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationLogo + +## Synopsis + +Retrieve the logo of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationLogo + -ApplicationId + [-FileName ] + [-FilePath ] + [-View ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. + +## Examples + +### Example 1: Get an application logo for an application by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplicationLogo -ApplicationId 'bbbbbbbb-1111-1111-1111-cccccccccccc' -FilePath 'D:\outfile1.jpg' +``` + +This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. + +## Parameters + +### -FileName + +If provided, the application logo is saved to the file using the specified file name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FilePath + +If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the application for which the logo is to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -View + +If set to $true, the application's logo is displayed in a new window on the screen. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +### System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationLogo](Set-EntraBetaApplicationLogo.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..b218c94245 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner.md @@ -0,0 +1,211 @@ +--- +title: Get-EntraBetaApplicationOwner +description: This article provides details on the Get-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationOwner + +## Synopsis + +Gets the owner of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationOwner + -ApplicationId + [-Top ] + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. + +## Examples + +### Example 1: Get the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +Get-EntraBetaApplicationOwner -ApplicationId $Application.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 2: Get the details about the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -SearchString '' +$applicationOwners = Get-EntraBetaApplicationOwner -ObjectId $application.ObjectId +$ownerDetails = $applicationOwners | ForEach-Object { + $ownerDetail = Get-EntraBetaObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + displayName = $ownerDetail.displayName + Id = $ownerDetail.Id + UserPrincipalName = $ownerDetail.UserPrincipalName + UserType = $ownerDetail.UserType + accountEnabled = $ownerDetail.accountEnabled + } +} +$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize +``` + +```Output +displayName Id UserPrincipalName UserType accountEnabled +----------- -- ----------------- -------- -------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True +Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. + +### Example 3: Get all owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +Get-EntraBetaApplicationOwner -ApplicationId $Application.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 4: Get top two owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +Get-EntraBetaApplicationOwner -ApplicationId $Application.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) + +[Remove-EntraBetaApplicationOwner](Remove-EntraBetaApplicationOwner.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..7cf278e30e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaApplicationPasswordCredential +description: This article provides details on the Get-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPasswordCredential +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationPasswordCredential + +## Synopsis + +Gets the password credential for an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationPasswordCredential + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. + +## Examples + +### Example 1: Get password credential for specified application + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 +``` + +This example shows how to retrieve the password credential for specified application. + +- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ApplicationId + +The objectID of the application for which to get the password credential. Use `Get-EntraBetaApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationPasswordCredential](New-EntraBetaApplicationPasswordCredential.md) + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationPolicy.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md new file mode 100644 index 0000000000..b7e918d850 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication.md @@ -0,0 +1,114 @@ +--- +title: Get-EntraBetaApplicationProxyApplication +description: This article provides details on the Get-EntraBetaApplicationProxyApplication. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplication + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyApplication + +## Synopsis + +Retrieves an application configured for Application Proxy in Microsoft Entra ID. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyApplication + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyApplication` cmdlet retrieves an application configured for Application Proxy in Microsoft Entra ID. Specify `ApplicationId` parameter to retrieve application configured for application proxy. + +## Examples + +### Example 1: Retrieves an application configured for Application Proxy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyApplication -ApplicationId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +AlternateUrl ApplicationServerTimeout ApplicationType ExternalAuthenticationType ExternalUrl +------------ ------------------------ --------------- -------------------------- ----------- + Long enterpriseapp aadPreAuthentication +https://testp-m365x99297270.msapppr... +``` + +This example retrieves an application configured for Application Proxy. + +- `ApplicationId` parameter specifies the application ID. + +## Parameters + +### -ApplicationId + +This ApplicationId is the unique application ID of the application. +This ApplicationId can be found using the `Get-EntraBetaApplication` command. +You can also find ApplicationId in the Microsoft Portal by navigating to Microsoft Entra ID, Enterprise Applications, All Applications, Select your application, go to the properties tab, and use the ObjectId on that page. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaApplicationProxyApplication](New-EntraBetaApplicationProxyApplication.md) + +[Set-EntraBetaApplicationProxyApplication](Set-EntraBetaApplicationProxyApplication.md) + +[Remove-EntraBetaApplicationProxyApplication](Remove-EntraBetaApplicationProxyApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md new file mode 100644 index 0000000000..4827069397 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup.md @@ -0,0 +1,95 @@ +--- +title: Get-EntraBetaApplicationProxyApplicationConnectorGroup +description: This article provides details on the Get-EntraBetaApplicationProxyApplicationConnectorGroup. + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyApplicationConnectorGroup + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationProxyApplicationConnectorGroup + +## Synopsis + +The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for a specific application. + +## Syntax + +```powershell +Get-EntraBetaApplicationProxyApplicationConnectorGroup + -ObjectId + [] +``` + +## Description + +The `Get-EntraBetaApplicationProxyApplicationConnectorGroup` cmdlet retrieves the connector group assigned for the specified application. +The application must be configured for Application Proxy in Microsoft Entra ID. + +## Examples + +### Example 1: retrieves the connector group assigned for the specified application + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Get-EntraBetaApplicationProxyApplicationConnectorGroup -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id Name ConnectorGroupType IsDefault +-- ---- ------------------ --------- +bbbbbbbb-1111-2222-3333-cccccccccccc test-group applicationProxy False +``` + +This example retrieves the connector group assigned for the specified application. + +- `ObjectId` parameter specifies the application ID. + +## Parameters + +### -ObjectId + +ObjectId is the ID of the application. +This ObjectId can be found using the `Get-EntraBetaApplication` command. +You can also find this ObjectId in the Microsoft Portal by navigating to Microsoft Entra ID, Enterprise Applications, All Applications, Select your application, go to the properties tab, and use the ObjectId on that page. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaApplicationProxyApplicationConnectorGroup](Set-EntraBetaApplicationProxyApplicationConnectorGroup.md) + +[Remove-EntraBetaApplicationProxyApplicationConnectorGroup](Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnector.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnector.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnector.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnector.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroupMembers.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroupMembers.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroupMembers.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorGroupMembers.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorMemberOf.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorMemberOf.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorMemberOf.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationProxyConnectorMemberOf.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md new file mode 100644 index 0000000000..f4149cfb2c --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint.md @@ -0,0 +1,165 @@ +--- +title: Get-EntraBetaApplicationServiceEndpoint +description: This article provides details on the Get-EntraBetaApplicationServiceEndpoint command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationServiceEndpoint +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationServiceEndpoint + +## Synopsis + +Retrieve the service endpoint of an application. + +## Syntax + +```powershell +Get-EntraBetaApplicationServiceEndpoint + -ApplicationId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. + +The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. + +Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. + +## Examples + +### Example 1: Retrieve the application service endpoint by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationServiceEndpoint -ApplicationId $application.ObjectId +``` + +This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 2: Get all service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationServiceEndpoint -ApplicationId $application.ObjectId -All +``` + +This example demonstrates how to retrieve all service endpoints of a specified application. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 3: Get top five service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraBetaApplicationServiceEndpoint -ApplicationId $application.ObjectId -Top 5 +``` + +This example demonstrates how to retrieve five service endpoints of a specified application. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -All + +Return all service endpoints. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the object ID of the application for which the service endpoint is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of results that are returned. +The default is 100. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md new file mode 100644 index 0000000000..d95e8f07b1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary.md @@ -0,0 +1,153 @@ +--- +title: Get-EntraBetaApplicationSignInDetailedSummary +description: This article provides details on the Get-EntraBetaApplicationSignInDetailedSummary command. + +ms.topic: reference +ms.date: 07/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInDetailedSummary + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationSignInDetailedSummary + +## Synopsis + +Get detailed sign in summaries. + +## Syntax + +```powershell +Get-EntraBetaApplicationSignInDetailedSummary + [-Top ] + [-Filter ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationSignInDetailedSummary` cmdlet gets Microsoft Entra ID sign ins, grouped by application, date, and sign in status. + +## Examples + +### Example 1: Get sign in detailed summary + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInDetailedSummary +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 08-07-2024 00:00:00 Graph Explorer 00001111-aaaa-2222-bbbb-3333cccc4444 3 +bbbbbbbb-1111-2222-3333-cccccccccccc 04-07-2024 00:00:00 Graph Explorer 11112222-bbbb-3333-cccc-4444dddd55551 +cccccccc-2222-3333-4444-dddddddddddd 05-07-2024 00:00:00 Graph Explorer 22223333-cccc-4444-dddd-5555eeee6666 4 +dddddddd-3333-4444-5555-eeeeeeeeeeee 19-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff77773 +eeeeeeee-4444-5555-6666-ffffffffffff 27-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 2 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 03-07-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 1 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 01-07-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 13 +bbbbbbbb-7777-8888-9999-cccccccccccc 28-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 9 +``` + +This example returns all sign ins to Microsoft Entra ID Portal. + +### Example 2: Get sign in detailed summary by application and date + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +$params = @{ + Filter = "appDisplayName eq 'Azure Portal' AND aggregatedEventDateTime gt 2024-06-01 AND aggregatedEventDateTime lt 2024-07-01" +} +Get-EntraBetaApplicationSignInDetailedSummary @params +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 +bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 +cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 +dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 +eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 +ffffffff-5555-6666-7777-aaaaaaaaaaaa 19-06-2024 00:00:00 Azure Portal 55556666-ffff-7777-aaaa-8888bbbb9999 3 +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb 17-06-2024 00:00:00 Azure Portal 66667777-aaaa-8888-bbbb-9999cccc0000 3 +bbbbbbbb-7777-8888-9999-cccccccccccc 18-06-2024 00:00:00 Azure Portal 77776666-aaaa-9999-bbbb-0000cccc1111 6 +``` + +This example returns all sign ins to Microsoft Entra ID Portal for the month of June. + +### Example 3: Get top five sign ins + +```powershell +Connect-Entra -Scopes 'Reports.Read.All' +Get-EntraBetaApplicationSignInDetailedSummary -Top 5 +``` + +```Output +Id AggregatedEventDateTime AppDisplayName AppId SignInCount +-- ----------------------- -------------- ----- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 27-06-2024 00:00:00 Azure Portal 00001111-aaaa-2222-bbbb-3333cccc4444 2 +bbbbbbbb-1111-2222-3333-cccccccccccc 28-06-2024 00:00:00 Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 9 +cccccccc-2222-3333-4444-dddddddddddd 21-06-2024 00:00:00 Azure Portal 22223333-cccc-4444-dddd-5555eeee6666 2 +dddddddd-3333-4444-5555-eeeeeeeeeeee 20-06-2024 00:00:00 Azure Portal 33334444-dddd-5555-eeee-6666ffff7777 3 +eeeeeeee-4444-5555-6666-ffffffffffff 20-06-2024 00:00:00 Azure Portal 44445555-eeee-6666-ffff-7777aaaa8888 1 +``` + +This example returns top five sign ins to Microsoft Entra ID portal. + +## Parameters + +### -Top + +The maximum number of records to return. + +```yaml +Type: Sysetm.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.GetApplicationSignInDetailedSummaryObjectsResponse + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInSummary.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInSummary.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInSummary.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationSignInSummary.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md new file mode 100644 index 0000000000..7c2a5ab892 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate.md @@ -0,0 +1,123 @@ +--- +title: Get-EntraBetaApplicationTemplate +description: This article provides details on the Get-EntraBetaApplicationTemplate command. + + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaApplicationTemplate + +schema: 2.0.0 +--- + +# Get-EntraBetaApplicationTemplate + +## Synopsis + +Retrieve a list of applicationTemplate objects. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaApplicationTemplate + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaApplicationTemplate + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. + +## Examples + +### Example 1. Gets a list of application template objects + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplicationTemplate +``` + +This command gets all the application template objects + +### Example 2. Gets an application template object + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaApplicationTemplate -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id Categories Description +-- ---------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses +``` + +This command gets an application template object for the given id. + +- `-Id` Specifies the unique identifier of an application template. + +## Parameters + +### -Id + +The unique identifier of an application template. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplate + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAttributeSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAttributeSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAttributeSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditDirectoryLog.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditDirectoryLog.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditDirectoryLog.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditDirectoryLog.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditSignInLog.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditSignInLog.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditSignInLog.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuditSignInLog.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuthorizationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuthorizationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuthorizationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaAuthorizationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContact.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContact.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContact.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContact.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactDirectReport.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactDirectReport.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactDirectReport.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactDirectReport.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactManager.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactManager.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactManager.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactManager.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactMembership.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactMembership.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContactMembership.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md new file mode 100644 index 0000000000..075f0c3cb1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md @@ -0,0 +1,196 @@ +--- +title: Get-EntraBetaContract +description: This article provides details on the Get-EntraBetaContract command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract + +schema: 2.0.0 +--- + +# Get-EntraBetaContract + +## Synopsis + +Gets a contract. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaContract + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaContract + -ContractId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaContract` cmdlet gets a contract information associated to a partner tenant. + +The contract object contains the following attributes: + +- `contractType` - type of the contract. + +Possible values are: + +1. SyndicationPartner - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +1. BreadthPartner - indicates that the partner has the ability to provide administrative support for this customer. +However the partner isn't allowed to resell to the customer. +1. ResellerPartner - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +- `customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +- `defaultDomainName` - a copy of the customer tenant's default domain name. +The copy is made when the partnership with the customer is established. +It isn't automatically updated if the customer tenant's default domain name changes. + +- `deletionTimestamp` - this property isn't valid for contracts and always returns null. + +- `displayName` - a copy of the customer tenant's display name. +The copy is made when the partnership with the customer is established. +It isn't automatically updated if the customer tenant's display name changes. + +- `objectType` - a string that identifies the object type. The value is always `Contract`. + +- `ContractId` - the unique identifier for the partnership. + +## Examples + +### Example 1: Get all contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaContract +``` + +This command gets all contracts in the Microsoft Entra ID. + +### Example 2: Get top two contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraBetaContract -Top 2 +``` + +This command gets top two contracts in the Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ContractId + +Specifies the ID of a contract. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedApplication.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedDirectoryObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedDirectoryObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeletedGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDeviceRegisteredUser.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md new file mode 100644 index 0000000000..cf174aa3a8 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraBetaDirSyncConfiguration +description: This article provides details on the Get-EntraBetaDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncConfiguration + +schema: 2.0.0 +--- + +# Get-EntraBetaDirSyncConfiguration + +## Synopsis + +Gets the directory synchronization settings. + +## Syntax + +```powershell +Get-EntraBetaDirSyncConfiguration + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraBetaDirSyncConfiguration` cmdlet gets the directory synchronization settings. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Get directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraBetaDirSyncConfiguration +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings. + +### Example 2: Get directory synchronization settings by TenantId + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraBetaDirSyncConfiguration -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings by TenantId. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System. Nullable`1[[System. Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaDirSyncConfiguration](Set-EntraBetaDirSyncConfiguration.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md new file mode 100644 index 0000000000..f763eed747 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature.md @@ -0,0 +1,153 @@ +--- +title: Get-EntraBetaDirSyncFeature +description: This article provides details on the Get-EntraBetaDirSyncFeature command. + + +ms.topic: reference +ms.date: 08/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirSyncFeature + +schema: 2.0.0 +--- + +# Get-EntraBetaDirSyncFeature + +## Synopsis + +Checks the status of directory synchronization features for a tenant. + +## Syntax + +```powershell +Get-EntraBetaDirSyncFeature + [-TenantId ] + [-Feature ] + [] +``` + +## Description + +The `Get-EntraBetaDirSyncFeature` cmdlet checks the status of directory synchronization features for a tenant. + +Some of the features that can be used with this cmdlet include: + +- **DeviceWriteback** +- **DirectoryExtensions** +- **DuplicateProxyAddressResiliency** +- **DuplicateUPNResiliency** +- **EnableSoftMatchOnUpn** +- **PasswordSync** +- **SynchronizeUpnForManagedUsers** +- **UnifiedGroupWriteback** +- **UserWriteback** + +The cmdlet can be run without specifying any features, in which case it returns a list of all features and their enabled or disabled status. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Return a list of all directory synchronization features + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraBetaDirSyncFeature +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False BlockCloudObjectTakeoverThroughHardMatch + False BlockSoftMatch + False BypassDirSyncOverrides + False CloudPasswordPolicyForPasswordSyncedUsers + False ConcurrentCredentialUpdate + True ConcurrentOrgIdProvisioning + False DeviceWriteback + False DirectoryExtensions + False FopeConflictResolution + False GroupWriteBack + False PasswordSync + False PasswordWriteback + True QuarantineUponProxyAddressesConflict + True QuarantineUponUpnConflict + True SoftMatchOnUpn + True SynchronizeUpnForManagedUsers + False UnifiedGroupWriteback + False UserForcePasswordChangeOnLogon + False UserWriteback +``` + +This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). + +### Example 2: Return the PasswordSync feature status + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraBetaDirSyncFeature -Feature 'PasswordSync' +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False PasswordSync +``` + +This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. + +- `-Feature` specifies the directory synchronization feature to check the status of. + +## Parameters + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Feature + +The directory synchronization feature to check the status of. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaDirSyncFeature](Set-EntraBetaDirSyncFeature.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRole.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRole.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRole.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRole.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleTemplate.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleTemplate.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleTemplate.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectoryRoleTemplate.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySettingTemplate.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySettingTemplate.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySettingTemplate.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDirectorySettingTemplate.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomain.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomain.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomain.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomain.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainFederationSettings.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainFederationSettings.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainFederationSettings.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainFederationSettings.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainNameReference.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainNameReference.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainNameReference.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainNameReference.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainServiceConfigurationRecord.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainServiceConfigurationRecord.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainServiceConfigurationRecord.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainServiceConfigurationRecord.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainVerificationDnsRecord.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainVerificationDnsRecord.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainVerificationDnsRecord.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaDomainVerificationDnsRecord.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFederationProperty.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFederationProperty.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFederationProperty.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaFederationProperty.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md new file mode 100644 index 0000000000..6921fb8de6 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus.md @@ -0,0 +1,84 @@ +--- +title: Get-EntraBetaGlobalSecureAccessTenantStatus +description: This article provides details on the Get-EntraBetaGlobalSecureAccessTenantStatus command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaGlobalSecureAccessTenantStatus +schema: 2.0.0 +--- + +# Get-EntraBetaGlobalSecureAccessTenantStatus + +## Synopsis + +Retrieves the onboarding status of the Global Secure Access service in the tenant. + +## Syntax + +```powershell +Get-EntraBetaGlobalSecureAccessTenantStatus +``` + +## Description + +The `Get-EntraBetaGlobalSecureAccessTenantStatus` cmdlet retrieves the onboarding status of the Global Secure Access service in the tenant. + +For delegated scenarios involving work or school accounts, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation: + +- Global Reader +- Global Secure Access Administrator +- Security Administrator + +## Examples + +### Example 1: Check Global Secure Access status for the tenant + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaGlobalSecureAccessTenantStatus +``` + +```Output +@odata.context onboardingStatus onboardingErrorMessage +-------------- ---------------- ---------------------- +https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity offboarded +``` + +This command checks if the Global Secure Access service is activated in the tenant. + +If the status is `offboarded`, you can activate the service with `New-EntraBetaGlobalSecureAccessTenant`. + +The onboarding status can be: `offboarded`, `offboarding in progress`, `onboarding in progress`, `onboarded`, `onboarding error`, or `offboarding error`. + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupAppRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupLifecyclePolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupLifecyclePolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupLifecyclePolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupPermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupPermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupPermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupPermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaIdentityProvider.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaIdentityProvider.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaIdentityProvider.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaLifecyclePolicyGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaLifecyclePolicyGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaLifecyclePolicyGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaNamedLocationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectByObjectId.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectByObjectId.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectByObjectId.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectByObjectId.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaObjectSetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPartnerInformation.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPartnerInformation.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPartnerInformation.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPartnerInformation.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordSingleSignOnCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordSingleSignOnCredential.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordSingleSignOnCredential.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPasswordSingleSignOnCredential.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicyAppliedObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicyAppliedObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicyAppliedObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPolicyAppliedObject.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md new file mode 100644 index 0000000000..10cdaf74a9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication.md @@ -0,0 +1,163 @@ +--- +title: Get-EntraBetaPrivateAccessApplication +description: This article provides details on the Get-EntraBetaPrivateAccessApplication command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplication +schema: 2.0.0 +--- + +# Get-EntraBetaPrivateAccessApplication + +## Synopsis + +Retrieves a list of all Private Access applications, or if specified, details of a specific application. + +## Syntax + +### ApplicationId (Default) + +```powershell +Get-EntraBetaPrivateAccessApplication + [-ApplicationId ] + [] +``` + +### ApplicationName + +```powershell +Get-EntraBetaPrivateAccessApplication + [-ApplicationName ] + [] +``` + +## Description + +The `Get-EntraBetaPrivateAccessApplication` cmdlet retrieves a list of all Private Access applications, or if specified, details of a specific application. + +## Examples + +### Example 1: Retrieve all Private Access applications + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaPrivateAccessApplication +``` + +```Output +displayName : testApp1 +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} +createdDateTime : 14/06/2024 12:38:50 AM + +displayName : QuickAccess +appId : dddddddd-3333-4444-5555-eeeeeeeeeeee +id : eeeeeeee-4444-5555-6666-ffffffffffff +tags : {HideApp, NetworkAccessQuickAccessApplication} +createdDateTime : 4/07/2023 4:00:07 AM +``` + +This command retrieves all Private Access applications, including Quick Access. + +### Example 2: Retrieve a specific Private Access application by object Id + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaPrivateAccessApplication | Where-Object {$_.displayName -eq 'Finance team file share'} +Get-EntraBetaPrivateAccessApplication -ApplicationId $application.Id +``` + +```Output +displayName : QuickAccess +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {HideApp, NetworkAccessQuickAccessApplication} +createdDateTime : 4/07/2023 4:00:07 AM +``` + +This example demonstrates how to retrieve information for a specific Private Access application by object id. + +### Example 3: Retrieve a specific Private Access application by name + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +Get-EntraBetaPrivateAccessApplication -ApplicationName 'Finance team file share' +``` + +```Output +displayName : Finance team file share +appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +id : bbbbbbbb-1111-2222-3333-cccccccccccc +tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} +createdDateTime : 14/06/2024 12:38:50 AM +``` + +This example demonstrates how to retrieve information for a specific Private Access application by application name. + +## Parameters + +### -ApplicationId + +The Object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: SingleAppID +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationName + +Specifies a specific application name to retrieve. + +```yaml +Type: System.String +Parameter Sets: SingleAppName +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..d4913b50e1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,133 @@ +--- +title: Get-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the Get-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivateAccessApplicationSegment +schema: 2.0.0 +--- + +# Get-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. + +## Syntax + +```powershell +Get-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + [-ApplicationSegmentId ] + [] +``` + +## Description + +The `Get-EntraBetaPrivateAccessApplicationSegment` cmdlet retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment. + +## Examples + +### Example 1: Retrieve all application segments associated to an application + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id +``` + +```Output +destinationHost : 10.1.1.20 +destinationType : ip +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +This command retrieves all application segments for an application. + +### Example 2: Retrieve a specific application segment associated to an application + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} +Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id +``` + +```Output +destinationHost : 10.1.1.20 +destinationType : ip +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to retrieve information for a specific application segment. + +## Parameters + +### -ApplicationId + +The Object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: AllApplicationSegments, SingleApplicationSegment +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -ApplicationSegmentId + +Specifies a specific application segment to retrieve. + +```yaml +Type: System.String +Parameter Sets: SingleApplicationSegment +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedResource.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedResource.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedResource.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedResource.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRole.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRole.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRole.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRole.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleSetting.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..c2b3f6896e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership.md @@ -0,0 +1,147 @@ +--- +title: Get-EntraBetaScopedRoleMembership +description: This article provides details on the Get-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 07/05/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaScopedRoleMembership + +## Synopsis + +List Microsoft Entra role assignments with administrative unit scope. + +## Syntax + +```powershell +Get-EntraBetaScopedRoleMembership + -AdministrativeUnitId + [-ScopedRoleMembershipId ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `AdministrativeUnitId` parameter to retrieve a specific scoped role membership. + +## Examples + +### Example 1: Get Scoped Role Administrator + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + ScopedRoleMembershipId = 'dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc' +} +Get-EntraBetaScopedRoleMembership @params +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example gets scoped role administrator. You cane use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. + +### Example 2: List scoped administrators for administrative unit by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraBetaScopedRoleMembership -AdministrativeUnitId $AdministrativeUnit.ObjectId +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example list scoped administrators with AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of a scoped role membership. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) + +[Remove-EntraBetaScopedRoleMembership](Remove-EntraBetaScopedRoleMembership.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..305cfcf931 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal.md @@ -0,0 +1,369 @@ +--- +title: Get-EntraBetaServicePrincipal +description: This article provides details on the Get-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 08/12/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipal + +## Synopsis + +Gets a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaServicePrincipal + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaServicePrincipal + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaServicePrincipal + -ServicePrincipalId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 2: Retrieve a service principal by ServicePrincipalId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -ServicePrincipalId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This command retrieves specific service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve all service principals from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -All +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 4: Retrieve top two service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +``` + +This command retrieves top two service principals from the directory. + +### Example 5: Get a service principal by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'M365 License Manager'" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a service principal by its display name. + +### Example 6: Retrieve a list of all service principal, which has a display name that contains "M365 License Manager" + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -SearchString 'M365 License Manager' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a list of service principal, which has the specified display name. + +### Example 7: Retrieve all Enterprise apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all enterprise apps. + +### Example 8: Retrieve all App proxy apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all app proxy apps. + +### Example 9: Retrieve all disabled apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "accountEnabled eq false" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all disabled apps. + +### Example 10: Retrieve all Global Secure Access apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all Global secure access apps. + +### Example 11: List all applications without user assignment + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraBetaServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all applications without user assignment. + +### Example 12: List all SAML application details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" +$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize +``` + +```Output +Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses +-- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- +00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} +``` + +This example demonstrates how to retrieve all SAML application details. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md new file mode 100644 index 0000000000..e3dc5e694c --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo.md @@ -0,0 +1,200 @@ +--- +title: Get-EntraBetaServicePrincipalAppRoleAssignedTo +description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignedTo command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignedTo + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalAppRoleAssignedTo + +## Synopsis + +Gets app role assignments for this app or service, granted to users, groups, and other service principals. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalAppRoleAssignedTo + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups, and other service principals. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Get app role assignment by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box +``` + +This example shows how to get app role assignments for an app or service, granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Get all app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" + Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb +``` + +This command gets the all app role assignments for the service principal granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Get five app role assignments + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalAppRoleAssignedTo -ServicePrincipalId $ServicePrincipal.ObjectId -Top 5 +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box dddd3333-ee44-5555-66ff-777777aaaaaa +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box eeee4444-ff55-6666-77aa-888888bbbbbb +``` + +This command gets the five app role assignments for the service principal granted to users, groups, and other service principals. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +`Get-EntraBetaServiceAppRoleAssignedTo` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignedTo`. + +## Related Links diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..9a5107689f --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,198 @@ +--- +title: Get-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the Get-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Gets a service principal application role assignment. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalAppRoleAssignment + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the application role assignments for a service principal + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + $ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" + Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets application role assignments for specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +### Example 2: Retrieve all application role assignments for a service principal + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + $ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" + Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… +4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User3 ProvisioningPowerBi 021510b7-e753-40… +5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User4 ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets all application role assignments for specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +### Example 3: Retrieve the top three application role assignments for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalAppRoleAssignment -ServicePrincipalId $ServicePrincipal.ObjectId -Top 3 +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User ProvisioningPowerBi 021510b7-e753-40… +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User1 ProvisioningPowerBi 021510b7-e753-40… +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 07-07-2023 17:03:59 MOD Administrator aaaaaaaa-bbbb-cccc-1111-222222222222 User2 ProvisioningPowerBi 021510b7-e753-40… +``` + +This command gets top three application role assignments for specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraBetaServiceAppRoleAssignment` is an alias for `Get-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) + +[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md new file mode 100644 index 0000000000..3d0a7acbb1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject.md @@ -0,0 +1,157 @@ +--- +title: Get-EntraBetaServicePrincipalCreatedObject +description: This article provides details on the Get-EntraBetaServicePrincipalCreatedObject command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalCreatedObject + +## Synopsis + +Get objects created by a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalCreatedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the objects that created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve the all objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve the top two objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId -Top 2 +``` + +This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..b6f0396faa --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,205 @@ +--- +title: Get-EntraBetaServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Get-EntraBetaServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Retrieve the delegated permission classification objects on a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. + +## Examples + +### Example 1: Get a list of delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId +} +Get-EntraBetaServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile +``` + +This command retrieves all delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. + +### Example 2: Get a delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + Id = '5XBeIKarUkypdm0tRsSAQwE' +} +Get-EntraBetaServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +### Example 3: Get a delegated permission classification with filter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + Filter = "PermissionName eq 'Sites.Read.All'" +} +Get-EntraBetaServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the filtered delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraBetaServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) + +[Remove-EntraBetaServicePrincipalDelegatedPermissionClassification](Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..c7763e3459 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential.md @@ -0,0 +1,88 @@ +--- +title: Get-EntraBetaServicePrincipalKeyCredential +description: This article provides details on the Get-EntraBetaServicePrincipalKeyCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalKeyCredential + +## Synopsis + +Get key credentials for a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalKeyCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the key credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalKeyCredential -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- + 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign +``` + +This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal object Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the application for which to get the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md new file mode 100644 index 0000000000..beaa7a0990 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership.md @@ -0,0 +1,179 @@ +--- +title: Get-EntraBetaServicePrincipalMembership +description: This article provides details on the Get-EntraBetaServicePrincipalMembership command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalMembership + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalMembership + +## Synopsis + +Get a service principal membership. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalMembership + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +``` + +This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve all memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 +33334444-dddd-5555-eeee-6666ffff7777 +``` + +This command gets all memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve top two memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 + +``` + +This command gets top two memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md new file mode 100644 index 0000000000..555ebda850 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant.md @@ -0,0 +1,178 @@ +--- +title: Get-EntraBetaServicePrincipalOAuth2PermissionGrant +description: This article provides details on the Get-EntraBetaServicePrincipalOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOAuth2PermissionGrant + +## Synopsis + +Gets an OAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOAuth2PermissionGrant + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOAuth2PermissionGrant` cmdlet gets an OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This cmdlet retrieves a OAuth2PermissionGrant object for a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 2: Get all OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get all OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 3: Get two OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $ServicePrincipal.ObjectId -Top 2 +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get top two OAuth2PermissionGrant objects for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md new file mode 100644 index 0000000000..c8395664e2 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject.md @@ -0,0 +1,194 @@ +--- +title: Get-EntraBetaServicePrincipalOwnedObject +description: This article provides details on the Get-EntraBetaServicePrincipalOwnedObject command. + +ms.topic: reference +ms.date: 08/13/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOwnedObject + +## Synopsis + +Gets an object owned by a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOwnedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The command retrieves the owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 2: Retrieve the all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipalId = (Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''").ObjectId +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipalId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 2: Retrieve all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +The command receives the all owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve top one owned object of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..7f9b5b99c0 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,216 @@ +--- +title: Get-EntraBetaServicePrincipalOwner +description: This article provides details on the Get-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalOwner + +## Synopsis + +Get the owner of a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalOwner + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owner of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example gets the owners of a specified service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 2: Retrieve all the owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This command gets all the owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 3: Retrieve top two owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalOwner -ObjectId $servicePrincipal.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This command gets top two owners of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 4: Retrieve service principal owner details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +# Get the owners of the service principal +$owners = Get-EntraBetaServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All +$result = @() + +# Loop through each owner and get their UserPrincipalName and DisplayName +foreach ($owner in $owners) { + $userId = $owner.Id + $user = Get-EntraBetaUser -ObjectId $userId + $userDetails = [PSCustomObject]@{ + Id = $owner.Id + UserPrincipalName = $user.UserPrincipalName + DisplayName = $user.DisplayName + } + $result += $userDetails +} + +# Output the result in a table format +$result | Format-Table -AutoSize +``` + +```Output +Id UserPrincipalName DisplayName +-- ----------------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@contoso.com Alex Wilber +bbbbbbbb-1111-2222-3333-cccccccccccc AdeleV@contoso.com Adele Vance +``` + +This example shows how to retrieve more details of a service principal owner such as displayName, userPrincipalName. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipalOwner](Remove-EntraBetaServicePrincipalOwner.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..91cba4da09 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,92 @@ +--- +title: Get-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the Get-EntraBetaServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Get credentials for a service principal. + +## Syntax + +```powershell +Get-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraBetaServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the password credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Get-EntraBetaServicePrincipalPasswordCredential -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 + 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 + 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 +``` + +This example retrieves the password credentials for specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the service principal for which to get password credentials. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) + +[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaServicePrincipalPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaSubscribedSku.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaSubscribedSku.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaSubscribedSku.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaSubscribedSku.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTenantDetail.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTenantDetail.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTenantDetail.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTenantDetail.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..a7ccc572a7 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,167 @@ +--- +title: Get-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Get-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Get-EntraBetaTrustFrameworkPolicy + +## Synopsis + +Retrieves the created trust framework policies (custom policies) in the directory. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraBetaTrustFrameworkPolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraBetaTrustFrameworkPolicy + -Id + [-OutputFilePath ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraBetaTrustFrameworkPolicy` cmdlet retrieves the trust framework policies that have been created in the directory. + +## Examples + +### Example 1: Retrieves the list of all trust framework policies in the directory + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +Get-EntraBetaTrustFrameworkPolicy +``` + +```Output Id --- B2C_1A_SIGNUP_SIGNIN B2C_1A_TRUSTFRAMEWORKBASE +B2C_1A_TRUSTFRAMEWORKEXTENSIONS +``` + +This example retrieves the list of all trust framework policies in the directory. + +### Example 2: Retrieves the contents of the specified trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_SIGNUP_SIGNIN' +} +Get-EntraBetaTrustFrameworkPolicy @params +``` + +This example retrieves the contents of the specified trust framework policy. + +The contents of received trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. + +### Example 3: Retrieves the contents of the specified trust framework policy on specific output file path + +```powershell +Connect-Entra -Scopes 'Policy.Read.All', 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_SIGNUP_SIGNIN' + OutputFilePath = 'C:\RetrivedPolicy.xml' +} +Get-EntraBetaTrustFrameworkPolicy @params +``` + +This example retrieves the contents of the specified trust framework policy on specific output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-OutputFilePath` Parameter specifies the path to the file used for retrieve the contents of trust framework policy. + +## Parameters + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for retrieve the contents of trust framework policy. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAppRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationRequirement.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationRequirement.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationRequirement.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserAuthenticationRequirement.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserCreatedObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserCreatedObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserCreatedObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserCreatedObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserDirectReport.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserDirectReport.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserDirectReport.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserDirectReport.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserExtension.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserExtension.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserExtension.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserExtension.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserLicenseDetail.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserLicenseDetail.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserLicenseDetail.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserLicenseDetail.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserManager.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserManager.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserManager.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserManager.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserMembership.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserMembership.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserMembership.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOAuth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOAuth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOAuth2PermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserOwnedObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserRegisteredDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserRegisteredDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserRegisteredDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserRegisteredDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserThumbnailPhoto.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserThumbnailPhoto.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserThumbnailPhoto.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUserThumbnailPhoto.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraContext.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraContext.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraContext.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraContext.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..616d896b11 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit.md @@ -0,0 +1,171 @@ +--- +title: New-EntraBetaAdministrativeUnit +description: This article provides details on the New-EntraBetaAdministrativeUnit command. + + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# New-EntraBetaAdministrativeUnit + +## Synopsis + +Creates an administrative unit. + +## Syntax + +```powershell +New-EntraBetaAdministrativeUnit + -DisplayName + [-Description ] + [-IsMemberManagementRestricted ] + [] +``` + +## Description + +The `New-EntraBetaAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. + +## Examples + +### Example 1: Create an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraBetaAdministrativeUnit -DisplayName 'TestAU' +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb TestAU False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. + +### Example 2: Create an administrative unit using '-Description' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$params = @{ + DisplayName = 'Pacific Administrative Unit' + Description = 'Administrative Unit for Pacific region' +} +New-EntraBetaAdministrativeUnit @params +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc New AdminiatrativeUnit test1 False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-Description` parameter specifies the description for the new administrative unit. + +### Example 3: Create an administrative unit using '-IsMemberManagementRestricted' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$params = @{ + DisplayName = 'NewUnit' + IsMemberManagementRestricted = $true +} +New-EntraBetaAdministrativeUnit @params +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + cccccccc-2222-3333-4444-dddddddddddd NewUnit True +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +## Parameters + +### -Description + +Specifies a description for the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsMemberManagementRestricted + +Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. +If no value is specified, it defaults to false. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) + +[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) + +[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnitMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnitMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAdministrativeUnitMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplication.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..a4ff214723 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,215 @@ +--- +title: New-EntraBetaApplicationExtensionProperty +description: This article provides details on the New-EntraBetaApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationExtensionProperty + +## Synopsis + +Creates an application extension property. + +## Syntax + +```powershell +New-EntraBetaApplicationExtensionProperty + -ApplicationId + [-DataType ] + -Name + [-TargetObjects ] + [] +``` + +## Description + +The `New-EntraBetaApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Create an extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' +} + +New-EntraBetaApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the string type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. + +### Example 2: Create an extension property with data type parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' + DataType = 'Boolean' +} + +New-EntraBetaApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the specified data type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-DataType` parameter specifies the data type of the value the extension property can hold. + +### Example 3: Create an extension property with targets parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +$targets = New-Object System.Collections.Generic.List[System.String] +$targets.Add('User') +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' + TargetObjects = $targets +} + +New-EntraBetaApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} +``` + +The example shows how to create an application extension property with the specified target objects for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. + +## Parameters + +### -DataType + +Specifies the data type of the value the extension property can hold. Following values are supported. + +- Binary - 256 bytes maximum +- Boolean +- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. +- Integer - 32-bit value. +- LargeInteger - 64-bit value. +- String - 256 characters maximum + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Specifies the name of the extension property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjects + +Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. + +- User +- Group +- AdministrativeUnit +- Application +- Device +- Organization + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) + +[Remove-EntraBetaApplicationExtensionProperty](Remove-EntraBetaApplicationExtensionProperty.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationFromApplicationTemplate.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationFromApplicationTemplate.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationFromApplicationTemplate.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationFromApplicationTemplate.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md new file mode 100644 index 0000000000..567d4884fe --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey.md @@ -0,0 +1,153 @@ +--- +title: New-EntraBetaApplicationKey +description: This article provides details on the New-EntraBetaApplicationKey command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKey + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationKey + +## Synopsis + +Adds a new key to an application. + +## Syntax + +```powershell +New-EntraBetaApplicationKey + -ObjectId + -KeyCredential + -Proof + [-PasswordCredential ] + [] +``` + +## Description + +Adds a new key to an application. + +## Examples + +### Example 1: Add a key credential to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $app.ObjectId + KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } + PasswordCredential = @{ DisplayName = 'mypassword' } + Proof = '{token}' +} + +New-EntraBetaApplicationKey @params +``` + +This command adds a key credential to an specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyCredential` parameter specifies the application key credential to add. +- `-PasswordCredential` parameter specifies the application password credential to add. +- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. + +## Parameters + +### -KeyCredential + +The application key credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: KeyCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +The application password credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +A signed JWT token used as a proof of possession of the existing keys. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.KeyCredential + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationKey](Remove-EntraBetaApplicationKey.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..37660446e4 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,257 @@ +--- +title: New-EntraBetaApplicationKeyCredential +description: This article provides details on the New-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationKeyCredential + +## Synopsis + +Creates a key credential for an application. + +## Syntax + +```powershell +New-EntraBetaApplicationKeyCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-Type ] + [-Usage ] + [-Value ] + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraBetaApplicationKeyCredential` cmdlet creates a key credential for an application. + +An application can use this command along with `Remove-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. + +As part of the request validation, proof of possession of an existing key is verified before the action can be performed. + +## Examples + +### Example 1: Create a new application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' + +$AppId = (Get-EntraApplication -Top 1).Objectid +$params = @{ + ApplicationId = $AppId + CustomKeyIdentifier = 'EntraPowerShellKey' + StartDate = '2024-03-21T14:14:14Z' + Type = 'Symmetric' + Usage = 'Sign' + Value = '' +} + +New-EntraBetaApplicationKeyCredential @params +``` + +```Output +CustomKeyIdentifier : {84, 101, 115, 116} +EndDate : 2024-03-21T14:14:14Z +KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +StartDate : 2025-03-21T14:14:14Z +Type : Symmetric +Usage : Sign +Value : {49, 50, 51} +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +You can use the `Get-EntraBetaApplication` cmdlet to retrieve the application Object ID. + +### Example 2: Use a certificate to add an application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' + +$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object +$cer.Import('C:\Users\ContosoUser\appcert.cer') +$bin = $cer.GetRawCertData() +$base64Value = [System.Convert]::ToBase64String($bin) +$bin = $cer.GetCertHash() +$base64Thumbprint = [System.Convert]::ToBase64String($bin) +$keyid = [System.Guid]::NewGuid().ToString() + +$params = @{ + ApplicationId = '22223333-cccc-4444-dddd-5555eeee6666' + CustomKeyIdentifier = $base64Thumbprint + Type = 'AsymmetricX509Cert' + Usage = 'Verify' + Value = $base64Value + StartDate = $cer.GetEffectiveDateString() + EndDate = $cer.GetExpirationDateString() +} + +New-EntraBetaApplicationKeyCredential @params +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +## Parameters + +### -CustomKeyIdentifier + +Specifies a custom key ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +Specifies the time when the key becomes invalid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +Specifies the time when the key becomes valid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of the key. + +```yaml +Type: KeyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Usage + +Specifies the key usage. + +- `AsymmetricX509Cert`: The usage must be `Verify`. +- `X509CertAndPassword`: The usage must be `Sign`. + +```yaml +Type: KeyUsage +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Value + +Specifies the value for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) + +[Remove-EntraBetaApplicationKeyCredential](Remove-EntraBetaApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md new file mode 100644 index 0000000000..c7d794a7e8 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword.md @@ -0,0 +1,120 @@ +--- +title: New-EntraBetaApplicationPassword +description: This article provides details on the New-EntraBetaApplicationPassword command. + +ms.topic: reference +ms.date: 08/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPassword + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationPassword + +## Synopsis + +Adds a strong password to an application. + +## Syntax + +```powershell +New-EntraBetaApplicationPassword + -ObjectId + -PasswordCredential + [] +``` + +## Description + +Adds a strong password to an application. + +## Examples + +### Example 1: Add a password to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$Application = Get-EntraBetaApplication -SearchString '' +$PasswordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential +$PasswordCredential.StartDateTime = Get-Date -Year 2024 -Month 12 -Day 28 +$PasswordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 +$PasswordCredential.KeyId = 'bbbbbbbb-1c1c-2d2d-3e3e-444444444444' +$PasswordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('a') +$PasswordCredential.Hint = 'b' +$params = @{ + ObjectId = $Application.ObjectId + PasswordCredential = $PasswordCredential +} + +New-EntraBetaApplicationPassword @params +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM +``` + +This example adds a password to the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +Represents a password credential associated with an application or a service principal. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationPassword](Remove-EntraBetaApplicationPassword.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..7ab831b817 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,212 @@ +--- +title: New-EntraBetaApplicationPasswordCredential +description: This article provides details on the New-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraBetaApplicationPasswordCredential + +## Synopsis + +Creates a password credential for an application. + +## Syntax + +```powershell +New-EntraBetaApplicationPasswordCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-StartDate ] + [-EndDate ] + [] +``` + +## Description + +The `New-EntraBetaApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +New-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. + +### Example 2: Create a password credential using CustomKeyIdentifier parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$parameters = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = '' +} +New-EntraBetaApplicationPasswordCredential @parameters +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDat + eTime +------------------- ----------- ----------- ---- ----- ---------- -------- +100 101 109 111 80 97 115 115 119 111 114 100 demoPassword 6/10/2026 7:43:45 AM 9tb tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_EaU6cqG 6/10/... +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-CustomKeyIdentifier` Speicifies unique binary identifier. + +### Example 3: Create a password credential using StartDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$parameters = @{ + ApplicationId = $application.Id + StartDate = (Get-Date).AddYears(0) + CustomKeyIdentifier = '' +} + +New-EntraBetaApplicationPasswordCredential @parameters +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-StartDate` Speicifies the date and time at which the password becomes valid. + +### Example 4: Create a password credential using EndDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$parameters = @{ + ApplicationId = $application.Id + EndDate = (Get-Date).AddYears(2) + CustomKeyIdentifier = '' +} + +New-EntraBetaApplicationPasswordCredential @parameters +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-EndDate` Speicifies The date and time at which the password expires. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -CustomKeyIdentifier + +A unique binary identifier. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +The date and time at which the password expires. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyApplication.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaApplicationProxyConnectorGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAttributeSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAttributeSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaAttributeSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectorySetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectorySetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectorySetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDirectorySetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDomain.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDomain.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDomain.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaDomain.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupAppRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupLifecyclePolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupLifecyclePolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaGroupLifecyclePolicy.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md new file mode 100644 index 0000000000..5499db614c --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider.md @@ -0,0 +1,172 @@ +--- +title: New-EntraBetaIdentityProvider +description: This article provides details on the New-EntraBetaIdentityProvider command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaIdentityProvider + +schema: 2.0.0 +--- + +# New-EntraBetaIdentityProvider + +## Synopsis + +Configure a new identity provider in the directory. + +## Syntax + +```powershell +New-EntraBetaIdentityProvider + -ClientId + -Type + -ClientSecret + [-Name ] + [] +``` + +## Description + +The `New-EntraBetaIdentityProvider` cmdlet is used to configure an identity provider in the directory. + +Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. + +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be: + +- Microsoft +- Google +- Facebook +- Amazon +- LinkedIn + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add Google identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + Type = 'Google' + Name = 'GoogleName' + ClientId = 'Google123' + ClientSecret = 'GoogleClientSecret' +} + +New-EntraBetaIdentityProvider @params +``` + +```Output +Id DisplayName +-- ----------- +Google-OAUTH GoogleName +``` + +This example adds a Google identity provider. + +- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. +- `-Name` parameter specifies the display name of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraBetaIdentityProvider](Set-EntraBetaIdentityProvider.md) + +[Remove-EntraBetaIdentityProvider](Remove-EntraBetaIdentityProvider.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaInvitation.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaInvitation.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaInvitation.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaInvitation.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaNamedLocationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaOauth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaOauth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaOauth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaOauth2PermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaObjectSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaObjectSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaObjectSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaObjectSetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPasswordSingleSignOnCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPasswordSingleSignOnCredential.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPasswordSingleSignOnCredential.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPasswordSingleSignOnCredential.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPolicy.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md new file mode 100644 index 0000000000..9704721caf --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication.md @@ -0,0 +1,113 @@ +--- +title: New-EntraBetaPrivateAccessApplication +description: This article provides details on the New-EntraBetaPrivateAccessApplication command. + +ms.topic: reference +ms.date: 10/19/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplication +schema: 2.0.0 +--- + +# New-EntraBetaPrivateAccessApplication + +## Synopsis + +Creates a Private Access application and assigns a connector group to it. + +## Syntax + +```powershell +New-EntraBetaPrivateAccessApplication + -ApplicationName + [-ConnectorGroupId ] + [] +``` + +## Description + +The `New-EntraBetaPrivateAccessApplication` cmdlet creates a Private Access application and assigns a connector group to it. + +## Examples + +### Example 1: Create a new Private Access app and assign the default connector group + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' +``` + +This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to the default connector group. + +### Example 2: Create a new Private Access app and assign a specific connector group + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$connectorGroup = Get-EntraBetaApplicationProxyConnectorGroup -Filter "Name eq 'Contoso GSA Group'" +New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' -ConnectorGroupId $connectorGroup.Id +``` + +This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to a specific connector group. + +## Parameters + +### -ApplicationName + +The name of the new Private Access application. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConnectorGroupId + +Specifies a connector group to assign to the application. Use `Get-EntraBetaApplicationProxyConnectorGroup` to retrieve connector details or `New-EntraBetaApplicationProxyConnectorGroup` to create a new group. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplication](Get-EntraBetaPrivateAccessApplication.md) +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) +[New-EntraBetaApplicationProxyConnectorGroup](New-EntraBetaApplicationProxyConnectorGroup.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..de94cbd663 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,230 @@ +--- +title: New-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the New-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: andres-canello +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +s +schema: 2.0.0 +--- + +# New-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Creates an application segment associated to a Private Access application. + +## Syntax + +```powershell +New-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + -DestinationHost + -DestinationType + [-Protocol ] + [-Ports ] + [] +``` + +## Description + +The `New-EntraBetaPrivateAccessApplicationSegment` cmdlet creates an application segment associated to a Private Access application. + +## Examples + +### Example 1: Create a simple application segment + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + DestinationHost = 'ssh.contoso.local' + Ports = 22 + Protocol = 'TCP' + DestinationType = 'FQDN' +} +New-EntraBetaPrivateAccessApplicationSegment @params +``` + +```Output +destinationHost : ssh.contoso.local +destinationType : FQDN +port : 0 +ports : {22-22} +protocol : tcp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +### Example 2: Create an application segment using ranges of IPs and multiple ports + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + DestinationHost = '192.168.1.100..192.168.1.110' + Ports = '22,3389' + Protocol = 'TCP,UDP' + DestinationType = 'ipRange' +} +New-EntraBetaPrivateAccessApplicationSegment @params +``` + +```Output +destinationHost : 192.168.1.100..192.168.1.110 +destinationType : ipRange +port : 0 +ports : {22-22, 3389-3389} +protocol : tcp,udp +id : cccc2222-dd33-4444-55ee-666666ffffff +``` + +### Example 3: Create application segment using an input file + +AppSegments.csv + +AppObjectId,DestHost,ports,protocol,type\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.97.0/24,"1-21,23-442,444-65535","TCP,udp",ipRangeCidr\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.96.0/24,"1-21,23-442,444-65535","udp",ipRangeCidr\ +00001111-aaaa-2222-bbbb-3333cccc4444,10.106.95.0/24,"1-21","udp",ipRangeCidr + +CreateAppSegments.ps1 + +```powershell +$csvFile = "C:\temp\AppSegments.csv" + +# Assuming the CSV file has columns named 'AppObjectId', 'DestHost', 'ports', 'protocol', 'type' +$variables = Import-Csv $csvFile + +# Loop through each row of the CSV and execute the command for each set of variables +foreach ($variable in $variables) { + $appObjectId = $variable.AppObjectId + $destHost = $variable.DestHost + $ports = $variable.ports -split "," + $protocol = $variable.protocol -split "," + $type = $variable.type + + # Execute the command + $params = @{ + ApplicationId = $appObjectId + DestinationHost = $destHost + Ports = $ports + Protocol = $protocol + DestinationType = $type + } + New-EntraBetaPrivateAccessApplicationSegment @params +} +``` + +## Parameters + +### -ApplicationId + +The object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: +Aliases: ObjectId + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -DestinationHost + +Destination host for the application segment. It can be an IP address, a range of IPs (10.10.10.1..10.10.10.200), a CIDR range (10.1.1.0/24) or an FQDN (ssh.contoso.local). Additionally, DNS suffixes for Quick Access can be created with dnsSuffix. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Ports + +Ports for the application segment. It can be a single port, a range (1..100) or a list (22,3389). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Protocol + +Protocol for the application segment. It can be a single protocol (TCP) or a list (TCP,UDP). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DestinationType + +Destination type for the application segment. It can be "ipAddress", "dnsSuffix", "ipRangeCidr", "ipRange", or "FQDN". + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[Remove-EntraBetaPrivateAccessApplicationSegment](Remove-EntraBetaPrivateAccessApplicationSegment.md) + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivilegedRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivilegedRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivilegedRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaPrivilegedRoleAssignment.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..cf5b32fa6d --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal.md @@ -0,0 +1,407 @@ +--- +title: New-EntraBetaServicePrincipal +description: This article provides details on the New-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipal + +## Synopsis + +Creates a service principal. + +## Syntax + +```powershell +New-EntraBetaServicePrincipal + [-AccountEnabled ] + [-Tags ] + [-DisplayName ] + [-AlternativeNames ] + -AppId + [-KeyCredentials ] + [-ReplyUrls ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-Homepage ] + [-AppRoleAssignmentRequired ] + [-PasswordCredentials ] + [-ServicePrincipalNames ] + [] +``` + +## Description + +Create a new service Principal. + +For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: + +- Application Administrator +- Cloud Application Administrator + +For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. + +## Examples + +### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraBetaApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AccountEnabled = $true + AppId = $MyApp.AppId + AppRoleAssignmentRequired = $true + DisplayName = $MyApp.DisplayName + Tags = {WindowsAzureActiveDirectoryIntegratedApp} +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. + +- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-DisplayName` parameter specifies the service principal display name. +- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. + +### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraBetaApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + Homepage = 'https://localhost/home' + LogoutUrl = 'htpp://localhost/logout' + ReplyUrls = 'https://localhost/redirect' +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-Homepage` parameter specifies the home page or landing page of the application. +- `-LogoutUrl` parameter specifies the logout URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 3: Create a new service principal by KeyCredentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 07 -Day 23 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') +$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 +$MyApp=(Get-EntraBetaApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + KeyCredentials = $creds +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. + +### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraBetaApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + AlternativeNames = 'sktest2' + ServicePrincipalType = 'Application' + ServicePrincipalNames = $MyApp.AppId +} +New-EntraBetaServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraBetaApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-AlternativeNames` parameter specifies the alternative names for this service principal. +- `-ServicePrincipalType` parameter specifies the type of the service principal. +- `-ServicePrincipalNames` parameter specifies an array of service principal names. + +## Parameters + +### -AccountEnabled + +True if the service principal account is enabled; otherwise, false. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +The unique identifier for the associated application (its appId property). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the service principal display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the service principal. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the logout URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies an array of service principal names. +Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. +A client uses ServicePrincipalNames to: + +- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. +- Specify a resource URI to acquire an access token, which is the URI returned in the claim. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The type of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Tags linked to this service principal. + +Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..9b57187a95 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,231 @@ +--- +title: New-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the New-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Assigns a service principal to an application role. + +## Syntax + +```powershell +New-EntraBetaServicePrincipalAppRoleAssignment + -ResourceId + -Id + -ObjectId + -PrincipalId + [] +``` + +## Description + +The `New-EntraBetaServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Assign an app role to another service principal + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraBetaServicePrincipal -Filter "Displayname eq '$appname'" + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $spo.ObjectId +} + +New-EntraBetaServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. + +- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. +- `-ResourceId`parameter specifies the ObjectId of the resource service principal. +- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. +- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. + +### Example 2: Assign an app role to a user + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraBetaServicePrincipal -Filter "Displayname eq '$appname'" + $user = Get-EntraBetaUser -SearchString 'Test Contoso' + + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $user.ObjectId +} + +New-EntraBetaServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +``` + +This example demonstrates how to assign an app role to a user in Microsoft Entra ID. +You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraBetaUser` to get a user Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. +- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. + +### Example 3: Assign an app role to a group + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraBetaServicePrincipal -Filter "Displayname eq '$appname'" + $group = Get-EntraBetaGroup -SearchString 'testGroup' + + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $group.ObjectId + } + + New-EntraBetaServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to assign an app role to a group in Microsoft Entra ID. +You can use the command `Get-EntraBetaServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraBetaGroup` to get a group Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. +- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. + +## Parameters + +### -Id + +Specifies the ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies a principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +Specifies a resource ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`New-EntraBetaServiceAppRoleAssignment` is an alias for `New-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) + +[Remove-EntraBetaServicePrincipalAppRoleAssignment](Remove-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..bc369e0cf5 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,168 @@ +--- +title: New-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the New-EntraBetaServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Creates a password credential for a service principal. + +## Syntax + +```powershell +New-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraBetaServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential with StartDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + StartDate = '2024-04-21T14:14:14Z' +} +New-EntraBetaServicePrincipalPasswordCredential @Params +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-StarteDate` parameter specifies the date and time at which the password becomes valid. + +### Example 2: Create a password credential with EndtDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + EndDate = '2030-03-21T14:14:14Z' +} +New-EntraBetaServicePrincipalPasswordCredential @Params +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. + +## Parameters + +### -EndDate + +The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) + +[Remove-EntraBetaServicePrincipalPasswordCredential](Remove-EntraBetaServicePrincipalPasswordCredential.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..4847d156ad --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,193 @@ +--- +title: New-EntraBetaTrustFrameworkPolicy +description: This article provides details on the New-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# New-EntraBetaTrustFrameworkPolicy + +## Synopsis + +This cmdlet is used to create a trust framework policy (custom policy) in the directory. + +## Syntax + +### Content (Default) + +```powershell +New-EntraBetaTrustFrameworkPolicy + -Content + [-OutputFilePath ] + [] +``` + +### File + +```powershell +New-EntraBetaTrustFrameworkPolicy + -InputFilePath + [-OutputFilePath ] + [] +``` + +## Description + +The `New-EntraBetaTrustFrameworkPolicy` cmdlet is used to create a trust framework policy in the directory. + +The contents of the trust framework policy to be created can be provided using a file or a command line variable. + +The contents of the created trust framework policy can be written to an output file or to the screen. + +## Examples + +### Example 1: Creates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +New-EntraBetaTrustFrameworkPolicy -Content $policyContent +``` + +The example creates a trust framework policy from the content specified. + +The contents of newly created trust framework policy are displayed on screen. + +- `-Content` Parameter specifies the content of the trust framework policy to be created. + +### Example 2: creates a trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Content = $policyContent + OutputFilePath = 'C:\CreatedPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the content specified. + +The contents of newly created trust framework policy are written to file mentioned in output file path. + +- `-Content` Parameter specifies the content of the trust framework policy to be created. +- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. + +### Example 3: Creates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + InputFilePath = 'C:\InputPolicy.xml' + OutputFilePath = 'C:\CreatedPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the file mentioned in InputFilePath. + +The contents of newly created trust framework policy are written to file mentioned in output file path. + +- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. +- `-OutputFilePath` Parameter specifies the path to the file used for writing the contents of trust framework policy. + +### Example 4: Creates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + InputFilePath = 'C:\InputPolicy.xml' +} +New-EntraBetaTrustFrameworkPolicy @params +``` + +The example creates a trust framework policy from the file mentioned in InputFilePath. + +The contents of newly created trust framework policy are displayed on screen. + +- `-InputFilePath` Parameter specifies Path to the file used for reading the contents of trust framework policy to be created. + +## Parameters + +### -Content + +The content of the trust framework policy to be created. + +```yaml +Type: System.String +Parameter Sets: Content +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -InputFilePath + +Path to the file used for reading the contents of trust framework policy to be created. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for writing the contents of newly created trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaUserAppRoleAssignment.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..f7a8f98368 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaAdministrativeUnit +description: This article provides details on the Remove-EntraBetaAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# Remove-EntraBetaAdministrativeUnit + +## Synopsis + +Removes an administrative unit. + +## Syntax + +```powershell +Remove-EntraBetaAdministrativeUnit + -AdministrativeUnitId + [] +``` + +## Description + +The `Remove-EntraBetaAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. + +To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId $AdministrativeUnit.ObjectId +``` + +This command removes the specified administrative unit from Microsoft Entra ID. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) + +[Set-EntraBetaAdministrativeUnit](Set-EntraBetaAdministrativeUnit.md) + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md new file mode 100644 index 0000000000..ca5a0fbca6 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember.md @@ -0,0 +1,109 @@ +--- +title: Remove-EntraBetaAdministrativeUnitMember +description: This article provides details on the Remove-EntraBetaAdministrativeUnitMember command. + +ms.topic: reference +ms.date: 07/04/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Remove-EntraBetaAdministrativeUnitMember + +## Synopsis + +Removes an administrative unit member. + +## Syntax + +```powershell +Remove-EntraBetaAdministrativeUnitMember + -AdministrativeUnitId + -MemberId + [] +``` + +## Description + +The `Remove-EntraBetaAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. + +To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + MemberId = 'eeeeeeee-4444-5555-6666-ffffffffffff' +} +Remove-EntraBetaAdministrativeUnitMember @params +``` + +This command removes a specified member (user or group) from a specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-MemberId` parameter specifies the ID of the administrative unit member. + +## Parameters + +### -MemberId + +Specifies the ID of the administrative unit member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaAdministrativeUnitMember](Add-EntraBetaAdministrativeUnitMember.md) + +[Get-EntraBetaAdministrativeUnitMember](Get-EntraBetaAdministrativeUnitMember.md) + +[New-EntraBetaAdministrativeUnitMember](New-EntraBetaAdministrativeUnitMember.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md new file mode 100644 index 0000000000..4607891056 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraBetaApplication +description: This article provides details on the Remove-EntraBetaApplication command. + +ms.topic: reference +ms.date: 06/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplication + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplication + +## Synopsis + +Deletes an application object. + +## Syntax + +```powershell +Remove-EntraBetaApplication + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraBetaApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. + +## Examples + +### Example 1: Remove an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$Application = Get-EntraBetaApplication -SearchString '' +Remove-EntraBetaApplication -ApplicationId $Application.ObjectId +``` + +This example demonstrates how to delete an application object. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[New-EntraBetaApplication](New-EntraBetaApplication.md) + +[Set-EntraBetaApplication](Set-EntraBetaApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md new file mode 100644 index 0000000000..81bd91ded6 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaApplicationExtensionProperty +description: This article provides details on the Remove-EntraBetaApplicationExtensionProperty command. + +ms.topic: reference +ms.date: 08/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationExtensionProperty + +## Synopsis + +Removes an application extension property. + +## Syntax + +```powershell +Remove-EntraBetaApplicationExtensionProperty + -ApplicationId + -ExtensionPropertyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraBetaApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + ExtensionPropertyId = 'cccc2222-dd33-4444-55ee-666666ffffff' +} + +Remove-EntraBetaApplicationExtensionProperty @params +``` + +This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. + +## Parameters + +### -ExtensionPropertyId + +Specifies the unique ID of the extension property to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationExtensionProperty](Get-EntraBetaApplicationExtensionProperty.md) + +[New-EntraBetaApplicationExtensionProperty](New-EntraBetaApplicationExtensionProperty.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md new file mode 100644 index 0000000000..5b73db6966 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey.md @@ -0,0 +1,133 @@ +--- +title: Remove-EntraBetaApplicationKey +description: This article provides details on the Remove-EntraBetaApplicationKey command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKey + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationKey + +## Synopsis + +Removes a key from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationKey + -ObjectId + [-KeyId ] + [-Proof ] + [] +``` + +## Description + +Removes a key from an application. + +## Examples + +### Example 1: Removes a key credential from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $app.ObjectId + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' + Proof = '{token}' +} + +Remove-EntraBetaApplicationKey @params +``` + +This command removes the specified key credential from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. +- `-Proof` parameter specifies the JWT token provided as a proof of possession. + +## Parameters + +### -ObjectId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The key Id corresponding to the key object to be removed. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +The JWT token provided as a proof of possession. + +A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: + +- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. +- `iss`: Issuer needs to be the ID of the application that initiates the request. +- `nbf`: Not before time. +- `exp`: Expiration time should be the value of nbf + 10 minutes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationKey](New-EntraBetaApplicationKey.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md new file mode 100644 index 0000000000..29811b47cd --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential.md @@ -0,0 +1,107 @@ +--- +title: Remove-EntraBetaApplicationKeyCredential +description: This article provides details on the Remove-EntraBetaApplicationKeyCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationKeyCredential + +## Synopsis + +Removes a key credential from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationKeyCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationKeyCredential` cmdlet removes a key credential from an application. + +An application can use this command along with `New-EntraBetaApplicationKeyCredential` to automate the rolling of its expiring keys. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +} + +Remove-EntraBetaApplicationKeyCredential @params +``` + +This command removes the specified key credential from the specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-KeyId` Specifies a custom key ID. Use `Get-EntraBetaApplicationKeyCredential` to get the keyId details. + +## Parameters + +### -KeyId + +Specifies a custom key ID. The unique identifier for the password. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplicationKeyCredential](Get-EntraBetaApplicationKeyCredential.md) + +[New-EntraBetaApplicationKeyCredential](New-EntraBetaApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md new file mode 100644 index 0000000000..5fdd4e0996 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner.md @@ -0,0 +1,105 @@ +--- +title: Remove-EntraBetaApplicationOwner +description: This article provides details on the Remove-EntraBetaApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationOwner + +## Synopsis + +Removes an owner from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationOwner + -OwnerId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$Application = Get-EntraBetaApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + OwnerId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} +Remove-EntraBetaApplicationOwner @params +``` + +This example removes the specified owner from the specified application. You can use the command `Get-EntraBetaApplication` to get application Id. + +- `-ApplicationId` parameter specifies the the unique identifier of a application. +- `-OwnerId` parameter specifies the ID of the owner. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaApplicationOwner](Add-EntraBetaApplicationOwner.md) + +[Get-EntraBetaApplicationOwner](Get-EntraBetaApplicationOwner.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md new file mode 100644 index 0000000000..1cb759499f --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraBetaApplicationPassword +description: This article provides details on the Remove-EntraBetaApplicationPassword command. + +ms.topic: reference +ms.date: 08/02/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPassword + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationPassword + +## Synopsis + +Remove a password from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationPassword + -ObjectId + [-KeyId ] + [] +``` + +## Description + +Remove a password from an application. + +## Examples + +### Example 1: Removes a password from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $application.Id + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +} +Remove-EntraBetaApplicationPassWord @params +``` + +This example removes the specified password from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. + +## Parameters + +### -ObjectId + +The unique identifier of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The unique identifier for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraBetaApplicationPassword](New-EntraBetaApplicationPassword.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md new file mode 100644 index 0000000000..80fd93e4da --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential.md @@ -0,0 +1,103 @@ +--- +title: Remove-EntraBetaApplicationPasswordCredential +description: This article provides details on the Remove-EntraBetaApplicationPasswordCredential command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationPasswordCredential + +## Synopsis + +Removes a password credential from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationPasswordCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk App'" +$KeyIDs = Get-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id +Remove-EntraBetaApplicationPasswordCredential -ApplicationId $application.Id -KeyId $KeyIds[0].KeyId +``` + +This example demonstrates how to remove the password credential for an application. + +- `ApplicationId` Specifies the ID of the application. Use `Get-EntraBetaApplication` to get application ApplicationId value. +- `KeyId` Specifies the ID of the password credential. Use `Get-EntraBetaApplicationPasswordCredential` to retrieve a specific credential details. + +## Parameters + +### -KeyId + +Specifies the ID of the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of the application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[Get-EntraBetaApplicationPasswordCredential](Get-EntraBetaApplicationPasswordCredential.md) + +[Remove-EntraBetaApplicationPasswordCredential](Remove-EntraBetaApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplication.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyApplicationConnectorGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationProxyConnectorGroup.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..d7a058e929 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraBetaApplicationVerifiedPublisher +description: This article provides details on the Remove-EntraBetaApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Remove-EntraBetaApplicationVerifiedPublisher + +## Synopsis + +Removes the verified publisher from an application. + +## Syntax + +```powershell +Remove-EntraBetaApplicationVerifiedPublisher + -AppObjectId + [] +``` + +## Description + +Removes the verified publisher from an application. + +## Examples + +### Example 1: Remove the verified publisher from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" +Remove-EntraBetaApplicationVerifiedPublisher -AppObjectId $app.ObjectId +``` + +This command demonstrates how to remove the verified publisher from an application. + +- `-AppObjectId` parameter specifies the unique identifier of an application. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Set-EntraBetaApplicationVerifiedPublisher](Set-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaContact.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaContact.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaContact.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaContact.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md new file mode 100644 index 0000000000..18cb3113cd --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraBetaDeletedApplication +description: This article provides details on the Remove-EntraBetaDeletedApplication command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedApplication + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeletedApplication + +## Synopsis + +Permanently delete a recently deleted application object from deleted items. + +## Syntax + +```powershell +Remove-EntraBetaDeletedApplication + [-ObjectId] + [] +``` + +## Description + +Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. + +## Examples + +### Example 1: Remove deleted application object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$App = Get-EntraBetaDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraBetaDeletedApplication -ObjectId $App.ObjectId +``` + +This command removes recently deleted application. You can use the command `Get-EntraBetaDeletedApplication` to get deleted application Id. + +- `-ObjectId` parameter specifies the Id of a deleted application. + +## Parameters + +### -ObjectId + +The unique identifier of deleted application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Restore-EntraBetaDeletedApplication](Restore-EntraBetaDeletedApplication.md) + +[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md new file mode 100644 index 0000000000..37f4d8dd3f --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject.md @@ -0,0 +1,96 @@ +--- +title: Remove-EntraBetaDeletedDirectoryObject +description: This article provides details on the Remove-EntraBetaDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 08/07/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraBetaDeletedDirectoryObject + +## Synopsis + +Permanently delete a previously deleted directory object. + +## Syntax + +```powershell +Remove-EntraBetaDeletedDirectoryObject + -Id + [] +``` + +## Description + +The `Remove-EntraBetaDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. + +When a directory object is permanently deleted, it can no longer be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. +- To permanently delete users: `User Administrator`. +- To permanently delete groups: `Groups Administrator`. + +## Examples + +### Example 1: Delete a previously deleted directory object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' + +Remove-EntraBetaDeletedDirectoryObject -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This example demonstrates how to permanently delete a previously deleted directory object by ID. + +- `-Id` parameter specifies the ID of the directory object that is permanently deleted. + +## Parameters + +### -Id + +The ID of the directory object that is permanently deleted. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaDeletedDirectoryObject](Get-EntraBetaDeletedDirectoryObject.md) + +[Restore-EntraBetaDeletedDirectoryObject](Restore-EntraBetaDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDeviceRegisteredUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectorySetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectorySetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectorySetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDirectorySetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDomain.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDomain.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDomain.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaDomain.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupAppRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupLifecyclePolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupLifecyclePolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupLifecyclePolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupMember.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupMember.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupMember.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupMember.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupOwner.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupOwner.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaGroupOwner.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaIdentityProvider.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaIdentityProvider.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaIdentityProvider.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaLifecyclePolicyGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaLifecyclePolicyGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaLifecyclePolicyGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaNamedLocationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaOAuth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaOAuth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaOAuth2PermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaObjectSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaObjectSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaObjectSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaObjectSetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPasswordSingleSignOnCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPasswordSingleSignOnCredential.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPasswordSingleSignOnCredential.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPasswordSingleSignOnCredential.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPolicy.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md new file mode 100644 index 0000000000..3ccb4597ab --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment.md @@ -0,0 +1,108 @@ +--- +title: Remove-EntraBetaPrivateAccessApplicationSegment +description: This article provides details on the Remove-EntraBetaPrivateAccessApplicationSegment command. + +ms.topic: reference +ms.date: 07/18/2024 +ms.author: eunicewaweru +reviewer: andres-canello +manager: CelesteDG +author: andres-canello +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaPrivateAccessApplicationSegment +schema: 2.0.0 +--- + +# Remove-EntraBetaPrivateAccessApplicationSegment + +## Synopsis + +Removes an application segment associated to a Private Access application. + +## Syntax + +```powershell +Remove-EntraBetaPrivateAccessApplicationSegment + -ApplicationId + [-ApplicationSegmentId ] + [] +``` + +## Description + +The `Remove-EntraBetaPrivateAccessApplicationSegment` cmdlet removes application segments associated to a Private Access application. + +## Examples + +### Example 1: Delete an application segment + +```powershell +Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "displayName eq ''" +$applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} +Remove-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id +``` + +This example shows how to remove an application segment associated to a Private Access application. + +- `ApplicationId` is the application Object ID of the Private Access Application. +- `ApplicationSegmentId` is the application segment identifier to be deleted. + +## Parameters + +### -ApplicationId + +The object ID of a Private Access application object. + +```yaml +Type: System.String +Parameter Sets: +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -ApplicationSegmentId + +The application segment ID of the application segment to be deleted. + +```yaml +Type: System.String +Parameter Sets: +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## RELATED LINKS + +[Get-EntraBetaPrivateAccessApplicationSegment](Get-EntraBetaPrivateAccessApplicationSegment.md) + +[New-EntraBetaPrivateAccessApplicationSegment](New-EntraBetaPrivateAccessApplicationSegment.md) + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md new file mode 100644 index 0000000000..68bc50c151 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaScopedRoleMembership +description: This article provides details on the Remove-EntraBetaScopedRoleMembership command. + + +ms.topic: reference +ms.date: 07/06/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaScopedRoleMembership + +schema: 2.0.0 +--- + +# Remove-EntraBetaScopedRoleMembership + +## Synopsis + +Removes a scoped role membership. + +## Syntax + +```powershell +Remove-EntraBetaScopedRoleMembership + -AdministrativeUnitId + -ScopedRoleMembershipId + [] +``` + +## Description + +The `Remove-EntraBetaScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. + +## Examples + +### Example 1: Remove a scoped role membership + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + ScopedRoleMembershipId = 'dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc' +} +Remove-EntraBetaScopedRoleMembership @params +``` + +This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraBetaAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraBetaScopedRoleMembership` command. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of the scoped role membership to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaScopedRoleMembership](Add-EntraBetaScopedRoleMembership.md) + +[Get-EntraBetaScopedRoleMembership](Get-EntraBetaScopedRoleMembership.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..7affde8767 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraBetaServicePrincipal +description: This article provides details on the Remove-EntraBetaServicePrincipal command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipal + +## Synopsis + +Removes a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipal + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +Remove-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId +``` + +This example demonstrates how to remove a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) + +[Set-EntraBetaServicePrincipal](Set-EntraBetaServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..271d710a4e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment.md @@ -0,0 +1,123 @@ +--- +title: Remove-EntraBetaServicePrincipalAppRoleAssignment +description: This article provides details on the Remove-EntraBetaServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalAppRoleAssignment + +## Synopsis + +Removes a service principal application role assignment. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalAppRoleAssignment + -ServicePrincipalId + -AppRoleAssignmentId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. + +App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Removes a service principal application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + AppRoleAssignmentId = '2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6' +} + +Remove-EntraBetaServicePrincipalAppRoleAssignment @params +``` + +This example demonstrates how to remove a service principal application role assignment in Microsoft Entra ID. + +- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. + +- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. The value `2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6` represents the ID of the specific app role assignment to be removed. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of the application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Remove-EntraBetaServiceAppRoleAssignment` is an alias for `Remove-EntraBetaServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraBetaServicePrincipalAppRoleAssignment](Get-EntraBetaServicePrincipalAppRoleAssignment.md) + +[New-EntraBetaServicePrincipalAppRoleAssignment](New-EntraBetaServicePrincipalAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..05a4effcd2 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Remove-EntraBetaServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 08/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Remove delegated permission classification. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. + +## Examples + +### Example 1: Remove a delegated permission classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' +} +Remove-EntraBetaServicePrincipalDelegatedPermissionClassification @params +``` + +This command deletes the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object Id. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalDelegatedPermissionClassification](Add-EntraBetaServicePrincipalDelegatedPermissionClassification.md) + +[Get-EntraBetaServicePrincipalDelegatedPermissionClassification](Get-EntraBetaServicePrincipalDelegatedPermissionClassification.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md new file mode 100644 index 0000000000..b1dbcc576d --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaServicePrincipalOwner +description: This article provides details on the Remove-EntraBetaServicePrincipalOwner command. + +ms.topic: reference +ms.date: 07/29/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalOwner + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalOwner + +## Synopsis + +Removes an owner from a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalOwner + -OwnerId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes an owner from a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$owner = Get-EntraBetaUser -UserId 'SawyerM@contoso.com' + +$params= @{ + ServicePrincipalId = $servicePrincipal.Id + OwnerId = $owner.Id +} +Remove-EntraBetaServicePrincipalOwner @params +``` + +This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-OwnerId` parameter specifies the service principal owner Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraBetaServicePrincipalOwner](Add-EntraBetaServicePrincipalOwner.md) + +[Get-EntraBetaServicePrincipalOwner](Get-EntraBetaServicePrincipalOwner.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..013e8b3730 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraBetaServicePrincipalPasswordCredential +description: This article provides details on the Remove-EntraBetaServicePrincipalPasswordCredential command. + +ms.topic: reference +ms.date: 07/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraBetaServicePrincipalPasswordCredential + +## Synopsis + +Removes a password credential from a service principal. + +## Syntax + +```powershell +Remove-EntraBetaServicePrincipalPasswordCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a password credential from a service principal in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + KeyId = 'bbbbbbbb-1c1c-2d2d-3e3e-444444444444' +} +Remove-EntraBetaServicePrincipalPasswordCredential @Params +``` + +This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ObjectId of a specified Service Principal Password Credential. +- `-KeyId` parameter specifies the unique identifier of a Password Credential. + +## Parameters + +### -KeyId + +Specifies the unique identifier of password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[Get-EntraBetaServicePrincipalPasswordCredential](Get-EntraBetaServicePrincipalPasswordCredential.md) + +[New-EntraBetaServicePrincipalPasswordCredential](New-EntraBetaServicePrincipalPasswordCredential.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaServicePrincipalPolicy.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..3ceb528206 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,91 @@ +--- +title: Remove-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Remove-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/08/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Remove-EntraBetaTrustFrameworkPolicy + +## Synopsis + +Deletes a trust framework policy (custom policy) in the Microsoft Entra ID. + +## Syntax + +```powershell +Remove-EntraBetaTrustFrameworkPolicy + -Id + [] +``` + +## Description + +The `Remove-EntraBetaTrustFrameworkPolicy` cmdlet deletes a trust framework policy in the Microsoft Entra ID. The trust framework policy is permanently deleted. + +The work or school account must have the `B2C IEF Keyset Administrator` role in Microsoft Entra. + +## Examples + +### Example 1: Removes the specified trust framework policy + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +Remove-EntraBetaTrustFrameworkPolicy -Id 'B2C_1A_signup_signin' +``` + +This example removes the specified trust framework policy. + +- `-Id` parameter specifies unique identifier for a trust framework policy. + +## Parameters + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Set-EntraBetaTrustFrameworkPolicy](Set-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserAppRoleAssignment.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserExtension.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserExtension.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserExtension.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserExtension.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserManager.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserManager.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserManager.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaUserManager.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaLifeCycleGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaLifeCycleGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaLifeCycleGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaLifeCycleGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaStrongAuthenticationMethodByUpn.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaStrongAuthenticationMethodByUpn.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaStrongAuthenticationMethodByUpn.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Reset-EntraBetaStrongAuthenticationMethodByUpn.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md new file mode 100644 index 0000000000..c9487dfd1e --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication.md @@ -0,0 +1,127 @@ +--- +title: Restore-EntraBetaDeletedApplication +description: This article provides details on the Restore-EntraBetaDeletedApplication Command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedApplication + +schema: 2.0.0 +--- + +# Restore-EntraBetaDeletedApplication + +## Synopsis + +Restores a previously deleted application. + +## Syntax + +```powershell +Restore-EntraBetaDeletedApplication + -ObjectId + [-IdentifierUris ] + [] +``` + +## Description + +This cmdlet restores a previously deleted application. + +Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Hybrid Identity Administrator + +## Examples + +### Example 1: Restores a previously deleted application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -SearchString 'New Entra Application' + +# Delete a specific application +Remove-EntraBetaApplication -ObjectId $application.ObjectId + +# Confirm deleted application +Get-EntraBetaDeletedApplication -Filter "DisplayName eq 'New Entra Application'" + +# Restore a deleted application +Restore-EntraBetaDeletedApplication -ObjectId $application.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraBetaDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraBetaDeletedApplication` cmdlet. + +- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. + +## Parameters + +### -IdentifierUris + +The IdentifierUris of the application that is to be restored. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The ObjectId of the deleted application that is to be restored. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraBetaDeletedApplication](Remove-EntraBetaDeletedApplication.md) + +[Get-EntraBetaDeletedApplication](Get-EntraBetaDeletedApplication.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedDirectoryObject.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Restore-EntraBetaDeletedDirectoryObject.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaSignedInUserAllRefreshToken.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaSignedInUserAllRefreshToken.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaSignedInUserAllRefreshToken.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaSignedInUserAllRefreshToken.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaUserAllRefreshToken.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaUserAllRefreshToken.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaUserAllRefreshToken.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Revoke-EntraBetaUserAllRefreshToken.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsContactIsMemberOf.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsContactIsMemberOf.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsContactIsMemberOf.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsContactIsMemberOf.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsGroupIsMemberOf.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsGroupIsMemberOf.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsGroupIsMemberOf.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsGroupIsMemberOf.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md new file mode 100644 index 0000000000..6e7b36b498 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf.md @@ -0,0 +1,110 @@ +--- +title: Select-EntraBetaGroupIdsServicePrincipalIsMemberOf +description: This article provides details on the Select-EntraBetaGroupIdsServicePrincipalIsMemberOf command. + + +ms.topic: reference +ms.date: 07/31/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + +## Synopsis + +Selects the groups in which a service principal is a member. + +## Syntax + +```powershell +Select-EntraBetaGroupIdsServicePrincipalIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraBetaGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraBetaGroup -Top 10).ObjectId +$ServicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $ServicePrincipal.ObjectId + GroupIdsForMembershipCheck = $Groups +} +Select-EntraBetaGroupIdsServicePrincipalIsMemberOf @params +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command gets the group membership of a group for a specified service principal. +You can use the command `Get-EntraBetaGroup` to get group Id. +You can use the command `Get-EntraBetaServicePrincipal` to get service principal Id. + +- `-ObjectId` parameter specifies the service principal Id. +- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsUserIsMemberOf.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsUserIsMemberOf.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsUserIsMemberOf.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Select-EntraBetaGroupIdsUserIsMemberOf.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md new file mode 100644 index 0000000000..addaa0f747 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit.md @@ -0,0 +1,178 @@ +--- +title: Set-EntraBetaAdministrativeUnit +description: This article provides details on the Set-EntraBetaAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaAdministrativeUnit + +schema: 2.0.0 +--- + +# Set-EntraBetaAdministrativeUnit + +## Synopsis + +Updates an administrative unit. + +## Syntax + +```powershell +Set-EntraBetaAdministrativeUnit + -AdministrativeUnitId + [-IsMemberManagementRestricted ] + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +The `Set-EntraBetaAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. + +The Privileged Role Administrator is the least privileged role required for this operation. + +## Examples + +### Example 1: Update DisplayName + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + DisplayName = 'UpdatedAU' +} +Set-EntraBetaAdministrativeUnit @params +``` + +This Command update DisplayName of specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-DisplayName` parameter specifies the display name for the administrative unit. + +### Example 2: Update Description + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + Description = 'Updated AU Description' +} +Set-EntraBetaAdministrativeUnit @params +``` + +This example shows how to update the description of a specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-Description` parameter specifies the description for the administrative unit. + +### Example 3: Update IsMemberManagementRestricted + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + IsMemberManagementRestricted = $true +} +Set-EntraBetaAdministrativeUnit @params +``` + +This example shows how to update the `IsMemberManagementRestricted` setting for a specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-IsMemberManagementRestricted` parameter specifies the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +## Parameters + +### -Description + +Specifies a description. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsMemberManagementRestricted + +Indicates whether the management rights on resources in the administrative units should be restricted to ONLY the administrators scoped on the administrative unit object. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the Id of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaAdministrativeUnit](Get-EntraBetaAdministrativeUnit.md) + +[New-EntraBetaAdministrativeUnit](New-EntraBetaAdministrativeUnit.md) + +[Remove-EntraBetaAdministrativeUnit](Remove-EntraBetaAdministrativeUnit.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md new file mode 100644 index 0000000000..ad41388264 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication.md @@ -0,0 +1,560 @@ +--- +title: Set-EntraBetaApplication +description: This article provides details on the Set-EntraBetaApplication command. + + +ms.topic: reference +ms.date: 06/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplication + +schema: 2.0.0 +--- + +# Set-EntraBetaApplication + +## Synopsis + +Updates the properties of an application object. + +## Syntax + +```powershell +Set-EntraBetaApplication + -ApplicationId + [-Api ] + [-OptionalClaims ] + [-DisplayName ] + [-PreAuthorizedApplications ] + [-Web ] + [-IsFallbackPublicClient ] + [-RequiredResourceAccess ] + [-PublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-OrgRestrictions ] + [-KeyCredentials ] + [-TokenEncryptionKeyId ] + [-IdentifierUris ] + [-ParentalControlSettings ] + [-GroupMembershipClaims ] + [-AddIns ] + [-Tags ] + [-AppRoles ] + [-PasswordCredentials ] + [-SignInAudience ] + [-InformationalUrl ] + [] +``` + +## Description + +Updates the properties of an application object. + +## Examples + +### Example 1: Update an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + DisplayName = 'New Demo Application' +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 2: Update an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + IdentifierUris = 'https://mynewapp.contoso.com' +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 3: Update an application using GroupMembershipClaims parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + GroupMembershipClaims = 'SecurityGroup' +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + IsDeviceOnlyAuthSupported = $false +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 5: Update an application using Tags parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + Tags = 'mytag' +} +Set-EntraBetaApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +## Parameters + +### -AddIns + +Defines custom behavior that a consuming service can use to call an app in specific contexts. +For example, applications that can render file streams might set the addIns property for its "FileHandler" functionality. + +This lets services like Office 365 call the application in the context of a document the user is working on. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. + +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +Specifies identifier Uniform Resource Identifiers (URIs). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is `false` that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OrgRestrictions + +Reserved for future use. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreAuthorizedApplications + +Lists applications and requested permissions for implicit consent. +Requires an admin to have provided consent to the application. + +preAuthorizedApplications don't require the user to consent to the requested permissions. +Permissions listed in preAuthorizedApplications don't require user consent. + +However, any additional requested permissions not listed in preAuthorizedApplications require user consent. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System.Nullable`1[System.Boolean] + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaApplication](Get-EntraBetaApplication.md) + +[New-EntraBetaApplication](New-EntraBetaApplication.md) + +[Remove-EntraBetaApplication](Remove-EntraBetaApplication.md) diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md new file mode 100644 index 0000000000..26fe3c778b --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo.md @@ -0,0 +1,126 @@ +--- +title: Set-EntraBetaApplicationLogo +description: This article provides details on the Set-EntraBetaApplicationLogo command. + +ms.topic: reference +ms.date: 06/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationLogo + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationLogo + +## Synopsis + +Sets the logo for an Application + +## Syntax + +### File (Default) + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + -FilePath + [] +``` + +### Stream + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + [] +``` + +### ByteArray + +```powershell +Set-EntraBetaApplicationLogo + -ApplicationId + [] +``` + +## Description + +The `Set-EntraBetaApplicationLogo` cmdlet is used to set the logo for an application. + +## Examples + +### Example 1: Sets the application logo for the application specified by the ApplicationId parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Demo Application'" +$params = @{ + ObjectId = $application.ObjectId + FilePath = 'D:\applogo.jpg' +} +Set-EntraBetaApplicationLogo @params +``` + +This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. + +## Parameters + +### -FilePath + +The file path of the file that is to be uploaded as the application logo. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the Application for which the logo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +File uploads must be smaller than 500KB. + +## Related Links + +[Get-EntraBetaApplicationLogo](Get-EntraBetaApplicationLogo.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplication.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplication.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplication.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplication.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationConnectorGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyApplicationSingleSignOn.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnector.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnector.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnector.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnector.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnectorGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnectorGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationProxyConnectorGroup.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..c84509e00b --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher.md @@ -0,0 +1,111 @@ +--- +title: Set-EntraBetaApplicationVerifiedPublisher +description: This article provides details on the Set-EntraBetaApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Set-EntraBetaApplicationVerifiedPublisher + +## Synopsis + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Syntax + +```powershell +Set-EntraBetaApplicationVerifiedPublisher + -SetVerifiedPublisherRequest + -AppObjectId + [] +``` + +## Description + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Examples + +### Example 1: Set the verified publisher of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$app = Get-EntraBetaApplication -Filter "DisplayName eq ''" +$appObjId = $app.ObjectId +$mpnId = '0433167' +$req = @{verifiedPublisherId = $mpnId} +$params = @{ + AppObjectId = $appObjId + SetVerifiedPublisherRequest = $req +} +Set-EntraBetaApplicationVerifiedPublisher @params +``` + +This command sets the verified publisher of an application. + +The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. + +- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. +- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SetVerifiedPublisherRequest + +A request body object containing the verifiedPublisherId property it's the MPNID value. + +```yaml +Type: SetVerifiedPublisherRequest +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraBetaApplicationVerifiedPublisher](Remove-EntraBetaApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAttributeSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAttributeSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAttributeSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAuthorizationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAuthorizationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAuthorizationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaAuthorizationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDevice.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDevice.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDevice.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDevice.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncConfiguration.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncConfiguration.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncConfiguration.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncConfiguration.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncEnabled.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncEnabled.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncEnabled.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncEnabled.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncFeature.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncFeature.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncFeature.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirSyncFeature.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectorySetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectorySetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectorySetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDirectorySetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomain.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomain.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomain.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomain.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomainFederationSettings.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomainFederationSettings.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomainFederationSettings.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaDomainFederationSettings.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroupLifecyclePolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroupLifecyclePolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroupLifecyclePolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaIdentityProvider.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaIdentityProvider.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaIdentityProvider.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaNamedLocationPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaObjectSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaObjectSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaObjectSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaObjectSetting.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPartnerInformation.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPartnerInformation.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPartnerInformation.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPartnerInformation.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPasswordSingleSignOnCredential.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPasswordSingleSignOnCredential.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPasswordSingleSignOnCredential.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPasswordSingleSignOnCredential.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPolicy.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPolicy.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPolicy.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleAssignmentRequest.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleAssignmentRequest.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleAssignmentRequest.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleAssignmentRequest.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleSetting.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleSetting.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleSetting.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaPrivilegedRoleSetting.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md new file mode 100644 index 0000000000..6e18835032 --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal.md @@ -0,0 +1,440 @@ +--- +title: Set-EntraBetaServicePrincipal +description: This article provides details on the Set-EntraBetaServicePrincipal command. + +ms.topic: reference +ms.date: 06/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra.Beta-help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaServicePrincipal + +schema: 2.0.0 +--- + +# Set-EntraBetaServicePrincipal + +## Synopsis + +Updates a service principal. + +## Syntax + +```powershell +Set-EntraBetaServicePrincipal + -ServicePrincipalId + [-KeyCredentials ] + [-Homepage ] + [-AppId ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-PreferredSingleSignOnMode ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +The `Set-EntraBetaServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Disable the account of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AccountEnabled = $False +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AccountEnabled` parameter specifies indicates whether the account is enabled. + +### Example 2: Update AppId and Homepage of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AppId = '22223333-cccc-4444-dddd-5555eeee6666' + Homepage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AppId` parameter specifies the application ID. +- `-Homepage` parameter specifies the home page or landing page of the application. + +### Example 3: Update AlternativeNames and DisplayName of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AlternativeNames = 'Service Principal Demo' + DisplayName = 'NewName' +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 4: Update LogoutUrl and ReplyUrls of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + LogoutUrl = 'https://securescore.office.com/SignOut' + ReplyUrls = 'https://admin.contoso.com' +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-LogoutUrl` parameter specifies the sign out URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + ServicePrincipalType = 'Application' + AppRoleAssignmentRequired = $True +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-ServicePrincipalType` parameter specifies the service principal type. +- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. + +### Example 6: Update KeyCredentials of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 10 -Day 10 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') +$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 +Set-EntraBetaServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId -KeyCredentials $creds +``` + +This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. + +Use the `New-EntraBetaServicePrincipalPasswordCredential` and `Remove-EntraBetaServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. + +### Example 7: Update PreferredSingleSignOnMode of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + PreferredSingleSignOnMode = 'saml' +} +Set-EntraBetaServicePrincipal @params +``` + +This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +Specifies the application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Specifies the home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the sign out URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Species the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredSingleSignOnMode + +Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies service principal names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The service principal type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Specifies an array of tags. + +If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraBetaServicePrincipal](Get-EntraBetaServicePrincipal.md) + +[New-EntraBetaServicePrincipal](New-EntraBetaServicePrincipal.md) + +[Remove-EntraBetaServicePrincipal](Remove-EntraBetaServicePrincipal.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTenantDetail.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTenantDetail.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTenantDetail.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTenantDetail.md diff --git a/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md new file mode 100644 index 0000000000..bfa558b6ec --- /dev/null +++ b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md @@ -0,0 +1,222 @@ +--- +title: Set-EntraBetaTrustFrameworkPolicy +description: This article provides details on the Set-EntraBetaTrustFrameworkPolicy command. + + +ms.topic: reference +ms.date: 08/14/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra.Beta-Help.xml +Module Name: Microsoft.Graph.Entra.Beta +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy + +schema: 2.0.0 +--- + +# Set-EntraBetaTrustFrameworkPolicy + +## Synopsis + +This cmdlet is used to update a trust framework policy (custom policy) in the directory. + +## Syntax + +### Content (Default) + +```powershell +Set-EntraBetaTrustFrameworkPolicy + [-Id ] + -Content + [-OutputFilePath ] + [] +``` + +### File + +```powershell +Set-EntraBetaTrustFrameworkPolicy + [-Id ] + -InputFilePath + [-OutputFilePath ] + [] +``` + +## Description + +The `Set-EntraBetaTrustFrameworkPolicy` cmdlet is used to update a trust framework policy in the directory. + +The contents of the trust framework policy to be updated can be provided using a file or a command line variable. + +The contents of the updated trust framework policy can be written to an output file or to the screen. + +## Examples + +### Example 1: Updates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Id = 'B2C_1A_signup_signin' + Content = $policyContent +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the content specified. + +The contents of updated trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-Content` Parameter specifies the content of the trust framework policy to be updated. + +### Example 2: Updates a trust framework policy from the content specified + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$policyContent = Get-Content 'C:\temp\CreatedPolicy.xml' | out-string +$params = @{ + Id = 'B2C_1A_signup_signin' + Content = $policyContent + OutputFilePath = 'C:\UpdatedPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the content specified. + +The contents of updated trust framework policy are written to file mentioned in output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-Content` Parameter specifies the content of the trust framework policy to be updated. +- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. + +### Example 3: Updates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_signup_signin' + InputFilePath = 'C:\InputPolicy.xml' + OutputFilePath = 'C:\UpdatedPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the file mentioned in InputFilePath. + +The contents of updated trust framework policy are written to file mentioned in output file path. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. +- `-OutputFilePath` Parameter specifies the path to the file used for updating the contents of trust framework policy. + +### Example 4: Updates a trust framework policy from the file mentioned in InputFilePath + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.TrustFramework' +$params = @{ + Id = 'B2C_1A_signup_signin' + InputFilePath = 'C:\InputPolicy.xml' +} +Set-EntraBetaTrustFrameworkPolicy @params +``` + +The example updates a trust framework policy from the file mentioned in InputFilePath. + +The contents of updated created trust framework policy are displayed on screen. + +- `-Id` Parameter specifies ID for a trust framework policy. +- `-InputFilePath` Parameter specifies path to the file used for reading the contents of trust framework policy to be updated. + +## Parameters + +### -Content + +The content of the trust framework policy to be updated. + +```yaml +Type: System.String +Parameter Sets: Content +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier for a trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InputFilePath + +Path to the file used for reading the contents of trust framework policy to be updated. + +```yaml +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OutputFilePath + +Path to the file used for writing the contents of updated trust framework policy. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraBetaTrustFrameworkPolicy](Get-EntraBetaTrustFrameworkPolicy.md) + +[New-EntraBetaTrustFrameworkPolicy](New-EntraBetaTrustFrameworkPolicy.md) + +[Remove-EntraBetaTrustFrameworkPolicy](Remove-EntraBetaTrustFrameworkPolicy.md) diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUser.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUser.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUser.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUser.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserExtension.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserExtension.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserExtension.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserExtension.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserLicense.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserLicense.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserLicense.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserLicense.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserManager.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserManager.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserManager.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserManager.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserPassword.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserPassword.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserPassword.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserPassword.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserThumbnailPhoto.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserThumbnailPhoto.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserThumbnailPhoto.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaUserThumbnailPhoto.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Test-EntraScript.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Test-EntraScript.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Test-EntraScript.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Test-EntraScript.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaOauth2PermissionGrant.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaOauth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaOauth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaOauth2PermissionGrant.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaSignedInUserPassword.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaSignedInUserPassword.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaSignedInUserPassword.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaSignedInUserPassword.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserAuthenticationRequirement.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserAuthenticationRequirement.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserAuthenticationRequirement.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserAuthenticationRequirement.md diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserFromFederated.md b/module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserFromFederated.md similarity index 100% rename from module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserFromFederated.md rename to module_legacy/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Update-EntraBetaUserFromFederated.md diff --git a/module/docs/entra-powershell-beta/index.md b/module_legacy/docs/entra-powershell-beta/index.md similarity index 100% rename from module/docs/entra-powershell-beta/index.md rename to module_legacy/docs/entra-powershell-beta/index.md diff --git a/module/docs/entra-powershell-beta/toc.yml b/module_legacy/docs/entra-powershell-beta/toc.yml similarity index 100% rename from module/docs/entra-powershell-beta/toc.yml rename to module_legacy/docs/entra-powershell-beta/toc.yml diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..7049899b74 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember.md @@ -0,0 +1,111 @@ +--- +title: Add-EntraAdministrativeUnitMember +description: This article provides details on the Add-EntraAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Add-EntraAdministrativeUnitMember + +## Synopsis + +Adds an administrative unit member. + +## Syntax + +```powershell +Add-EntraAdministrativeUnitMember + -RefObjectId + -AdministrativeUnitId + [] +``` + +## Description + +The `Add-EntraAdministrativeUnitMember` cmdlet adds a Microsoft Entra ID administrative unit member. + +Administrative units enable more granular management of permissions and access, particularly in large organizations or where administrative responsibilities are divided across departments or regions. + +To add a user, group, or device to an administrative unit, the calling principal must be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add user as an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$User = Get-EntraUser -UserId 'SawyerM@contoso.com' +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + RefObjectId = $User.ObjectId +} +Add-EntraAdministrativeUnitMember @params +``` + +This example shows how to add an administrative unit member. You can use the command `Get-EntraAdministrativeUnit` to get administrative unit ID. You can use the command `Get-EntraUser` to get user ID. + +- `AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `RefObjectId` parameter specifies the ID of the user or group you want to add as a member of the administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of a Microsoft Entra ID administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the unique ID of the specific Microsoft Entra ID object that are as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) + +[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md new file mode 100644 index 0000000000..c9bfb8a7fa --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraApplicationOwner.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraApplicationOwner +description: This article provides details on the Add-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Add-EntraApplicationOwner + +## Synopsis + +Adds an owner to an application. + +## Syntax + +```powershell +Add-EntraApplicationOwner + -ApplicationId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraApplicationOwner` cmdlet adds an owner to a Microsoft Entra ID application. + +## Examples + +### Example 1: Add a user as an owner to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$ApplicationId = (Get-EntraApplication -Top 1).ObjectId +$UserObjectId = (Get-EntraUser -UserId 'SawyerM@contoso.com').ObjectId +Add-EntraApplicationOwner -ApplicationId $ApplicationId -RefObjectId $UserObjectId +``` + +This example demonstrates how to add an owner to an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the ID of an application. +- `-RefObjectId` parameter specifies the ID of a user. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) + +[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDeviceRegisteredUser.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraEnvironment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraEnvironment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraEnvironment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraEnvironment.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md new file mode 100644 index 0000000000..cca67243d0 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupMember.md @@ -0,0 +1,102 @@ +--- +title: Add-EntraGroupMember +description: This article explains the Add-EntraGroupMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraGroupMember + +schema: 2.0.0 +--- + +# Add-EntraGroupMember + +## Synopsis + +Adds a member to a group. + +## Syntax + +```powershell +Add-EntraGroupMember + -GroupId + -RefObjectId + [] +``` + +## Description + +The Add-EntraGroupMember cmdlet adds a member to a group. + +## Examples + +### Example 1: Add a member to a group + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$params = @{ + GroupId = 'dddddddd-2222-3333-5555-rrrrrrrrrrrr' + RefObjectId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} + +Add-EntraGroupMember @params +``` + +This example demonstrates how to add a member to a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupMember](Get-EntraGroupMember.md) + +[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md new file mode 100644 index 0000000000..2e74ae568b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraGroupOwner.md @@ -0,0 +1,108 @@ +--- +title: Add-EntraGroupOwner +description: This article explains the Add-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraGroupOwner + +schema: 2.0.0 +--- + +# Add-EntraGroupOwner + +## Synopsis + +Adds an owner to a group. + +## Syntax + +```powershell +Add-EntraGroupOwner + -GroupId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraGroupOwner` cmdlet adds an owner to a Microsoft Entra ID group. Specify the `GroupId` and `RefObjectId` parameters to add an owner to a group. + +`-GroupId` - specifies the unique identifier (Object ID) of the group to which you want to add an owner. + +`-RefObjectId` - specifies the unique identifier (Object ID) of the owner to be added to the group. + +## Examples + +### Example 1: Add an owner to a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$params = @{ + GroupId = $group.ObjectId + RefObjectId = $user.ObjectId +} + +Add-EntraGroupOwner @params +``` + +This example demonstrates how to add an owner to a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupOwner](Get-EntraGroupOwner.md) + +[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..df79fef7d9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup.md @@ -0,0 +1,111 @@ +--- +title: Add-EntraLifecyclePolicyGroup +description: This article provides details on the Add-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Add-EntraLifecyclePolicyGroup + +## Synopsis + +Adds a group to a lifecycle policy. + +## Syntax + +```powershell +Add-EntraLifecyclePolicyGroup + -GroupId + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Add-EntraLifecyclePolicyGroup` cmdlet adds a group to a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1: Add a group to the lifecycle policy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraGroupLifecyclePolicy | Select-Object -First 1 +$params = @{ + GroupLifecyclePolicyId = $policy.Id + groupId = $group.ObjectId +} +Add-EntraLifecyclePolicyGroup @params +``` + +This example adds a group to the lifecycle policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy add to the group. +- `-GroupId` parameter specifies the ID of the group add to the Lifecycle Policy. + +## Parameters + +### -GroupId + +Specifies the ID of an Office365 group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) + +[Remove-EntraLifecyclePolicyGroup](Remove-EntraLifecyclePolicyGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..2919fc8285 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership.md @@ -0,0 +1,135 @@ +--- +title: Add-EntraScopedRoleMembership +description: This article provides details on the Add-EntraScopedRoleMembership command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Add-EntraScopedRoleMembership + +## Synopsis + +Assign a Microsoft Entra role with an administrative unit scope. + +## Syntax + +```powershell +Add-EntraScopedRoleMembership + -AdministrativeUnitId + [-RoleObjectId ] + [-RoleMemberInfo ] + [] +``` + +## Description + +The `Add-EntraScopedRoleMembership` cmdlet adds a scoped role membership to an administrative unit. Specify `AdministrativeUnitId` parameter to add a scoped role membership. + +For delegated scenarios, the calling user needs at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add a scoped role membership to an administrative unit + +```powershell +Connect-Entra -Scopes 'RoleManagement.ReadWrite.Directory' +$User = Get-EntraUser -SearchString 'MarkWood' +$Role = Get-EntraDirectoryRole -Filter "DisplayName eq ''" +$Unit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$RoleMember = New-Object -TypeName Microsoft.Open.AzureAD.Model.RoleMemberInfo +$RoleMember.ObjectId = $User.ObjectId +$params = @{ + AdministrativeUnitId = $Unit.ObjectId + RoleObjectId = $Role.ObjectId + RoleMemberInfo = $RoleMember +} +Add-EntraScopedRoleMembership @params +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The example shows how to add a user to the specified role within the specified administrative unit. + +- `-AdministrativeUnitId` Parameter specifies the ID of an administrative unit. +- `-RoleObjectId` Parameter specifies the ID of a directory role. +- `-RoleMemberInfo` Parameter specifies a RoleMemberInfo object. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RoleMemberInfo + +Specifies a RoleMemberInfo object. + +```yaml +Type: System.RoleMemberInfo +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RoleObjectId + +Specifies the ID of a directory role. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) + +[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..e526f2d41a --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner.md @@ -0,0 +1,109 @@ +--- +title: Add-EntraServicePrincipalOwner +description: This article provides details on the Add-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Add-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Add-EntraServicePrincipalOwner + +## Synopsis + +Adds an owner to a service principal. + +## Syntax + +```powershell +Add-EntraServicePrincipalOwner + -ServicePrincipalId + -RefObjectId + [] +``` + +## Description + +The `Add-EntraServicePrincipalOwner` cmdlet adds an owner to a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Add a user as an owner to a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipalId = (Get-EntraServicePrincipal -Top 1).ObjectId +$OwnerId = (Get-EntraUser -Top 1).ObjectId +$Params = @{ + ServicePrincipalId = $ServicePrincipalId + RefObjectId = $OwnerId +} +Add-EntraServicePrincipalOwner @Params +``` + +This example demonstrates how to add an owner to a service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. +- `-RefObjectId` parameter specifies the user object ID. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -RefObjectId + +Specifies the ID of the Microsoft Entra ID object to assign as owner/manager/member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) + +[Get-EntraUser](Get-EntraUser.md) + +[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Confirm-EntraDomain.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Confirm-EntraDomain.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Confirm-EntraDomain.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Confirm-EntraDomain.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Connect-Entra.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Connect-Entra.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Connect-Entra.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Connect-Entra.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Disconnect-Entra.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Disconnect-Entra.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Disconnect-Entra.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Disconnect-Entra.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraAzureADAlias.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraAzureADAlias.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraAzureADAlias.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraAzureADAlias.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraDirectoryRole.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraDirectoryRole.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraDirectoryRole.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Enable-EntraDirectoryRole.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Find-EntraPermission.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Find-EntraPermission.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Find-EntraPermission.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Find-EntraPermission.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-CrossCloudVerificationCode.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-CrossCloudVerificationCode.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-CrossCloudVerificationCode.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-CrossCloudVerificationCode.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAccountSku.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAccountSku.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAccountSku.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAccountSku.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnit.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnit.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnit.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnit.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..99c4fe82d9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember.md @@ -0,0 +1,193 @@ +--- +title: Get-EntraAdministrativeUnitMember +description: This article provides details on the Get-EntraAdministrativeUnitMember command. + + +ms.topic: reference +ms.date: 07/30/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Get-EntraAdministrativeUnitMember + +## Synopsis + +Gets a member of an administrative unit. + +## Syntax + +```powershell +Get-EntraAdministrativeUnitMember + -AdministrativeUnitId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraAdministrativeUnitMember` cmdlet gets a member of a Microsoft Entra ID administrative unit. Specify `AdministrativeUnitId` parameters to retrieve an administrative unit member. + +In delegated scenarios with work or school accounts, the signed-in user must either be a member user or be assigned a supported Microsoft Entra role, or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Directory Readers: Read basic properties on administrative units +- Global Reader: Read all properties of administrative units, including members +- Privileged Role Administrator: Create and manage administrative units (including members) + +## Examples + +### Example 1: Get an administrative unit member by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 2: Get all administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example returns the list of all administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +### Example 3: Get top three administrative unit members by AdministrativeUnitId + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraAdministrativeUnitMember -AdministrativeUnitId $AdministrativeUnit.Id -Top 3 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example returns top three administrative unit members from specified administrative unit AdministrativeUnitId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) + +[Remove-EntraAdministrativeUnitMember](Remove-EntraAdministrativeUnitMember.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplication.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplication.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplication.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..bce69cd889 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraApplicationExtensionProperty +description: This article provides details on the Get-EntraApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Get-EntraApplicationExtensionProperty + +## Synopsis + +Gets application extension properties. + +## Syntax + +```powershell +Get-EntraApplicationExtensionProperty + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationExtensionProperty` cmdlet gets application extension properties in Microsoft Entra ID. + +## Examples + +### Example 1: Get extension properties + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$Application = Get-EntraApplication -SearchString '' +Get-EntraApplicationExtensionProperty -ApplicationId $Application.Id +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsMultiValued IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ------------- ---------------------- ---- ------------- + aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Boolean False False extension_c371a443f6734a3e8982a26357fb7d59_NewAttribute {User} +``` + +This command gets the extension properties for the specified application in Microsoft Entra ID. You cane use the command `Get-EntraApplication` to get application ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) + +[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..b0b5a7e66b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential.md @@ -0,0 +1,89 @@ +--- +title: Get-EntraApplicationKeyCredential +description: This article provides details on the Get-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraApplicationKeyCredential + +## Synopsis + +Gets the key credentials for an application. + +## Syntax + +```powershell +Get-EntraApplicationKeyCredential + -ObjectId + [] +``` + +## Description + +The `Get-EntraApplicationKeyCredential` cmdlet retrieves the key credentials for an application. Specify `ObjectId` parameter to retrieve the key credentials for an application. + +## Examples + +### Example 1: Get key credentials + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationKeyCredential -ObjectId $application.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- +{116, 101, 115, 116…} MyApp Cert 6/27/2024 11:49:17 AM bbbbbbbb-1c1c-2d2d-3e3e-444444444444 6/27/2023 11:29:17 AM AsymmetricX509Cert Verify +``` + +This command gets the key credentials for the specified application. + +`-ObjectId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies a unique ID of an application in Microsoft Entra ID to retrieve key credentials. Use `Get-EntraApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) + +[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md new file mode 100644 index 0000000000..166508d887 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationLogo.md @@ -0,0 +1,136 @@ +--- +title: Get-EntraApplicationLogo +description: This article provides details on the Get-EntraApplicationLogo command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationLogo + +schema: 2.0.0 +--- + +# Get-EntraApplicationLogo + +## Synopsis + +Retrieve the logo of an application. + +## Syntax + +```powershell +Get-EntraApplicationLogo + -ApplicationId + [-FileName ] + [-View ] + [-FilePath ] + [] +``` + +## Description + +The `Get-EntraApplicationLogo` cmdlet retrieves the logo that is set for an application. Specify the `ApplicationId` parameter to get a specific application logo for an application. + +## Examples + +### Example 1: Get an application logo for an application by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplicationLogo -ApplicationId 'bbbbbbbb-1111-1111-1111-cccccccccccc' -FilePath 'D:\outfile1.jpg' +``` + +This example shows how to retrieve the application logo for an application that is specified through the Object ID parameter. + +## Parameters + +### -FileName + +If provided, the application logo is saved to the file using the specified file name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -FilePath + +If provided, the application logo is copied with a random filename to the file path that is specified in this parameter. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the application for which the logo is to be retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -View + +If set to $true, the application's logo is displayed in a new window on the screen. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +### System.Boolean + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Set-EntraApplicationLogo](Set-EntraApplicationLogo.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md new file mode 100644 index 0000000000..80b78d9283 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationOwner.md @@ -0,0 +1,212 @@ +--- +title: Get-EntraApplicationOwner +description: This article provides details on the Get-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Get-EntraApplicationOwner + +## Synopsis + +Gets the owner of an application. + +## Syntax + +```powershell +Get-EntraApplicationOwner + -ApplicationId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationOwner` cmdlet get an owner of an Microsoft Entra ID application. + +## Examples + +### Example 1: Get the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +Get-EntraApplicationOwner -ApplicationId $Application.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 2: Get the details about the owner of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -SearchString '' +$applicationOwners = Get-EntraApplicationOwner -ObjectId $application.ObjectId +$ownerDetails = $applicationOwners | ForEach-Object { + $ownerDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id + [PSCustomObject]@{ + displayName = $ownerDetail.displayName + Id = $ownerDetail.Id + UserPrincipalName = $ownerDetail.UserPrincipalName + UserType = $ownerDetail.UserType + accountEnabled = $ownerDetail.accountEnabled + } +} +$ownerDetails | Format-Table -Property displayName, Id, UserPrincipalName, UserType, accountEnabled -AutoSize +``` + +```Output +displayName Id UserPrincipalName UserType accountEnabled +----------- -- ----------------- -------- -------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc SawyerM@contoso.com Member True +Adele Vance ec5813fb-346e-4a33-a014-b55ffee3662b AdeleV@contoso.com Member True +``` + +This example demonstrates how to get the owners of an application in Microsoft Entra ID with more owner lookup details. + +### Example 3: Get all owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +Get-EntraApplicationOwner -ApplicationId $Application.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +``` + +This example demonstrates how to get the all owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +### Example 4: Get top two owners of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +Get-EntraApplicationOwner -ApplicationId $Application.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example demonstrates how to get the two owners of a specified application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) + +[Remove-EntraApplicationOwner](Remove-EntraApplicationOwner.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..f82b444191 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Get-EntraApplicationPasswordCredential +description: This article provides details on the Get-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraApplicationPasswordCredential + +## Synopsis + +Gets the password credential for an application. + +## Syntax + +```powershell +Get-EntraApplicationPasswordCredential + -ApplicationId + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationPasswordCredential` cmdlet receives the password credentials for a Microsoft Entra ID application. Specify `ApplicationId` parameter to cmdlet receives the password credentials. + +## Examples + +### Example 1: Get password credential for specified application + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationPasswordCredential -ApplicationId $application.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{100, 101, 109, 111} demo 26/07/2025 10:34:40 Ap6 bbbbbbbb-1111-2222-3333-cccccccccccc 26/07/2024 10:34:40 +``` + +This example shows how to retrieve the password credential for specified application. + +- `-ApplicationId` specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -ApplicationId + +The ApplicationId of the application for which to get the password credential. Use `Get-EntraApplication` for more details. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) \ No newline at end of file diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md new file mode 100644 index 0000000000..69df671ca9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint.md @@ -0,0 +1,167 @@ +--- +title: Get-EntraApplicationServiceEndpoint +description: This article provides details on the Get-EntraApplicationServiceEndpoint command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationServiceEndpoint + +schema: 2.0.0 +--- + +# Get-EntraApplicationServiceEndpoint + +## Synopsis + +Retrieve the service endpoint of an application. + +## Syntax + +```powershell +Get-EntraApplicationServiceEndpoint + -ApplicationId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraApplicationServiceEndpoint` cmdlet retrieves the service endpoint(s) of an application. + +The service endpoint entity contains service discovery information. The serviceEndpoints property of the Application entity is of type ServiceEndpoint. + +Other services can use the information stored in the ServiceEndpoint entity to find this service and its addressable endpoints. + +## Examples + +### Example 1: Retrieve the application service endpoint by ID + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationServiceEndpoint -ApplicationId $application.ObjectId +``` + +This example demonstrates how to retrieve service endpoint of the application that is specified through the Object ID parameter. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 2: Get all service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationServiceEndpoint -ApplicationId $application.ObjectId -All +``` + +This example demonstrates how to retrieve all service endpoints of a specified application. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +### Example 3: Get top five service endpoints + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Contoso Helpdesk Application'" +Get-EntraApplicationServiceEndpoint -ApplicationId $application.ObjectId -Top 5 +``` + +This example demonstrates how to retrieve five service endpoints of a specified application. + +`-ApplicationId` parameter specifies the ID of an application object in Microsoft Entra ID. + +## Parameters + +### -All + +Return all service endpoints. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the object ID of the application for which the service endpoint is retrieved. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of results that are returned. +The default is 100. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md new file mode 100644 index 0000000000..3ef510d43f --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraApplicationTemplate.md @@ -0,0 +1,173 @@ +--- +title: Get-EntraApplicationTemplate +description: This article provides details on the Get-EntraApplicationTemplate command. + + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraApplicationTemplate +schema: 2.0.0 +--- + +# Get-EntraApplicationTemplate + +## Synopsis + +Retrieve a list of applicationTemplate objects. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraApplicationTemplate + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraApplicationTemplate + -Id + [] +``` + +## Description + +The `Get-EntraApplicationTemplate` cmdlet allows users to get a list of all the application templates or a specific application template. + +## Examples + +### Example 1. Gets a list of application template objects + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplicationTemplate +``` + +This command gets all the application template objects + +### Example 2. Gets an application template object + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraApplicationTemplate -Id 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +Id Categories Description +-- ---------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {businessMgmt, productivity, projectManagement} Cube is perfect for businesses +``` + +This command gets an application template object for the given id. + +- `-Id` Specifies the unique identifier of an application template. + +## Parameters + +### -Id + +The unique identifier of an application template. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplate + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAttributeSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAttributeSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAttributeSet.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md new file mode 100644 index 0000000000..012cbe8f4d --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog.md @@ -0,0 +1,179 @@ +--- +title: Get-EntraAuditDirectoryLog +description: This article provides details on the Get-EntraAuditDirectoryLog command. + + +ms.topic: reference +ms.date: 07/01/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraAuditDirectoryLog +schema: 2.0.0 +--- + +# Get-EntraAuditDirectoryLog + +## Synopsis + +Get directory audit logs. + +## Syntax + +```powershell +Get-EntraAuditDirectoryLog +[-All] +[-Top ] +[-Filter ] +[] +``` + +## Description + +The `Get-EntraAuditDirectoryLog` cmdlet gets a Microsoft Entra ID audit log. + +Retrieve audit logs from Microsoft Entra ID, covering logs from various services such as user, app, device, and group management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (SSPR and admin resets), and self-service group management. + +## Examples + +### Example 1: Get all logs + +```powershell + Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' + Get-EntraAuditDirectoryLog -All +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd +Directory_bbbbbbbb-1111-2222-3333-cccccccccccc 17/07/2024 07:31:54 Update user UserManagement bbbb1111-cc22-3333-44dd-555555eeeeee +SSGM_cccccccc-2222-3333-4444-dddddddddddd 17/07/2024 07:13:08 GroupsODataV4_GetgroupLifecyclePolicies GroupManagement cccc2222-dd33-4444-55ee-666666ffffff + +``` + +This command gets all audit logs. + +### Example 2: Get first n logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId LoggedB + yServic + e +-- ---------------- ------------------- -------- ------------- ------- +Directory_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb_8IAPT_617717139 17/07/2024 08:55:34 Add service principal ApplicationManagement aaaa0000-bb11-2222-33cc-444444dddddd Core... + +``` + +This example returns the first N logs. + +### Example 3: Get audit logs containing a given ActivityDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Filter "ActivityDisplayName eq 'Update rollout policy of feature'" -Top 1 +``` + +```Output +Id ActivityDateTime ActivityDisplayName Category CorrelationId +-- ---------------- ------------------- -------- ------------- +Application Proxy_aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 16/07/2024 05:13:49 Update rollout policy of feature Authentication aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This command shows how to get audit logs by ActivityDisplayName. + +### Example 4: Get all audit logs with a given result + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All, Directory.Read.All' +Get-EntraAuditDirectoryLog -Filter "result eq 'failure'" -All +``` + +This command shows how to get audit logs by the result. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraAuditDirectoryLogs` is an alias for `Get-EntraAuditDirectoryLog`. + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md new file mode 100644 index 0000000000..c5b1ae2b29 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuditSignInLog.md @@ -0,0 +1,213 @@ +--- +title: Get-EntraAuditSignInLog +description: This article provides details on the Get-EntraAuditSignInLog command. + + +ms.topic: reference +ms.date: 07/15/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraAuditSignInLog +schema: 2.0.0 +--- + +# Get-EntraAuditSignInLog + +## Synopsis + +Get audit logs of sign-ins. + +## Syntax + +```powershell +Get-EntraAuditSignInLog + [-SignInId] + [-All] + [-Top ] + [-Filter ] + [] +``` + +## Description + +The `Get-EntraAuditSignInLog` cmdlet gets the Microsoft Entra ID sign-in log. + +In addition to delegated permissions, the signed-in user must belong to at least one of the following Microsoft Entra roles to read sign-in reports: + +- Global Reader +- Reports Reader +- Security Administrator +- Security Operator +- Security Reader + +## Examples + +### Example 1: Get all logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -All +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +cccccccc-2222-3333-4444-dddddddddddd Azure Active Directory PowerShell 22223333-cccc-4444-dddd-5555eeee6666 {} none +dddddddd-3333-4444-5555-eeeeeeeeeeee Azure Active Directory PowerShell 33334444-dddd-5555-eeee-6666ffff7777 {} none +``` + +This example returns all audit logs of sign-ins. + +### Example 2: Get the first two logs + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Top 2 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Azure Active Directory PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 {} none +bbbbbbbb-1111-2222-3333-cccccccccccc Azure Portal 11112222-bbbb-3333-cccc-4444dddd5555 {} none +``` + +This example returns the first two audit logs of sign-ins. + +### Example 3: Get audit logs containing a given AppDisplayName + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Filter "AppDisplayName eq 'Graph Explorer'" -Top 1 +``` + +```Output +Id AppDisplayName AppId AppTokenProtectionStatus AuthenticationMethodsUsed AuthenticationProtocol +-- -------------- ----- ------------------------ ------------------------- ---------------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Graph Explorer PowerShell 00001111-aaaa-2222-bbbb-3333cccc4444 +``` + +This example demonstrates how to retrieve sign-in logs by AppDisplayName. + +### Example 4: Get all sign-in logs between dates + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +Get-EntraAuditSignInLog -Filter "createdDateTime ge 2024-07-01T00:00:00Z and createdDateTime le 2024-07-14T23:59:59Z" +``` + +This example shows how to retrieve sign-in logs between dates. + +### Example 5: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +## Parameters + +### -SignInId + +Specifies unique ID of the Audit Log. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraAuditSignInLogs` is an alias for `Get-EntraAuditSignInLog`. + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuthorizationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuthorizationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuthorizationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraAuthorizationPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContact.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContact.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContact.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContact.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactDirectReport.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactDirectReport.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactDirectReport.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactDirectReport.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactManager.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactManager.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactManager.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactManager.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactMembership.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactMembership.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactMembership.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactThumbnailPhoto.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactThumbnailPhoto.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactThumbnailPhoto.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContactThumbnailPhoto.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContext.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContext.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContext.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContext.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md new file mode 100644 index 0000000000..c65dae7c2b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraContract +description: This article provides details on the Get-EntraContract command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraContract + +schema: 2.0.0 +--- + +# Get-EntraContract + +## Synopsis + +Gets a contract. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraContract + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraContract + -ContractId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraContract` cmdlet gets a contract information associated to a partner tenant. + +The contract object contains the following attributes: + +- `contractType` - type of the contract. + +Possible values are: + +1. SyndicationPartner - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +1. BreadthPartner - indicates that the partner has the ability to provide administrative support for this customer. +However the partner isn't allowed to resell to the customer. +1. ResellerPartner - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +- `customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +- `defaultDomainName` - a copy of the customer tenant's default domain name. +The copy is made when the partnership with the customer is established. +It isn't automatically updated if the customer tenant's default domain name changes. + +- `deletionTimestamp` - this property isn't valid for contracts and always returns null. + +- `displayName` - a copy of the customer tenant's display name. +The copy is made when the partnership with the customer is established. +It isn't automatically updated if the customer tenant's display name changes. + +- `objectType` - a string that identifies the object type. The value is always `Contract`. + +- `ContractId` - the unique identifier for the partnership. + +## Examples + +### Example 1: Get all contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraContract +``` + +This command gets all contracts in the Microsoft Entra ID. + +### Example 2: Get top two contracts in the directory + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraContract -Top 2 +``` + +This command gets top two contracts in the Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ContractId + +Specifies the ID of a contract. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedApplication.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedApplication.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedApplication.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedDirectoryObject.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedDirectoryObject.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md new file mode 100644 index 0000000000..f85a857377 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeletedGroup.md @@ -0,0 +1,293 @@ +--- +title: Get-EntraDeletedGroup +description: This article provides details on the Get-EntraDeletedGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDeletedGroup + +schema: 2.0.0 +--- + +# Get-EntraDeletedGroup + +## Synopsis + +This cmdlet is used to retrieve the soft deleted groups in a Microsoft Entra ID. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraDeletedGroup + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraDeletedGroup + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraDeletedGroup + -GroupId + [-All] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraBetaDeletedGroup + [-All] + [-SearchString ] + [-Property ] + [] +``` + +## Description + +This cmdlet retrieves soft-deleted groups from a directory. When a group is deleted, it is soft deleted and can be recovered within 30 days. After 30 days, the group is permanently deleted and cannot be recovered. + +Please note that soft delete currently applies only to Unified Groups (also known as Office 365 Groups). + +## Examples + +### Example 1: Get deleted groups in the directory + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the Microsoft Entra ID. + +### Example 2: Get deleted groups in the directory using All parameter + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -All +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves all recoverable deleted groups in the directory, using All parameter. + +### Example 3: Get top two deleted groups + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -Top 2 +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +``` + +This cmdlet retrieves top two deleted groups in the directory. + +### Example 4: Get deleted groups containing string 'test2' + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -SearchString 'test2' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} +test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} +test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, containing the specified string. + +### Example 5: Get deleted groups filter by display name + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -Filter "displayName eq 'test21'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves deleted groups in the directory, having the specified display name. + +### Example 6: Get deleted group by GroupId + +```powershell +Connect-Entra -Scopes 'Group.Read.All' +Get-EntraDeletedGroup -GroupId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} +``` + +This cmdlet retrieves the deleted group specified by GroupId. + +- `-GroupId` parameter specifies the deleted group GroupId. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The GroupId of the deleted group to be retrieved. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDeviceRegisteredUser.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md new file mode 100644 index 0000000000..a771858b4b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration.md @@ -0,0 +1,106 @@ +--- +title: Get-EntraDirSyncConfiguration +description: This article provides details on the Get-EntraDirSyncConfiguration command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDirSyncConfiguration + +schema: 2.0.0 +--- + +# Get-EntraDirSyncConfiguration + +## Synopsis + +Gets the directory synchronization settings. + +## Syntax + +```powershell +Get-EntraDirSyncConfiguration + [-TenantId ] + [] +``` + +## Description + +The `Get-EntraDirSyncConfiguration` cmdlet gets the directory synchronization settings. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Get directory synchronization settings + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraDirSyncConfiguration +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings. + +### Example 2: Get directory synchronization settings by TenantId + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All' +Get-EntraDirSyncConfiguration -TenantId 'aaaabbbb-0000-cccc-1111-dddd2222eeee' +``` + +```Output +AccidentalDeletionThreshold DeletionPreventionType +--------------------------- ---------------------- + 500 enabledForCount +``` + +This example gets directory synchronization settings by TenantId. + +- `-TenantId` Specifies the unique ID of the tenant. + +## Parameters + +### -TenantId + +The unique ID of the tenant for the operation. If TenantId isn't provided, it defaults to the current user's tenant. This parameter applies only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.Nullable`1[[System.Guid, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] + +## Outputs + +## Notes + +## Related Links + +[Set-EntraDirSyncConfiguration](Set-EntraDirSyncConfiguration.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md new file mode 100644 index 0000000000..6b0d0dcab6 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirSyncFeature.md @@ -0,0 +1,153 @@ +--- +title: Get-EntraDirSyncFeature +description: This article provides details on the Get-EntraDirSyncFeature command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraDirSyncFeature + +schema: 2.0.0 +--- + +# Get-EntraDirSyncFeature + +## Synopsis + +Checks the status of directory synchronization features for a tenant. + +## Syntax + +```powershell +Get-EntraDirSyncFeature + [-TenantId ] + [-Feature ] + [] +``` + +## Description + +The `Get-EntraDirSyncFeature` cmdlet checks the status of directory synchronization features for a tenant. + +Some of the features that can be used with this cmdlet include: + +- **DeviceWriteback** +- **DirectoryExtensions** +- **DuplicateProxyAddressResiliency** +- **DuplicateUPNResiliency** +- **EnableSoftMatchOnUpn** +- **PasswordSync** +- **SynchronizeUpnForManagedUsers** +- **UnifiedGroupWriteback** +- **UserWriteback** + +The cmdlet can be run without specifying any features, in which case it returns a list of all features and their enabled or disabled status. + +For delegated scenarios, the user needs to be assigned the Global Administrator role. + +## Examples + +### Example 1: Return a list of all directory synchronization features + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraDirSyncFeature +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False BlockCloudObjectTakeoverThroughHardMatch + False BlockSoftMatch + False BypassDirSyncOverrides + False CloudPasswordPolicyForPasswordSyncedUsers + False ConcurrentCredentialUpdate + True ConcurrentOrgIdProvisioning + False DeviceWriteback + False DirectoryExtensions + False FopeConflictResolution + False GroupWriteBack + False PasswordSync + False PasswordWriteback + True QuarantineUponProxyAddressesConflict + True QuarantineUponUpnConflict + True SoftMatchOnUpn + True SynchronizeUpnForManagedUsers + False UnifiedGroupWriteback + False UserForcePasswordChangeOnLogon + False UserWriteback +``` + +This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False). + +### Example 2: Return the PasswordSync feature status + +```powershell +Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All' +Get-EntraDirSyncFeature -Feature 'PasswordSync' +``` + +```Output +Enabled DirSyncFeature +------- -------------- + False PasswordSync +``` + +This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant. + +- `-Feature` specifies the directory synchronization feature to check the status of. + +## Parameters + +### -TenantId + +The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Feature + +The directory synchronization feature to check the status of. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Set-EntraDirSyncFeature](Set-EntraDirSyncFeature.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRole.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRole.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRole.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRole.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleTemplate.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleTemplate.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleTemplate.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDirectoryRoleTemplate.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomain.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomain.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomain.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomain.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainFederationSettings.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainFederationSettings.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainFederationSettings.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainFederationSettings.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainNameReference.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainNameReference.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainNameReference.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainNameReference.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainServiceConfigurationRecord.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainServiceConfigurationRecord.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainServiceConfigurationRecord.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainServiceConfigurationRecord.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainVerificationDnsRecord.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainVerificationDnsRecord.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainVerificationDnsRecord.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraDomainVerificationDnsRecord.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraEnvironment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraEnvironment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraEnvironment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraEnvironment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraExtensionProperty.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraExtensionProperty.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraExtensionProperty.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraExtensionProperty.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFederationProperty.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFederationProperty.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFederationProperty.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraFederationProperty.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md new file mode 100644 index 0000000000..62d509e6c3 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroup.md @@ -0,0 +1,309 @@ +--- +title: Get-EntraGroup +description: This article explains the Get-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroup + +schema: 2.0.0 +--- + +# Get-EntraGroup + +## Synopsis + +Gets a group. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraGroup + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraGroup + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraGroup + -GroupId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroup` cmdlet gets a group in Microsoft Entra ID. Specify the `ObjectId` parameter to get a specific group. + +## Examples + +### Example 1: Get all groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup +``` + +```Output +DisplayName Id MailNickname Description +----------- -- ------------ ----------- +SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName +SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName +testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 +My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group +SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName +``` + +This example demonstrates how to get all groups from Microsoft Entra ID. + +### Example 2: Get a specific group by using an GroupId + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -GroupId 'pppppppp-4444-0000-8888-yyyyyyyyyyyy' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneaglegroup Crimson Eagle Group {Unified} +``` + +This example demonstrates how to retrieve specific group by providing ID. + +### Example 3: Get top five groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -Top 5 +``` + +```Output +DisplayName Id MailNickname Description +----------- -- ------------ ----------- +Contoso Group hhhhhhhh-3333-5555-3333-qqqqqqqqqqqq contosogroup Contoso Group +Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneagle Crimson Eagle Group +Bold Falcon tttttttt-0000-3333-9999-mmmmmmmmmmmm boldfalcon Bold Falcon Group +Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda +Misty Fox kkkkkkkk-3333-5555-1111-nnnnnnnnnnnn mistyfox Misty Fox Group +``` + +This example demonstrates how to get top five groups. + +### Example 4: Get a group by DisplayName + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda {Unified} +``` + +In this example, we retrieve group using the Display Name. + +### Example 5: Get groups that contain a search string + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroup -SearchString 'New' +``` + +```Output +DisplayName Id MailNickname Description GroupTypes +----------- -- ------------ ----------- ---------- +New Sparkling Deer bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq newsparklingdeer New Sparkling Deer Group {Unified} +New Golden Fox xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb newgoldenfox New Golden Fox {DynamicMembership} +``` + +This example demonstrates how to retrieve groups that include the text new in their display names from Microsoft Entra ID. + +### Example 6: Listing ownerless groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraGroup -All +$groupsWithoutOwners = foreach ($group in $allGroups) { + $owners = Get-EntraGroupOwner -ObjectId $group.Id + if ($owners.Count -eq 0) { + $group + } +} +$groupsWithoutOwners | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without owners. By identifying ownerless groups, IT admins can improve overall governance and operational efficiency. + +### Example 7: Listing empty groups + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$allGroups = Get-EntraGroup -All +$groupsWithoutMembers = foreach ($group in $allGroups) { + $members = Get-EntraGroupMember -ObjectId $group.Id + if ($members.Count -eq 0) { + $group + } +} +$groupsWithoutMembers | Format-Table DisplayName, Id, GroupTypes +``` + +```Output +DisplayName Id GroupTypes +----------- -- ---------- +My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} +HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {} +``` + +This example demonstrates how to retrieve groups without members. By identifying memberless groups, IT admins can identify and clean up unused or obsolete groups that no longer serve a purpose. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +The unique identifier of a group in Microsoft Entra ID (GroupId) + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraGroup](New-EntraGroup.md) + +[Remove-EntraGroup](Remove-EntraGroup.md) + +[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..724b696cec --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment.md @@ -0,0 +1,181 @@ +--- +title: Get-EntraGroupAppRoleAssignment +description: This article provides details on the Get-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraGroupAppRoleAssignment + +## Synopsis + +Gets a group application role assignment. + +## Syntax + +```powershell +Get-EntraGroupAppRoleAssignment + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupAppRoleAssignment` cmdlet gets a group application role assignment in Microsoft Entra ID. Specify the `GroupId` parameter to get a group application role assignment. + +## Examples + +### Example 1: Retrieve application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$GroupId = (Get-EntraGroup -Top 1).ObjectId +Get-EntraGroupAppRoleAssignment -GroupId $GroupId +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves the application role assignments of a group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 2: Retrieve all application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraGroupAppRoleAssignment -GroupId 'ffffffffff-7777-9999-7777-vvvvvvvvvvv' -All +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR +``` + +This example retrieves all application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +### Example 3: Retrieve top two application role assignments of a group + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraGroupAppRoleAssignment -GroupId 'ffffffffff-7777-9999-7777-vvvvvvvvvvv' -Top 2 +``` + +```Output +ObjectId ResourceDisplayName PrincipalDisplayName +-------- ------------------- -------------------- +MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR +MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR +``` + +This example retrieves top two application role assignments of the specified group. + +- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) + +[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..9df4ac2bb7 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy.md @@ -0,0 +1,134 @@ +--- +title: Get-EntraGroupLifecyclePolicy +description: This article provides details on the Get-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Get-EntraGroupLifecyclePolicy + +## Synopsis + +Retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraGroupLifecyclePolicy + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupLifecyclePolicy` command retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. Specify the `-GroupLifecyclePolicyId` parameter to get the group lifecycle policy. +If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. + +## Examples + +### Example 1: Retrieve all groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraGroupLifecyclePolicy +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +eeeeeeee-4444-5555-6666-ffffffffffff example@contoso.com 200 Selected +``` + +This example demonstrates how to retrieve the properties and relationships of all groupLifecyclePolicies in Microsoft Entra ID. + +### Example 2: Retrieve properties of an groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId '1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 Selected +``` + +This command is used to retrieve a specific Microsoft Group Lifecycle Policy. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md new file mode 100644 index 0000000000..bdd0673a08 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md @@ -0,0 +1,214 @@ +--- +title: Get-EntraGroupMember +description: This article provides details on the Get-EntraGroupMember command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupMember + +schema: 2.0.0 +--- + +# Get-EntraGroupMember + +## Synopsis + +Gets a member of a group. + +## Syntax + +```powershell +Get-EntraGroupMember + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupMember` cmdlet gets a member of a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a member of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: `microsoft.directory/groups/members/read`, `microsoft.directory/groups/members/limitedRead`, or `microsoft.directory/groups/hiddenMembers/read` (for hidden members). The following least privileged roles support this operation: + +- Group owners +- "Member" users +- "Guest" users (with limited read permissions) +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator (includes hidden members) +- Exchange Administrator (includes hidden members) +- SharePoint Administrator (includes hidden members) +- Intune Administrator (includes hidden members) +- Teams Administrator (includes hidden members) +- Yammer Administrator (includes hidden members) + +To list members of a hidden group, the `Member.Read.Hidden` permission is also required. + +## Examples + +### Example 1: Get a group member by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupMember -GroupId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-7777-8888-9999-cccccccccccc +``` + +This example demonstrates how to retrieve group member by ID. + +- `-GroupId` Specifies the ID of a group. + +### Example 2: Get two group member + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupMember -GroupId 'hhhhhhhh-8888-9999-8888-cccccccccccc' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +00aa00aa-bb11-cc22-dd33-44ee44ee44ee +11bb11bb-cc22-dd33-ee44-55ff55ff55ff +``` + +This example demonstrates how to retrieve top two groups from Microsoft Entra ID. + +- `-GroupId` specifies the ID of a group. + +### Example 3: Get all members within a group by group ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupMember -GroupId 'tttttttt-0000-2222-0000-aaaaaaaaaaaa' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +dddddddd-3333-4444-5555-eeeeeeeeeeee +eeeeeeee-4444-5555-6666-ffffffffffff +aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb +bbbbbbbb-7777-8888-9999-cccccccccccc +cccccccc-8888-9999-0000-dddddddddddd +``` + +This example retrieves all members within a group by group ID. + +- `-GroupId` specifies the ID of a group. + +### Example 4: Retrieve and Select Group Member Properties + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupMember -GroupId 'tttttttt-0000-2222-0000-aaaaaaaaaaaa' | Select-Object DisplayName, '@odata.type' +``` + +```Output +displayName @odata.type +----------- ----------- +test1 #microsoft.graph.user +test2 #microsoft.graph.user +test2 #microsoft.graph.servicePrincipal +test3 #microsoft.graph.servicePrincipal +``` + +This example retrieves the members of a specified group by its `GroupId` and selects only the `DisplayName` and `@odata.type` properties for each member. + +- `-GroupId` specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupMember](Add-EntraGroupMember.md) + +[Remove-EntraGroupMember](Remove-EntraGroupMember.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md new file mode 100644 index 0000000000..340e3463a9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupOwner.md @@ -0,0 +1,189 @@ +--- +title: Get-EntraGroupOwner +description: This article provides details on the Get-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraGroupOwner + +schema: 2.0.0 +--- + +# Get-EntraGroupOwner + +## Synopsis + +Gets an owner of a group. + +## Syntax + +```powershell +Get-EntraGroupOwner + -GroupId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraGroupOwner` cmdlet gets an owner of a group in Microsoft Entra ID. Specify `GroupId` parameter gets an owner of a group. + +In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/owners/read` permission. The following least privileged roles support this operation: + +- Group owners +- Directory Readers +- Directory Writers +- Groups Administrator +- User Administrator + +## Examples + +### Example 1: Get a group owner by ID + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupOwner -GroupId 'vvvvvvvv-7777-9999-7777-jjjjjjjjjjjj' +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve the owner of a specific group. + +- `-GroupId` Parameter specifies the ID of a group. + +### Example 2: Gets all group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupOwner -GroupId 'zzzzzzzz-6666-8888-9999-pppppppppppp' -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +dddddddd-3333-4444-5555-eeeeeeeeeeee +``` + +This example demonstrates how to retrieve the all owner of a specific group. + +- `-GroupId` Parameter specifies the ID of a group. + +### Example 3: Gets two group owners + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +Get-EntraGroupOwner -GroupId 'vvvvvvvv-8888-9999-0000-jjjjjjjjjjjj' -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example demonstrates how to retrieve the top two owners of a specific group. + +- `-GroupId` parameter specifies the ID of a group. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupOwner](Add-EntraGroupOwner.md) + +[Remove-EntraGroupOwner](Remove-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupPermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupPermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupPermissionGrant.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupPermissionGrant.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraIdentityProvider.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraIdentityProvider.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraIdentityProvider.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..1555496573 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup.md @@ -0,0 +1,105 @@ +--- +title: Get-EntraLifecyclePolicyGroup +description: This article provides details on the Get-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Get-EntraLifecyclePolicyGroup + +## Synopsis + +Retrieves the lifecycle policy object to which a group belongs. + +## Syntax + +```powershell +Get-EntraLifecyclePolicyGroup + -GroupId + [-Property ] + [] +``` + +## Description + +The `Get-EntraLifecyclePolicyGroup` retrieves the lifecycle policy object to which a group belongs. Specify the `-GroupId` parameter to get the lifecycle policy object to which a group belongs. + +## Examples + +### Example 1: Retrieve lifecycle policy object + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraLifecyclePolicyGroup -GroupId 'bbbbbbbb-1111-2222-3333-cccccccccccc' +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +bbbbbbbb-1111-2222-3333-cccccccccccc admingroup@contoso.com 200 All +``` + +This example demonstrates how to retrieve lifecycle policy object by Id in Microsoft Entra ID. + +- `-GroupId` - specifies the ID of a group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraNamedLocationPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md new file mode 100644 index 0000000000..7d77a9299d --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md @@ -0,0 +1,190 @@ +--- +title: Get-EntraOAuth2PermissionGrant +description: This article provides details on the Get-EntraOAuth2PermissionGrant Command. + + +ms.topic: reference +ms.date: 10/16/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraOAuth2PermissionGrant + +## Synopsis + +Gets OAuth2PermissionGrant entities. + +## Syntax + +```powershell +Get-EntraOAuth2PermissionGrant + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraOAuth2PermissionGrant` cmdlet gets OAuth2PermissionGrant entities in Microsoft Entra ID. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported for this operation: + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader + +## Examples + +### Example 1: Get the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets the OAuth2 permission grants. + +### Example 2: Get all the OAuth2 permission grants + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read +H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read +``` + +This command gets all the OAuth2 permission grants. + +### Example 3: Get OAuth2 permission grants for a user in a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'" +Get-EntraOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List +``` + +```Output +ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +ClientId : 22223333-cccc-4444-dddd-5555eeee6666 +ConsentType : Principal +Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2 +PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222 +ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 +Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All +AdditionalProperties : {} +``` + +This example gets the OAuth2 permission grants for a user in a service principal. + + +### Example 4: Get top 2 OAuth2 permission grants record + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraOAuth2PermissionGrant -Top 2 +``` + +```output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All +C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read +``` + +This command retrieves the top 2 OAuth2 permission grant records. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) +[New-EntraOAuth2PermissionGrant](New-EntraOauth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectByObjectId.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectByObjectId.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectByObjectId.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectByObjectId.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md new file mode 100644 index 0000000000..3973de997e --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraObjectSetting.md @@ -0,0 +1,252 @@ +--- +title: Get-EntraObjectSetting +description: This article provides details on the Get-EntraObjectSetting command. + + +ms.topic: reference +ms.date: 07/03/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraObjectSetting +schema: 2.0.0 +--- + +# Get-EntraObjectSetting + +## Synopsis + +Gets an object setting. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraObjectSetting + [-Top ] + [-All] + -TargetType + -TargetObjectId + [] +``` + +### GetById + +```powershell +Get-EntraObjectSetting + -Id [-All] + -TargetType + -TargetObjectId + [] +``` + +## Description + +The `Get-EntraObjectSetting` cmdlet retrieves an object setting from Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraObjectSetting @params +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 2: Retrieve a specific object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' + Id ='aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +} +Get-EntraObjectSetting @params +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves Specific object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. +- `-Id` Parameter specifies the ID of a settings object. + +### Example 3: Retrieve top one object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraObjectSetting @params -Top 1 +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves top one object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +### Example 4: Retrieve all object setting from Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +$params = @{ + TargetType = 'Groups' + TargetObjectId = 'aaaaaaaa-1111-1111-1111-000000000000' +} +Get-EntraObjectSetting @params -All +``` + +```Output +Id DisplayName TemplateId +-- ----------- ---------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa +``` + +This command retrieves all records of object setting from Microsoft Entra ID. + +- `-TargetType` Parameter specifies the target type. +- `-TargetObjectId` Parameter specifies the ID of the target object. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +Specifies the ID of a settings object. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjectId + +Specifies the ID of the target object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetType + +Specifies the target type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPartnerInformation.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPartnerInformation.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPartnerInformation.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPartnerInformation.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPasswordPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPasswordPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPasswordPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPasswordPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..3d2a8293a7 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership.md @@ -0,0 +1,145 @@ +--- +title: Get-EntraScopedRoleMembership +description: This article provides details on the Get-EntraScopedRoleMembership command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Get-EntraScopedRoleMembership + +## Synopsis + +List Microsoft Entra role assignments with administrative unit scope. + +## Syntax + +```powershell +Get-EntraScopedRoleMembership + -AdministrativeUnitId + [-ScopedRoleMembershipId ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraScopedRoleMembership` cmdlet lists Microsoft Entra role assignments with an administrative unit scope. Use the `ObjectId` parameter to retrieve a specific scoped role membership. + +## Examples + +### Example 1: Get Scoped Role Administrator + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + ScopedRoleMembershipId = 'dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc' +} +Get-EntraScopedRoleMembership @params +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example gets scoped role administrator. You cane use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the scoped role membership Id. + +### Example 2: List scoped administrators for administrative unit by ObjectId + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Get-EntraScopedRoleMembership -ObjectId $AdministrativeUnit.ObjectId +``` + +```Output +Id AdministrativeUnitId RoleId +-- -------------------- ------ +dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc aaaaaaaa-bbbb-aaaa-bbbb-cccccccccccc bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example list scoped administrators with objectId. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of a scoped role membership. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) + +[Remove-EntraScopedRoleMembership](Remove-EntraScopedRoleMembership.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md new file mode 100644 index 0000000000..3f6ed52f43 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipal.md @@ -0,0 +1,369 @@ +--- +title: Get-EntraServicePrincipal +description: This article provides details on the Get-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipal + +## Synopsis + +Gets a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraServicePrincipal + [-Top ] + [-All] + [-Filter ] + [-Property ] + [] +``` + +### GetVague + +```powershell +Get-EntraServicePrincipal + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraServicePrincipal + -ServicePrincipalId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipal` cmdlet gets a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve all service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal +``` + +```Output +ObjectId AppId DisplayName +-------- ----- ----------- +bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 Demo App +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 Demo Two App +dddddddd-3333-4444-5555-eeeeeeeeeeee 33334444-dddd-5555-eeee-6666ffff7777 ProjectWorkManagement +``` + +This example retrieves all service principals from the directory. + +### Example 2: Retrieve a service principal by ServicePrincipalId + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -ServicePrincipalId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This command retrieves specific service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve all service principals from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -All +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +ProvisioningPowerBi cccccccc-2222-3333-4444-dddddddddddd 22223333-cccc-4444-dddd-5555eeee6666 Application +``` + +This example retrieves all service principals from the directory. + +### Example 4: Retrieve top two service principal from the directory + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Top 2 +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +Microsoft Device Management Checkin bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 AzureADMultipleOrgs Application +``` + +This command retrieves top two service principals from the directory. + +### Example 5: Get a service principal by display name + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "DisplayName eq 'M365 License Manager'" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a service principal by its display name. + +### Example 6: Retrieve a list of all service principal, which has a display name that contains "M365 License Manager" + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -SearchString 'M365 License Manager' +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +M365 License Manager aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMultipleOrgs Application +``` + +This example gets a list of service principal, which has the specified display name. + +### Example 7: Retrieve all Enterprise apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryIntegratedApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Enterprise App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +Enterprise App2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all enterprise apps. + +### Example 8: Retrieve all App proxy apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'WindowsAzureActiveDirectoryOnPremApp')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App proxy 1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +App proxy 2 11112222-bbbb-3333-cccc-4444dddd5555 22223333-cccc-4444-dddd-5555eeee6666 AzureADMultipleOrgs Application +``` + +This example demonstrates how to retrieve all app proxy apps. + +### Example 9: Retrieve all disabled apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "accountEnabled eq false" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Disabled App1 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all disabled apps. + +### Example 10: Retrieve all Global Secure Access apps + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -Filter "tags/Any(x: x eq 'PrivateAccessNonWebApplication') or tags/Any(x: x eq 'NetworkAccessManagedApplication')" +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Global secure access app 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all Global secure access apps. + +### Example 11: List all applications without user assignment + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +Get-EntraServicePrincipal -All | Where-Object {$_.appRoleAssignmentRequired -ne 'true'} +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +App without user assignment 00001111-aaaa-2222-bbbb-3333cccc4444 33334444-dddd-5555-eeee-6666ffff7777 Application +``` + +This example demonstrates how to retrieve all applications without user assignment. + +### Example 12: List all SAML application details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "PreferredSingleSignOnMode eq 'saml'" +$servicePrincipal | Select-Object Id, DisplayName, AccountEnabled, AppId, PreferredSingleSignOnMode, AppRoleAssignmentRequired, SignInAudience, NotificationEmailAddresses, PreferredTokenSigningKeyEndDateTime, PreferredTokenSigningKeyValid, ReplyUrls,LoginUrl, LogoutUrl | Format-Table -AutoSize +``` + +```Output +Id DisplayName AccountEnabled AppId PreferredSingleSignOnMode AppRoleAssignmentRequired SignInAudience NotificationEmailAddresses +-- ----------- -------------- ----- ------------------------- ------------------------- -------------- -------------- +00001111-aaaa-2222-bbbb-3333cccc4444 SAML App True 33334444-dddd-5555-eeee-6666ffff7777 saml True AzureADMyOrg {admin@Contoso} +``` + +This example demonstrates how to retrieve all SAML application details. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetVague +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md new file mode 100644 index 0000000000..891274acdb --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo.md @@ -0,0 +1,188 @@ +--- +title: Get-EntraServicePrincipalAppRoleAssignedTo +description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignedTo command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignedTo + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalAppRoleAssignedTo + +## Synopsis + +Gets app role assignments for this app or service, granted to users, groups and other service principals. + +## Syntax + +```powershell +Get-EntraServicePrincipalAppRoleAssignedTo + -ServicePrincipalId + [-All ] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalAppRoleAssignedTo` cmdlet gets app role assignments for this app or service, granted to users, groups and other service principals. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the app role assignments + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + $ServicePrincipalId = (Get-EntraServicePrincipal -Top 1).ObjectId + Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId $ServicePrincipalId +``` + +This example shows how to get app role assignments for an app or service, granted to users, groups and other service principals. + +- The first command gets the ID of a service principal and stores it in the $ServicePrincipalId variable. + +- The second command gets the app role assignments for the service principal granted to users, groups and other service principals. + +### Example 2: Get all app role assignments + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId 00001111-aaaa-2222-bbbb-3333cccc4444 -All +``` + +```output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets the all app role assignments for the service principal granted to users, groups and other service principals. + +### Example 3: Get five app role assignments + +```powershell + Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId 00001111-aaaa-2222-bbbb-3333cccc4444 -Top 5 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets the five app role assignments for the service principal granted to users, groups and other service principals. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.Nullable\`1\[\[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] System.Nullable\`1\[\[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\]\] + +## Outputs + +### System.Object + +## Notes + +`Get-EntraServiceAppRoleAssignedTo` is an alias for `Get-EntraServicePrincipalAppRoleAssignedTo`. + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..971849856a --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,192 @@ +--- +title: Get-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the Get-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Gets a service principal application role assignment. + +## Syntax + +```powershell +Get-EntraServicePrincipalAppRoleAssignment + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalAppRoleAssignment` cmdlet gets a role assignment for a service principal application in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Retrieve the application role assignments for a service principal + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + $ServicePrincipalId = (Get-EntraServicePrincipal -Top 1).ObjectId + Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $ServicePrincipalId +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName +--------------- -- --------- --------------- -------------------- ----------- ------------- ------------------- + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 29-02-2024 05:53:00 Ask HR aaaaaaaa-bbbb-cccc-1111-222222222222 Group M365 License Manager +``` + +This command gets application role assignments for specified service principal. + +- The first command gets the ID of a service principal by using the Get-EntraServicePrincipal (./Get-EntraServicePrincipal.md) cmdlet. The command stores the ID in the $ServicePrincipalId variable. + +- The second command gets the application role assignments for the service principal in identified by $ServicePrincipalId. + +### Example 2: Retrieve all application role assignments for a service principal + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId '00001111-aaaa-2222-bbbb-3333cccc4444' -All +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 4dddddd4-5ee5-6ff6-7aa7-8bbbbbbbbbb8 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 5eeeeee5-6ff6-7aa7-8bb8-9cccccccccc9 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:39 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets all application role assignments for specified service principal. + +### Example 3: Retrieve the top five application role assignments for a service principal + +```powershell + Connect-Entra -Scopes 'Application.Read.All' + Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId '00001111-aaaa-2222-bbbb-3333cccc4444' -Top 3 +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + 1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:41 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:38 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 + 3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 20/10/2023 17:03:37 Entra-App-Testing aaaaaaaa-bbbb-cccc-1111-222222222222 +``` + +This command gets three application role assignments for specified service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +The maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Get-EntraServiceAppRoleAssignment` is an alias for `Get-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) + +[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md new file mode 100644 index 0000000000..8a607194b9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject.md @@ -0,0 +1,155 @@ +--- +title: Get-EntraServicePrincipalCreatedObject +description: This article provides details on the Get-EntraServicePrincipalCreatedObject command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalCreatedObject + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalCreatedObject + +## Synopsis + +Get objects created by a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalCreatedObject + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalCreatedObject` cmdlet gets an object created by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the objects that created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +This example gets objects created by the service principal identified by $ServicePrincipalId. You can use the command `Get-EntraServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve the all objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +This example demonstrates how to get the all object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve the top two objects created by a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalCreatedObject -ServicePrincipalId $ServicePrincipal.ObjectId -Top 2 +``` + +This example demonstrates how to get the top two object created by a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..a236c7769c --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,204 @@ +--- +title: Get-EntraServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Get-EntraServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Retrieve the delegated permission classification objects on a service principal. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + [-Filter ] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalDelegatedPermissionClassification` cmdlet retrieves the delegated permission classifications from a service principal. + +## Examples + +### Example 1: Get a list of delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId +} +Get-EntraServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +cccccccc-8888-9999-0000-dddddddddddd low dddd3333-ee44-5555-66ff-777777aaaaaa profile +``` + +This command retrieves all delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. + +### Example 2: Get a delegated permission classifications + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + Id = '5XBeIKarUkypdm0tRsSAQwE' +} +Get-EntraServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +### Example 3: Get a delegated permission classification with filter + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + Filter = "PermissionName eq 'Sites.Read.All'" +} +Get-EntraServicePrincipalDelegatedPermissionClassification @params +``` + +```Output +Id Classification PermissionId PermissionName +-- -------------- ------------ -------------- +bbbbbbbb-7777-8888-9999-cccccccccccc low eeeeeeee-4444-5555-6666-ffffffffffff Sites.Read.All +``` + +This command retrieves the filtered delegated permission classifications from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. Use `Get-EntraServicePrincipal` to get more details. +- `-Id` parameter specifies the delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Filter + +The OData v4.0 filter statement. +Controls which objects are returned. + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.DelegatedPermissionClassification + +## Notes + +## Related Links + +[Remove-EntraServicePrincipalDelegatedPermissionClassification](Remove-EntraServicePrincipalDelegatedPermissionClassification.md) + +[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..3dcf28a491 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential.md @@ -0,0 +1,91 @@ +--- +title: Get-EntraServicePrincipalKeyCredential +description: This article provides details on the Get-EntraServicePrincipalKeyCredential Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalKeyCredential + +## Synopsis + +Get key credentials for a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalKeyCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraServicePrincipalKeyCredential` cmdlet gets the key credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the key credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Key KeyId StartDateTime Type Usage +------------------- ----------- ----------- --- ----- ------------- ---- ----- + 08-02-2025 09:57:08 68b45e27-fef8-4f0d-bc7a-76bd949c16d1 08-02-2024 09:57:08 Symmetric Sign +``` + +This example retrieves the key credentials for specified service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal object Id. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the application for which to get the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) + +[Remove-EntraServicePrincipalKeyCredential](Remove-EntraServicePrincipalKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md new file mode 100644 index 0000000000..4fcb1f99c2 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership.md @@ -0,0 +1,178 @@ +--- +title: Get-EntraServicePrincipalMembership +description: This article provides details on the Get-EntraServicePrincipalMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalMembership + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalMembership + +## Synopsis + +Get a service principal membership. + +## Syntax + +```powershell +Get-EntraServicePrincipalMembership + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalMembership` cmdlet gets the memberships of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +``` + +This cmdlet retrieves a specified service principal memberships in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal ID. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 2: Retrieve all memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 +33334444-dddd-5555-eeee-6666ffff7777 +``` + +This command gets all memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +### Example 3: Retrieve top two memberships of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalMembership -ServicePrincipalId $ServicePrincipal.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +11112222-aaaa-3333-bbbb-4444cccc5555 +22223333-cccc-4444-dddd-5555eeee6666 + +``` + +This command gets top two memberships of a specified service principal. + +- `-ServicePrincipalId` parameter specifies the service principal ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md new file mode 100644 index 0000000000..aaa8e79db5 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.md @@ -0,0 +1,169 @@ +--- +title: Get-EntraServicePrincipalOAuth2PermissionGrant +description: This article provides details on the Get-EntraServicePrincipalOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOAuth2PermissionGrant + +## Synopsis + +Gets an oAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraServicePrincipalOAuth2PermissionGrant +-ServicePrincipalId +[-All] +[-Top ] +[-Property ] +[] +``` + +## Description + +The `Get-EntraServicePrincipalOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +ServicePrincipalId = (Get-EntraServicePrincipal -Top 1).ObjectId +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId $ServicePrincipalId +``` + +```output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +### Example 2: Get all OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId '00001111-aaaa-2222-bbbb-3333cccc4444' -All +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals A1bC2dE3f... openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 996d39aa-fdac-4d97-aa3d-c81fb47362ac aaaaaaaa-bbbb-cccc-1111-222222222222 PrivilegedAccess... +``` + +This example demonstrates how to get all oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +### Example 3: Get two OAuth2 permission grants of a service principal + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId '00001111-aaaa-2222-bbbb-3333cccc4444' -Top 2 +``` + +```Output +Id ClientId ConsentType PrincipalId ResourceId Scope +-- -------- ----------- ----------- ---------- ----- +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +A1bC2dE3f... 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 412be9d1-1460-4061-8eed-cca203fcb215 aaaaaaaa-bbbb-cccc-1111-222222222222 openid profile U... +``` + +This example demonstrates how to get top two oAuth2PermissionGrant object for a service principal in Microsoft Entra ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md new file mode 100644 index 0000000000..890f1d9a67 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject.md @@ -0,0 +1,195 @@ +--- +title: Get-EntraServicePrincipalOwnedObject +description: This article provides details on the Get-EntraServicePrincipalOwnedObject Command. + + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwnedObject + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOwnedObject + +## Synopsis + +Gets an object owned by a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalOwnedObject + [-All] + -ServicePrincipalId + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalOwnedObject` cmdlet retrieves an object owned by a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +The command retrieves the owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 2: Retrieve the all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipalId = (Get-EntraServicePrincipal -Filter "DisplayName eq ''").ObjectId +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipalId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example retrieves an object owned by a service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get service principal Id. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 2: Retrieve all owned objects of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +The command receives the all owned objects of a service principal. + +- `-ServicePrincipalId` Parameter specifies the ID of a service principal. + +### Example 3: Retrieve top one owned object of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwnedObject -ServicePrincipalId $ServicePrincipal.ObjectId -Top 1 +``` + +```Output +Id DeletedDateTime +-- --------------- +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This example retrieves the top one owned object of a specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..2270323cb2 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner.md @@ -0,0 +1,217 @@ +--- +title: Get-EntraServicePrincipalOwner +description: This article provides details on the Get-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalOwner + +## Synopsis + +Get the owner of a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalOwner + -ServicePrincipalId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraServicePrincipalOwner` cmdlet gets the owners of a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the owner of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This example gets the owners of a specified service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 2: Retrieve all the owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +cccccccc-2222-3333-4444-dddddddddddd +``` + +This command gets all the owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 3: Retrieve top two owners of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -Top 2 +``` + +```Output +Id DeletedDateTime +-- --------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +bbbbbbbb-1111-2222-3333-cccccccccccc +``` + +This command gets top two owners of a service principal. You can use the command `Get-EntraServicePrincipal` to get service principal object ID. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. + +### Example 4: Retrieve service principal owner details + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +# Get the owners of the service principal +$owners = Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All +$result = @() + +# Loop through each owner and get their UserPrincipalName and DisplayName +foreach ($owner in $owners) { + $userId = $owner.Id + $user = Get-EntraUser -UserId $userId + $userDetails = [PSCustomObject]@{ + Id = $owner.Id + UserPrincipalName = $user.UserPrincipalName + DisplayName = $user.DisplayName + } + $result += $userDetails +} + +# Output the result in a table format +$result | Format-Table -AutoSize +``` + +```Output +Id UserPrincipalName DisplayName +-- ----------------- ----------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@contoso.com Alex Wilber +bbbbbbbb-1111-2222-3333-cccccccccccc AdeleV@contoso.com Adele Vance +``` + +This example shows how to retrieve more details of a service principal owner such as displayName, userPrincipalName. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipalOwner](Remove-EntraServicePrincipalOwner.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..32f7613b31 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,93 @@ +--- +title: Get-EntraServicePrincipalPasswordCredential +description: This article provides details on the Get-EntraServicePrincipalPasswordCredential Command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Get-EntraServicePrincipalPasswordCredential + +## Synopsis + +Get credentials for a service principal. + +## Syntax + +```powershell +Get-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + [] +``` + +## Description + +The `Get-EntraServicePrincipalPasswordCredential` cmdlet gets the password credentials for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Retrieve the password credential of a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $ServicePrincipal.ObjectId +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 17-04-2025 07:32:41 gjW bdf6a3df-cc9b-4612-b948-e32804ee88f7 17-04-2024 07:32:41 + 21-03-2025 08:12:08 4fl 7f4414ec-8f72-49a8-b949-70d635899656 21-03-2024 08:12:08 + 12-12-2024 08:39:07 mjl 0fff6b21-0a20-4f7c-93ba-26ed9b648344 12-12-2023 08:39:10 +``` + +This example retrieves the password credentials for specified service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the object ID of a service principal. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of the service principal for which to get password credentials. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) + +[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraSubscribedSku.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraSubscribedSku.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraSubscribedSku.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraSubscribedSku.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTenantDetail.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTenantDetail.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTenantDetail.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTenantDetail.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraTrustedCertificateAuthority.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md new file mode 100644 index 0000000000..b463aa7035 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md @@ -0,0 +1,426 @@ +--- +title: Get-EntraUser +description: This article provides details on the Get-EntraUser command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraUser + +schema: 2.0.0 +--- + +# Get-EntraUser + +## Synopsis + +Gets a user. + +## Syntax + +### GetQuery (Default) + +```powershell +Get-EntraUser + [-Filter ] + [-All] + [-Top ] + [-Property ] + [] +``` + +### GetByValue + +```powershell +Get-EntraUser + [-SearchString ] + [-All] + [-Property ] + [] +``` + +### GetById + +```powershell +Get-EntraUser + -UserId + [-All] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUser` cmdlet gets a user from Microsoft Entra ID. + +## Examples + +### Example 1: Get top three users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Top 3 +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Angel Brown cccccccc-2222-3333-4444-dddddddddddd AngelB@contoso.com AngelB@contoso.com +Avery Smith dddddddd-3333-4444-5555-eeeeeeeeeeee AveryS@contoso.com AveryS@contoso.com +Sawyer Miller eeeeeeee-4444-5555-6666-ffffffffffff SawyerM@contoso.com SawyerM@contoso.com +``` + +This example demonstrates how to get top three users from Microsoft Entra ID. + +### Example 2: Get a user by ID + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -UserId 'SawyerM@contoso.com' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller bbbbbbbb-1111-2222-3333-cccccccccccc sawyerm@tenant.com sawyerm@tenant.com +``` + +This command gets the specified user. + +- `-UserId` Specifies the ID as a user principal name (UPN) or UserId. + +### Example 3: Search among retrieved users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -SearchString 'New' +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User88 bbbbbbbb-1111-2222-3333-cccccccccccc demo99@tenant.com +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This cmdlet gets all users that match the value of SearchString against the first characters in DisplayName or UserPrincipalName. + +### Example 4: Get a user by userPrincipalName + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "userPrincipalName eq 'SawyerM@contoso.com'" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Sawyer Miller cccccccc-2222-3333-4444-dddddddddddd SawyerM@contoso.com +``` + +This command gets the specified user. + +### Example 5: Get a user by MailNickname + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "startswith(MailNickname,'Ada')" +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +Mark Adams bbbbbbbb-1111-2222-3333-cccccccccccc Adams@contoso.com Adams@contoso.com +``` + +In this example, we retrieve all users whose MailNickname starts with Ada. + +### Example 6: Get SignInActivity of a User + +```powershell +Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' +Get-EntraUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -ExpandProperty 'SignInActivity' +``` + +```Output +lastNonInteractiveSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInRequestId : cccccccc-2222-3333-4444-dddddddddddd +lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM +lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM +lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa +lastSignInDateTime : 9/7/2024 9:15:41 AM +``` + +This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. + +### Example 7: List users with disabled accounts + +```powershell +Connect-Entra -Scopes 'User.Read.All' +Get-EntraUser -Filter "accountEnabled eq false" | Select-Object DisplayName, Id, Mail, UserPrincipalName +``` + +```Output +DisplayName Id Mail UserPrincipalName +----------- -- ---- ----------------- +New User cccccccc-2222-3333-4444-dddddddddddd NewUser@tenant.com +``` + +This example demonstrates how to retrieve all users with disabled accounts. + +### Example 8: List users based in a specific country + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$usersInCanada = Get-EntraUser -Filter "Country eq 'Canada'" +$usersInCanada | Select-Object Id, DisplayName, UserPrincipalName, OfficeLocation, Country | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName OfficeLocation Country +-- ----------- ----------------- -------------- ------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com 23/2102 Canada +``` + +This example demonstrates how to retrieve all users based in Canada. + +### Example 9: List user count per department + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$departmentCounts = Get-EntraUser -All | Group-Object -Property Department | Select-Object Name, @{Name="MemberCount"; Expression={$_.Count}} +$departmentCounts | Format-Table Name, MemberCount -AutoSize +``` + +```Output +Name MemberCount +---- ----------- + 7 +Engineering 2 +Executive Management 1 +Finance 1 +HR 1 +``` + +This example demonstrates how to retrieve user count in each department. + +### Example 10: List disabled users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$disabledUsersWithLicenses = Get-EntraUser -Filter "accountEnabled eq false" -All | Where-Object { + $_.AssignedLicenses -ne $null -and $_.AssignedLicenses.Count -gt 0 +} +$disabledUsersWithLicenses | Select-Object Id, DisplayName, UserPrincipalName, AccountEnabled | Format-Table -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AccountEnabled +-- ----------- ----------------- -------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com False +``` + +This example demonstrates how to retrieve disabled users with active licenses. + +### Example 11: Retrieve guest users with active licenses + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All +$guestUsersWithLicenses = foreach ($guest in $guestUsers) { + if ($guest.AssignedLicenses.Count -gt 0) { + [pscustomobject]@{ + Id = $guest.Id + DisplayName = $guest.DisplayName + UserPrincipalName = $guest.UserPrincipalName + AssignedLicenses = ($guest.AssignedLicenses | ForEach-Object { $_.SkuId }) -join ", " + } + } +} +$guestUsersWithLicenses | Format-Table Id, DisplayName, UserPrincipalName, AssignedLicenses -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName AssignedLicenses +-- ----------- ----------------- ---------------- +cccccccc-2222-3333-4444-dddddddddddd Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com c42b9cae-ea4f-4ab7-9717-81576235ccac +``` + +This example demonstrates how to retrieve guest users with active licenses. + +### Example 12: Retrieve users without managers + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$allUsers = Get-EntraUser -All +$usersWithoutManagers = foreach ($user in $allUsers) { + $manager = Get-EntraUserManager -ObjectId $user.Id -ErrorAction SilentlyContinue + if (-not $manager) { + [pscustomobject]@{ + Id = $user.Id + DisplayName = $user.DisplayName + UserPrincipalName = $user.UserPrincipalName + } + } +} +$usersWithoutManagers | Format-Table Id, DisplayName, UserPrincipalName -AutoSize +``` + +```Output +Id DisplayName UserPrincipalName +-- ----------- ----------------- +cccccccc-2222-3333-4444-dddddddddddd New User NewUser@tenant.com +bbbbbbbb-1111-2222-3333-cccccccccccc Sawyer Miller SawyerM@contoso.com +``` + +This example demonstrates how to retrieve users without managers. + +### Example 13: List failed sign-ins for a user + +```powershell +Connect-Entra -Scopes 'AuditLog.Read.All','Directory.Read.All' +$failedSignIns = Get-EntraAuditSignInLog -Filter "userPrincipalName eq 'SawyerM@contoso.com' and status/errorCode ne 0" +$failedSignIns | Select-Object UserPrincipalName, CreatedDateTime, Status, IpAddress, ClientAppUsed | Format-Table -AutoSize +``` + +This example demonstrates how to retrieve failed sign-ins for a user. + +### Example 14: List all guest users + +```powershell +Connect-Entra -Scopes 'User.Read.All' +$guestUsers = Get-EntraUser -Filter "userType eq 'Guest'" -All +$guestUsers | Select-Object DisplayName, UserPrincipalName, Id, createdDateTime, creationType, accountEnabled, UserState | Format-Table -AutoSize +``` + +```Output +DisplayName UserPrincipalName Id CreatedDateTime CreationType AccountEnabled UserState +----------- ----------------- -- --------------- ------------ -------------- --------- +Sawyer Miller sawyerm_gmail.com#EXT#@contoso.com bbbbbbbb-1111-2222-3333-cccccccccccc 9/13/2024 6:37:33 PM Invitation True Accepted +``` + +This example demonstrates how to retrieve list all guest users. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Filter + +Specifies an OData v4.0 filter statement. +This parameter controls which objects are returned. +Details on querying with OData can be [found here](https://learn.microsoft.com/graph/aad-advanced-queries?tabs=powershell). + +```yaml +Type: System.String +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name (UPN) or UserId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: GetById +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SearchString + +Specifies a search string. + +```yaml +Type: System.String +Parameter Sets: GetValue +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: GetQuery +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned. + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraUser](New-EntraUser.md) + +[Remove-EntraUser](Remove-EntraUser.md) + +[Set-EntraUser](Set-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAppRoleAssignment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAuthenticationMethod.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAuthenticationMethod.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAuthenticationMethod.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserAuthenticationMethod.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserCreatedObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserCreatedObject.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserCreatedObject.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserCreatedObject.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserDirectReport.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserDirectReport.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserDirectReport.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserDirectReport.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserExtension.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserExtension.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserExtension.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserExtension.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserLicenseDetail.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserLicenseDetail.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserLicenseDetail.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserLicenseDetail.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserManager.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserManager.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserManager.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserManager.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserMembership.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserMembership.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserMembership.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md new file mode 100644 index 0000000000..b69676b2e5 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant.md @@ -0,0 +1,201 @@ +--- +title: Get-EntraUserOAuth2PermissionGrant +description: This article provides details on the Get-EntraUserOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Get-EntraUserOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Get-EntraUserOAuth2PermissionGrant + +## Synopsis + +Gets an oAuth2PermissionGrant object. + +## Syntax + +```powershell +Get-EntraUserOAuth2PermissionGrant + -UserId + [-All] + [-Top ] + [-Property ] + [] +``` + +## Description + +The `Get-EntraUserOAuth2PermissionGrant` cmdlet gets an oAuth2PermissionGrant object for the specified user in Microsoft Entra ID. Specify `UserId` parameter to retrieve an oAuth2PermissionGrant object. + +In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation. + +- Application Administrator +- Application Developer +- Cloud Application Administrator +- Directory Writers +- Privileged Role Administrator +- User Administrator +- Directory Readers +- Global Reader +- Guest Inviter + +## Examples + +### Example 1: Retrieve the OAuth2 permission grants for a user + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using the ObjectId parameter. Use the `Get-EntraUser` cmdlet to obtain the `UserId` value. + +### Example 2: Retrieve the OAuth2 permission grants for a user using object ID parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using object ID parameter. + +- `-UserId` parameter specifies the user ID. + +### Example 3: Retrieve the OAuth2 permission grants for a user using All parameter + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -UserId 'SawyerM@contoso.com' -All +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +9uBzRwC0s0CFCDQN6O4Ik_fW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 11112222-bbbb-3333-cccc-4444dddd5555 Principal 13-01-2024 08:0... +``` + +This example retrieves the OAuth2 permission grants for a user using All parameter. + +- `-ObjectId` parameter specifies the user ID. + +### Example 4: Retrieve top one OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'Directory.Read.All' +Get-EntraUserOAuth2PermissionGrant -ObjectId 'SawyerM@contoso.com' -Top 1 +``` + +```Output +Id ClientId ConsentType ExpiryTime +-- -------- ----------- ---------- +HXFXwKLgoUC4rwbZbCDIdffW8XpadQNIoHik9aQxrVHR6StBYBRhQI7tzKID_LIV 00001111-aaaa-2222-bbbb-3333cccc4444 Principal 08-01-2024 10:0... +``` + +This Example Retrieve top one the OAuth2 permission grant in Microsoft Entra ID. + +- `-UserId` parameter specifies the user ID. + +## Parameters + +### -All + +List all pages. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -UserId + +Specifies the ID (as a User Principal Name or ObjectId) of a user in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Top + +Specifies the maximum number of records to return. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Property + +Specifies properties to be returned + +```yaml +Type: System.String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedObject.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedObject.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserOwnedObject.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserRegisteredDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserRegisteredDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserRegisteredDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserRegisteredDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserThumbnailPhoto.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserThumbnailPhoto.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserThumbnailPhoto.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUserThumbnailPhoto.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..f5effc7db0 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAdministrativeUnit.md @@ -0,0 +1,133 @@ +--- +title: New-EntraAdministrativeUnit +description: This article provides details on the New-EntraAdministrativeUnit command. + + +ms.topic: reference +ms.date: 07/25/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# New-EntraAdministrativeUnit + +## Synopsis + +Creates an administrative unit. + +## Syntax + +```powershell +New-EntraAdministrativeUnit + [-Description ] + -DisplayName + [] +``` + +## Description + +The `New-EntraAdministrativeUnit` cmdlet creates an administrative unit in Microsoft Entra ID. Specify `DisplayName` parameter to create an administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role that includes the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. The Privileged Role Administrator role is the least privileged role that meets this requirement. + +## Examples + +### Example 1: Create an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +New-EntraAdministrativeUnit -DisplayName 'TestAU' +``` + +```Output +DeletedDateTime Id Description DisplayName Visibility +--------------- -- ----------- ----------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc TestAU +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. + +### Example 2: Create an administrative unit using '-Description' parameter + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$params = @{ + DisplayName = 'Pacific Administrative Unit' + Description = 'Administrative Unit for Pacific region' +} + +New-EntraAdministrativeUnit @params +``` + +```Output +DeletedDateTime Id Description DisplayName IsMemberManagementRestricted Visibility +--------------- -- ----------- ----------- ---------------------------- ---------- + bbbbbbbb-1111-2222-3333-cccccccccccc Pacific Administrative Unit test111 False +``` + +This example demonstrates how to create an administrative unit. + +- `-DisplayName` parameter specifies the display name for the Administrative unit object. +- `-Description` parameter specifies a description for the Administrative unit object. + +## Parameters + +### -Description + +Specifies a description for the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name of the new administrative unit. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) + +[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplication.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplication.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplication.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..3635b5b70b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty.md @@ -0,0 +1,215 @@ +--- +title: New-EntraApplicationExtensionProperty +description: This article provides details on the New-EntraApplicationExtensionProperty command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# New-EntraApplicationExtensionProperty + +## Synopsis + +Creates an application extension property. + +## Syntax + +```powershell +New-EntraApplicationExtensionProperty + -ApplicationId + -Name + [-DataType ] + [-TargetObjects ] + [] +``` + +## Description + +The `New-EntraApplicationExtensionProperty` cmdlet creates an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Create an extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' +} + +New-EntraApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the string type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. + +### Example 2: Create an extension property with data type parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' + DataType = 'Boolean' +} + +New-EntraApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app Boolean False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {} +``` + +This command creates an application extension property of the specified data type for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-DataType` parameter specifies the data type of the value the extension property can hold. + +### Example 3: Create an extension property with targets parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +$targets = New-Object System.Collections.Generic.List[System.String] +$targets.Add('User') +$params = @{ + ApplicationId = $Application.ObjectId + Name = 'NewAttribute' + TargetObjects = $targets +} + +New-EntraApplicationExtensionProperty @params +``` + +```Output +DeletedDateTime Id AppDisplayName DataType IsSyncedFromOnPremises Name TargetObjects +--------------- -- -------------- -------- ---------------------- ---- ------------- + 11112222-bbbb-3333-cccc-4444dddd5555 My new test app String False extension_11112222-bbbb-3333-cccc-4444dddd5555_NewAttribute {User} +``` + +The example shows how to create an application extension property with the specified target objects for the specified object. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-Name` parameter specifies the name of the extension property. +- `-TargetObjects` parameter specifies the Microsoft Graph resources that use the extension property. All values must be in PascalCase. + +## Parameters + +### -DataType + +Specifies the data type of the value the extension property can hold. Following values are supported. + +- Binary - 256 bytes maximum +- Boolean +- DateTime - Must be specified in ISO 8601 format. Will be stored in UTC. +- Integer - 32-bit value. +- LargeInteger - 64-bit value. +- String - 256 characters maximum + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +Specifies the name of the extension property. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -TargetObjects + +Specifies the Microsoft Graph resources that can use the extension property. All values must be in PascalCase. The following values are supported. + +- User +- Group +- AdministrativeUnit +- Application +- Device +- Organization + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) + +[Remove-EntraApplicationExtensionProperty](Remove-EntraApplicationExtensionProperty.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md new file mode 100644 index 0000000000..3c8821a907 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate.md @@ -0,0 +1,111 @@ +--- +title: New-EntraApplicationFromApplicationTemplate +description: This article provides details on the New-EntraApplicationFromApplicationTemplate command. + + +ms.service: entra +ms.topic: reference +ms.date: 07/10/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationFromApplicationTemplate +schema: 2.0.0 +--- + +# New-EntraApplicationFromApplicationTemplate + +## Synopsis + +Add an instance of an application from the Microsoft Entra application gallery into your directory. + +## Syntax + +```powershell +New-EntraApplicationFromApplicationTemplate + -Id + -DisplayName + [] +``` + +## Description + +The `New-EntraApplicationFromApplicationTemplate` cmdlet adds an instance of an application from the Microsoft Entra application gallery into your directory. + +The application template with ID `8adf8e6e-67b2-4cf2-a259-e3dc5476c621` can be used to add a non-gallery app that you can configure different single-sign on (SSO) modes like SAML SSO and password-based SSO. + +## Examples + +### Example 1: Creates an application from application template + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DisplayName = 'ApplicationTemplate' +} +New-EntraApplicationFromApplicationTemplate @params +``` + +```Output +@odata.context servicePrincipal +-------------- ---------------- +https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.applicationServicePrincipal @{oauth2PermissionScopes=System.Object[]; servicePrincipalType=Application; displ...} +``` + +This command instantiates a new application based on application template referenced by the ID. + +- `-Id` specifies Application TemplateId. +- `-DisplayName` specifies application template display name. + +## Parameters + +### -Id + +The Id parameter specifies Application TemplateId. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -DisplayName + +Application template display name. + +```yaml +Type: System.ApplicationTemplateDisplayName +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +### Microsoft.Online.Administration.ApplicationTemplateCopy + +## Notes + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md new file mode 100644 index 0000000000..0f5ed02cf9 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKey.md @@ -0,0 +1,155 @@ +--- +title: New-EntraApplicationKey +description: This article provides details on the New-EntraApplicationKey command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationKey + +schema: 2.0.0 +--- + +# New-EntraApplicationKey + +## Synopsis + +Adds a new key to an application. + +## Syntax + +```powershell +New-EntraApplicationKey + -ObjectId + -KeyCredential + -PasswordCredential ] + -Proof + [] +``` + +## Description + +Adds a new key to an application. + +## Examples + +### Example 1: Add a key credential to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$app = Get-EntraApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $app.ObjectId + KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') } + PasswordCredential = @{ DisplayName = 'mypassword' } + Proof = '{token}' +} + +New-EntraApplicationKey @params +``` + +This command adds a key credential to an specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyCredential` parameter specifies the application key credential to add. +- `-PasswordCredential` parameter specifies the application password credential to add. +- `-Proof` parameter specifies the signed JWT token used as a proof of possession of the existing keys. + +## Parameters + +### -KeyCredential + +The application key credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: KeyCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +The application password credential to add. + +NOTES: keyId value should be null. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +A signed JWT token used as a proof of possession of the existing keys. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.KeyCredential + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +### Microsoft.Open.MSGraph.Model.KeyCredential + +## Notes + +## Related Links + +[Remove-EntraApplicationKey](Remove-EntraApplicationKey.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..4d347c6251 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential.md @@ -0,0 +1,258 @@ +--- +title: New-EntraApplicationKeyCredential +description: This article provides details on the New-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# New-EntraApplicationKeyCredential + +## Synopsis + +Creates a key credential for an application. + +## Syntax + +```powershell +New-EntraApplicationKeyCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-Type ] + [-Usage ] + [-Value ] + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraApplicationKeyCredential` cmdlet creates a key credential for an application. + +An application can use this command along with `Remove-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. + +As part of the request validation, proof of possession of an existing key is verified before the action can be performed. + +## Examples + +### Example 1: Create a new application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' + +$AppId = (Get-EntraApplication -Top 1).Objectid +$params = @{ + ApplicationId = $AppId + CustomKeyIdentifier = 'EntraPowerShellKey' + StartDate = '2024-03-21T14:14:14Z' + Type = 'Symmetric' + Usage = 'Sign' + Value = '' +} + +New-EntraApplicationKeyCredential @params +``` + +```Output +CustomKeyIdentifier : {84, 101, 115, 116} +EndDate : 2024-03-21T14:14:14Z +KeyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +StartDate : 2025-03-21T14:14:14Z +Type : Symmetric +Usage : Sign +Value : {49, 50, 51} +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +You can use the `Get-EntraApplication` cmdlet to retrieve the application Object ID. + +### Example 2: Use a certificate to add an application key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' + +$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object +$cer.Import('C:\Users\ContosoUser\appcert.cer') +$bin = $cer.GetRawCertData() +$base64Value = [System.Convert]::ToBase64String($bin) +$bin = $cer.GetCertHash() +$base64Thumbprint = [System.Convert]::ToBase64String($bin) +$keyid = [System.Guid]::NewGuid().ToString() + +$params = @{ + ApplicationId = '22223333-cccc-4444-dddd-5555eeee6666' + CustomKeyIdentifier = $base64Thumbprint + Type = 'AsymmetricX509Cert' + Usage = 'Verify' + Value = $base64Value + StartDate = $cer.GetEffectiveDateString() + EndDate = $cer.GetExpirationDateString() +} + +New-EntraApplicationKeyCredential @params +``` + +This example shows how to create an application key credential. + +- `-ApplicationId` Specifies a unique ID of an application +- `-CustomKeyIdentifier` Specifies a custom key ID. +- `-StartDate` Specifies the time when the key becomes valid as a DateTime object. +- `-EndDate` Specifies the time when the key becomes invalid as a DateTime object. +- `-Type` Specifies the type of the key. +- `-Usage` Specifies the key usage. for `AsymmetricX509Cert` the usage must be `Verify`and for `X509CertAndPassword` the usage must be `Sign`. +- `-Value` Specifies the value for the key. + +## Parameters + +### -CustomKeyIdentifier + +Specifies a custom key ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +Specifies the time when the key becomes invalid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +Specifies the time when the key becomes valid as a DateTime object. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of the key. + +```yaml +Type: KeyType +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Usage + +Specifies the key usage. + +- `AsymmetricX509Cert`: The usage must be `Verify`. +- `X509CertAndPassword`: The usage must be `Sign`. + +```yaml +Type: KeyUsage +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Value + +Specifies the value for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) + +[Remove-EntraApplicationKeyCredential](Remove-EntraApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md new file mode 100644 index 0000000000..155f17e3fe --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPassword.md @@ -0,0 +1,121 @@ +--- +title: New-EntraApplicationPassword +description: This article provides details on the New-EntraApplicationPassword command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationPassword + +schema: 2.0.0 +--- + +# New-EntraApplicationPassword + +## Synopsis + +Adds a strong password to an application. + +## Syntax + +```powershell +New-EntraApplicationPassword + -ObjectId + -PasswordCredential + [] +``` + +## Description + +Adds a strong password to an application. + +## Examples + +### Example 1: Add a password to an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$Application = Get-EntraBetaApplication -SearchString '' +$PasswordCredential= New-Object Microsoft.Open.MSGraph.Model.PasswordCredential +$PasswordCredential.StartDateTime = Get-Date -Year 2024 -Month 12 -Day 28 +$PasswordCredential.EndDateTime = Get-Date -Year 2025 -Month 2 -Day 28 +$PasswordCredential.KeyId = 'bbbbbbbb-1c1c-2d2d-3e3e-444444444444' +$PasswordCredential.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('a') +$PasswordCredential.Hint = 'b' +$params = @{ + ObjectId = $Application.ObjectId + PasswordCredential = $PasswordCredential +} + +New-EntraApplicationPassword @params +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +{97} 2/28/2025 7:05:39 AM nnW bbbbbbbb-1c1c-2d2d-3e3e-444444444444 12/28/2024 7:05:39 AM +``` + +This example adds a password to the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-PasswordCredential` parameter specifies a password credential associated with an application or a service principal. + +## Parameters + +### -ObjectId + +The unique identifier of the application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredential + +Represents a password credential associated with an application or a service principal. + +```yaml +Type: PasswordCredential +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +### Microsoft.Open.MSGraph.Model.PasswordCredential + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraApplicationPassword](Remove-EntraApplicationPassword.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..55f8da01e5 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential.md @@ -0,0 +1,215 @@ +--- +title: New-EntraApplicationPasswordCredential +description: This article provides details on the New-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraApplicationPasswordCredential + +## Synopsis + +Creates a password credential for an application. + +## Syntax + +```powershell +New-EntraApplicationPasswordCredential + -ApplicationId + [-CustomKeyIdentifier ] + [-StartDate ] + [-EndDate ] + [] +``` + +## Description + +The `New-EntraApplicationPasswordCredential` cmdlet creates a password credential for an application in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +New-EntraApplicationPasswordCredential -ApplicationId $application.Id +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. + +### Example 2: Create a password credential using CustomKeyIdentifier parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + CustomKeyIdentifier = '' +} + +New-EntraApplicationPasswordCredential @params +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- +100 101 109 111 demo 8/2/2026 11:47:53 AM 8Mw tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 8/2/2024 11:47:53 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-CustomKeyIdentifier` Speicifies unique binary identifier. + +### Example 3: Create a password credential using StartDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + StartDate = (Get-Date).AddYears(0) + CustomKeyIdentifier = '' +} + +New-EntraApplicationPasswordCredential @params +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-StartDate` Speicifies the date and time at which the password becomes valid. + +### Example 4: Create a password credential using EndDate parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + EndDate = (Get-Date).AddYears(2) + CustomKeyIdentifier = '' +} + +New-EntraApplicationPasswordCredential @params +``` + +```Output +CustomKeyIdentifier DisplayName EndDateTime Hint KeyId SecretText StartDateTime +------------------- ----------- ----------- ---- ----- ---------- ------------- + 3/21/2026 9:48:40 AM n34 tttttttt-0000-2222-0000-aaaaaaaaaaaa wbBNW8kCuiPjNRg9NX98W_aaaaaaa 3/21/2024 9:48:40 AM +``` + +This command creates new password credential for specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-EndDate` Speicifies The date and time at which the password expires. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -CustomKeyIdentifier + +A unique binary identifier. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -EndDate + +The date and time at which the password expires. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) + +[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAttributeSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAttributeSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraAttributeSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDomain.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDomain.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDomain.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraDomain.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroup.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroup.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroup.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..d70bac714b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment.md @@ -0,0 +1,151 @@ +--- +title: New-EntraGroupAppRoleAssignment +description: This article provides details on the New-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraGroupAppRoleAssignment + +## Synopsis + +Assign a group of users to an application role. + +## Syntax + +```powershell +New-EntraGroupAppRoleAssignment + -GroupId + -PrincipalId + -AppRoleId + -ResourceId + [] +``` + +## Description + +The `New-EntraGroupAppRoleAssignment` cmdlet assigns a group of users to an application role in Microsoft Entra ID. + +## Examples + +### Example 1: Assign a group of users to an application + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$appname = 'Box' +$spo = Get-EntraServicePrincipal -Filter "Displayname eq '$appname'" +$group = Get-EntraGroup -SearchString 'Contoso Team' +New-EntraGroupAppRoleAssignment -GroupId $group.ObjectId -PrincipalId $group.ObjectId -ResourceId $spo.ObjectId -AppRoleId $spo.Approles[1].id +``` + +```Output +DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId +--------------- -- --------- --------------- -------------------- ----------- + AaBbCcDdEeFfGgHhIiJjKkLlMmNnOo1 00000000-0000-0000-0000-000000000000 3/13/2024 4:41:43 AM Contoso Team aaaaaaaa-bbbb-cccc-1111-222222222222 +3/13/2024 4:45:00 AM BbCcDdEeFfGgHhIiJjKkLlMmNnOoPp2 00000000-0000-0000-0000-000000000000 3/13/2024 4:45:00 AM Finance Group bbbbbbbb-cccc-dddd-2222-333333333333 +``` + +This example demonstrates how to assign a group of users to an application role in Microsoft Entra ID. + +- `GroupId`: The ID of the group to which you're assigning the app role. + +- `PrincipalId`: The ID of the group to which you're assigning the app role. + +- `ResourceId`: The ID of the resource service Principal, which has defined the app role. + +- `AppRoleId`: The ID of the appRole (defined on the resource service principal) to assign to the group. + +## Parameters + +### -AppRoleId + +Specifies the ID of the app role (defined on the resource service principal) to assign. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies the principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The unique identifier (ID) for the resource service principal for which the assignment is made. +Required on create. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) + +[Remove-EntraGroupAppRoleAssignment](Remove-EntraGroupAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..78e3bb4b9f --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy.md @@ -0,0 +1,138 @@ +--- +title: New-EntraGroupLifecyclePolicy +description: This article provides details on the New-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# New-EntraGroupLifecyclePolicy + +## Synopsis + +Creates a new groupLifecyclePolicy. + +## Syntax + +```powershell +New-EntraGroupLifecyclePolicy + -ManagedGroupTypes + -GroupLifetimeInDays + -AlternateNotificationEmails + [] +``` + +## Description + +Creates a new groupLifecyclePolicy in Microsoft Entra ID. + +## Examples + +### Example 1: Creates a new groupLifecyclePolicy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$Params = @{ + GroupLifetimeInDays = 99 + ManagedGroupTypes = 'Selected' + AlternateNotificationEmails = 'example@contoso.com' +} +New-EntraGroupLifecyclePolicy @params +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb example@contoso.com 99 Selected +``` + +This example creates a new groupLifecyclePolicy with a group lifetime of 99 days for a selected set of Office 365 groups. Renewal notification emails are sent to for groups without owners. + +- `-GroupLifetimeInDays` parameter specifies the number of days a group can exist before it needs to be renewed. +- `-ManagedGroupTypes` parameter allows the admin to select which office 365 groups the policy applies to. +- `-AlternateNotificationEmails` parameter specifies notification emails for group. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups without owners are sent to these email addresses, separated by a ';'. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +This parameter allows the admin to select which Office 365 groups the policy applies to. +'None' creates the policy in a disabled state. +'All' applies the policy to every Office 365 group in the tenant. +'Selected' allows the admin to choose specific Office 365 groups to which the policy applies. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) + +[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md new file mode 100644 index 0000000000..246056cf38 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraIdentityProvider.md @@ -0,0 +1,170 @@ +--- +title: New-EntraIdentityProvider +description: This article provides details on the New-EntraIdentityProvider command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraIdentityProvider + +schema: 2.0.0 +--- + +# New-EntraIdentityProvider + +## Synopsis + +Configure a new identity provider in the directory. + +## Syntax + +```powershell +New-EntraIdentityProvider + -Type + -ClientSecret + -ClientId + [-Name ] + [] +``` + +## Description + +The `New-EntraIdentityProvider` cmdlet is used to configure an identity provider in the directory. + +Adding an identity provider will allow users to sign up for or sign into applications secured by Microsoft Entra ID B2C using the identity provider. + +Configuring an identity provider in your Microsoft Entra ID tenant also enables future B2B guest scenarios. + +For example, an organization has resources in Office 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents. + +The current set of identity providers can be: + +- Microsoft +- Google +- Facebook +- Amazon +- LinkedIn + +The work or school account needs to belong to at least the External Identity Provider Administrator Microsoft Entra role. + +## Examples + +### Example 1: Add LinkedIn identity provider + +```powershell +Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All' +$params = @{ + Type = 'LinkedIn' + Name = 'LinkedInName' + ClientId = 'LinkedInAppClientId' + ClientSecret = 'LinkedInAppClientSecret' +} + +New-EntraIdentityProvider @params +``` + +```Output +Id DisplayName +-- ----------- +LinkedIn-OAUTH LinkedInName +``` + +This example adds a LinkedIn identity provider. + +- `-Type` parameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. +- `-Name` parameter specifies the display name of the identity provider. +- `-ClientId` parameter specifies the client identifier for the application, obtained during the application's registration with the identity provider. +- `-ClientSecret` parameter specifies the client secret for the application, obtained during registration with the identity provider. + +## Parameters + +### -ClientId + +The client identifier for the application, obtained during the application's registration with the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ClientSecret + +The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns `****`. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Name + +The display name of the identity provider. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn. + +For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraIdentityProvider](Remove-EntraIdentityProvider.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraInvitation.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraInvitation.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraInvitation.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraInvitation.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraNamedLocationPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md new file mode 100644 index 0000000000..85c6a167e4 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant.md @@ -0,0 +1,188 @@ +--- +title: New-EntraOauth2PermissionGrant +description: This article provides details on the New-EntraOauth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/28/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraOauth2PermissionGrant + +schema: 2.0.0 +--- + +# New-EntraOauth2PermissionGrant + +## Synopsis + +Create a delegated permission grant using an oAuth2PermissionGrant object. This grant allows a client service principal to access a resource service principal on behalf of a signed-in user, with access restricted to the specified delegated permissions. + +## Syntax + +```powershell +New-EntraOauth2PermissionGrant + -ClientId + -ConsentType + -ResourceId + [-PrincipalId ] + [-Scope ] + [] +``` + +## Description + +The `New-EntraOauth2PermissionGrant` cmdlet creates a delegated permission grant using an oAuth2PermissionGrant object. This grant authorizes a client service principal to access a resource service principal on behalf of a signed-in user, with access limited to the specified delegated permissions. + +## Examples + +### Example 1: To grant authorization to impersonate all users + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'AllPrincipals' + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... + +``` + +This command Grant authorization to impersonate all users. + +### Example 2: To grant authorization to impersonate a specific user + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Hakeem Helpdesk'" +$graphApp = Get-EntraServicePrincipal -Filter "AppId eq '00000003-0000-0000-c000-000000000000'" +$user = Get-EntraUser -UserId 'SawyerM@contoso.com' +$params = @{ + ClientId = $servicePrincipal.Id + ConsentType = 'Principal' + PrincipalId = $user.Id + ResourceId = $graphApp.Id + Scope = 'Directory.Read.All' + StartTime = Get-Date + ExpiryTime = (Get-Date).AddYears(1) +} +New-EntraOauth2PermissionGrant @params +``` + +```Output +Id ClientId ConsentType ExpiryTime PrincipalId ResourceId Scope +-- -------- ----------- ---------- ----------- ---------- ----- +A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 AllPrincipals 28/06/2025 07:44:25 aaaaaaaa-bbbb-cccc-1111-222222222222 Dele... +``` + +This command Grant authorization to impersonate a specific user. + +## Parameters + +### -ClientId + +The object ID (not appId) of the client service principal for the application, which is authorized to act on behalf of a signed-in user when accessing an API. Required. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ConsentType + +Indicates whether the client application is authorized to impersonate all users or only a specific user. + +- `AllPrincipals`: Authorizes the application to impersonate all users. +- `Principal`: Authorizes the application to impersonate a specific user. +An administrator can grant consent on behalf of all users. In some cases, non-admin users are authorized to consent on behalf of themselves for certain delegated permissions. This parameter is required and supports the $filter query (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +The ID of the resource service principal to which access is authorized. This identifies the API, which the client is authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PrincipalId + +The ID of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal, If consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Scope + +A space-separated list of the claim values for delegated permissions, which should be included in access tokens for the resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of the resource service principal. Must not exceed 3,850 characters in length. + +```yaml +Type: System.String +Parameter Sets: CreateExpanded +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## RELATED LINKS + +[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md) +[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md new file mode 100644 index 0000000000..278ad45ebb --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipal.md @@ -0,0 +1,406 @@ +--- +title: New-EntraServicePrincipal +description: This article provides details on the New-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipal + +schema: 2.0.0 +--- + +# New-EntraServicePrincipal + +## Synopsis + +Creates a service principal. + +## Syntax + +```powershell +New-EntraServicePrincipal + -AppId + [-KeyCredentials ] + [-Homepage ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +Create a new service Principal. + +For multitenant apps, the calling user must also be in at least one of the following Microsoft Entra roles: + +- Application Administrator +- Cloud Application Administrator + +For single-tenant apps where the calling user is a non-admin user but is the owner of the backing application, the user must have the Application Developer role. + +## Examples + +### Example 1: Create a new service principal using DisplayName, AccountEnabled, Tags, and AppRoleAssignmentRequired + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AccountEnabled = $true + AppId = $MyApp.AppId + AppRoleAssignmentRequired = $true + DisplayName = $MyApp.DisplayName + Tags = {WindowsAzureActiveDirectoryIntegratedApp} +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +The tag `-Tags {WindowsAzureActiveDirectoryIntegratedApp}` is used to have this service principal show up in the list of Integrated Applications in the Admin Portal. + +- `-AccountEnabled` parameter specifies true if the service principal account is enabled, otherwise false. +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-DisplayName` parameter specifies the service principal display name. +- `-AppRoleAssignmentRequired` parameter indicates whether an application role assignment is required. + +### Example 2: Create a new service principal using Homepage, logoutUrl, and ReplyUrls + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + Homepage = 'https://localhost/home' + LogoutUrl = 'htpp://localhost/logout' + ReplyUrls = 'https://localhost/redirect' +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-Homepage` parameter specifies the home page or landing page of the application. +- `-LogoutUrl` parameter specifies the logout URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 3: Create a new service principal by KeyCredentials + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2023 -Month 10 -Day 23 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('strong-cred-value') +$creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 +$MyApp=(Get-EntraApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + KeyCredentials = $creds +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADMyOrg Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-KeyCredentials` parameter specifies the collection of key credentials associated with the service principal. + +### Example 4: Create a new service principal by AlternativeNames, ServicePrincipalType, and ServicePrincipalName + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$MyApp=(Get-EntraApplication -Filter "DisplayName eq 'Demo App'") +$params = @{ + AppId = $MyApp.AppId + AlternativeNames = 'sktest2' + ServicePrincipalType = 'Application' + ServicePrincipalNames = $MyApp.AppId +} +New-EntraServicePrincipal @params +``` + +```Output +DisplayName Id AppId SignInAudience ServicePrincipalType +----------- -- ----- -------------- -------------------- +Demo App bbbbbbbb-1111-2222-3333-cccccccccccc 00001111-aaaa-2222-bbbb-3333cccc4444 AzureADandPersonalMicrosoftAccount Application +``` + +This example demonstrates how to create a new service Principal in Microsoft Entra ID. You can use the command `Get-EntraApplication` to get application app Id. + +- `-AppId` parameter specifies the unique identifier for the associated application (its appId property). +- `-AlternativeNames` parameter specifies the alternative names for this service principal. +- `-ServicePrincipalType` parameter specifies the type of the service principal. +- `-ServicePrincipalNames` parameter specifies an array of service principal names. + +## Parameters + +### -AccountEnabled + +True if the service principal account is enabled; otherwise, false. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +The unique identifier for the associated application (its appId property). + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the service principal display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +The collection of key credentials associated with the service principal. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the logout URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +The collection of password credentials associated with the application. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies an array of service principal names. +Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal. +A client uses ServicePrincipalNames to: + +- populate requiredResourceAccess, via "Permissions to other applications" in the Azure classic portal. +- Specify a resource URI to acquire an access token, which is the URI returned in the claim. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The type of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Tags linked to this service principal. + +Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..5a44ce185e --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,230 @@ +--- +title: New-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the New-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# New-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Assigns a service principal to an application role. + +## Syntax + +```powershell +New-EntraServicePrincipalAppRoleAssignment + -ObjectId + -PrincipalId + -Id + -ResourceId + [] +``` + +## Description + +The `New-EntraServicePrincipalAppRoleAssignment` cmdlet assigns a service principal to an application role in Microsoft Entra ID. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Assign an app role to another service principal + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraServicePrincipal -Filter "Displayname eq '$appname'" + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $spo.ObjectId +} + +New-EntraServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box aaaa0000-bb11-2222-33cc-444444dddddd +``` + +This example demonstrates how to assign an app role to another service principal in Microsoft Entra ID. You can use the command `Get-EntraServicePrincipal` to get a service principal Id. + +- `-ObjectId` parameter specifies the ObjectId of a client service principal to which you're assigning the app role. +- `-ResourceId`parameter specifies the ObjectId of the resource service principal. +- `-Id` parameter specifies the Id of the app role (defined on the resource service principal) to assign to the client service principal. If no app roles are defined on the resource app, you can use `00000000-0000-0000-0000-000000000000`. +- `-PrincipalId` parameter specifies the ObjectId of the client service principal to which you're assigning the app role. + +### Example 2: Assign an app role to a user + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraServicePrincipal -Filter "Displayname eq '$appname'" + $user = Get-EntraUser -SearchString 'Test Contoso' + + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $user.ObjectId +} + +New-EntraServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box bbbb1111-cc22-3333-44dd-555555eeeeee +``` + +This example demonstrates how to assign an app role to a user in Microsoft Entra ID. +You can use the command `Get-EntraServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraUser` to get a user Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the user. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the user. +- `-PrincipalId` parameter specifies the ObjectId of a user to which you're assigning the app role. + +### Example 3: Assign an app role to a group + +```powershell + Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' + $appname = 'Box' + $spo = Get-EntraServicePrincipal -Filter "Displayname eq '$appname'" + $group = Get-EntraGroup -SearchString 'testGroup' + + $params = @{ + ObjectId = $spo.ObjectId + ResourceId = $spo.ObjectId + Id = $spo.Approles[1].Id + PrincipalId = $group.ObjectId + } + + New-EntraServicePrincipalAppRoleAssignment @params +``` + +```Output +Id AppRoleId CreationTimestamp PrincipalDisplayName PrincipalId PrincipalType ResourceDisplayName ResourceId +-- --------- ----------------- -------------------- ----------- ------------- ------------------- ---------- +3cccccc3-4dd4-5ee5-6ff6-7aaaaaaaaaa7 00000000-0000-0000-0000-000000000000 12-03-2024 11:05:29 Box aaaaaaaa-bbbb-cccc-1111-222222222222 ServicePrincipal Box cccc2222-dd33-4444-55ee-666666ffffff +``` + +This example demonstrates how to assign an app role to a group in Microsoft Entra ID. +You can use the command `Get-EntraServicePrincipal` to get a service principal Id. +You can use the command `Get-EntraGroup` to get a group Id. + +- `-ObjectId` parameter specifies the ObjectId of the app's service principal. +- `-ResourceId`parameter specifies the ObjectId of the app's service principal. +- `-Id` parameter specifies the Id of app role (defined on the app's service principal) to assign to the group. If no app roles are defined to the resource app, you can use `00000000-0000-0000-0000-000000000000` to indicate that the app is assigned to the group. +- `-PrincipalId` parameter specifies the ObjectId of a group to which you're assigning the app role. + +## Parameters + +### -Id + +Specifies the ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PrincipalId + +Specifies a principal ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ResourceId + +Specifies a resource ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`New-EntraServiceAppRoleAssignment` is an alias for `New-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) + +[Remove-EntraServicePrincipalAppRoleAssignment](Remove-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalKeyCredential.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalKeyCredential.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalKeyCredential.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..a8377771c4 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,168 @@ +--- +title: New-EntraServicePrincipalPasswordCredential +description: This article provides details on the New-EntraServicePrincipalPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/New-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# New-EntraServicePrincipalPasswordCredential + +## Synopsis + +Creates a password credential for a service principal. + +## Syntax + +```powershell +New-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + [-EndDate ] + [-StartDate ] + [] +``` + +## Description + +The `New-EntraServicePrincipalPasswordCredential` cmdlet creates a password credential for a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Create a password credential with StartDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + StartDate = '2024-04-21T14:14:14Z' +} +New-EntraServicePrincipalPasswordCredential @Params +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : aaaaaaaa-0b0b-1c1c-2d2d-333333333333 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with StartDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-StarteDate` parameter specifies the date and time at which the password becomes valid. + +### Example 2: Create a password credential with EndtDate + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + EndDate = '2030-03-21T14:14:14Z' +} +New-EntraServicePrincipalPasswordCredential @Params +``` + +```Output +secretText : A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u +@odata.type : #microsoft.graph.servicePrincipal +endDateTime : 08-08-2026 10:30:00 +hint : LY. +customKeyIdentifier : +startDateTime : 08-08-2024 14:14:14 +keyId : bbbbbbbb-1c1c-2d2d-3e3e-444444444444 +@odata.context : https://graph.microsoft.com/beta/$metadata#servicePrincipals('00001111-aaaa-2222-bbbb-3333cccc4444')/addPassword +displayName : +StartDate : 08-08-2024 14:14:14 +EndDate : 08-08-2026 10:30:00 +``` + +This example demonstrates how to create a password credential with EndDate for a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-EndDate` parameter specifies the date and time at which the password expires represented using ISO 8601 format and is always in UTC time. + +## Parameters + +### -EndDate + +The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of the service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -StartDate + +The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2024 is 2024-01-01T00:00:00Z. + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) + +[Remove-EntraServicePrincipalPasswordCredential](Remove-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUser.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/New-EntraUserAppRoleAssignment.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..2b4e4d8f3b --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraAdministrativeUnit +description: This article provides details on the Remove-EntraAdministrativeUnit command. + +ms.topic: reference +ms.date: 07/19/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# Remove-EntraAdministrativeUnit + +## Synopsis + +Removes an administrative unit. + +## Syntax + +```powershell +Remove-EntraAdministrativeUnit + -AdministrativeUnitId + [] +``` + +## Description + +The `Remove-EntraAdministrativeUnit` cmdlet removes an administrative unit from Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to delete an administrative unit. + +To delete an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +Remove-EntraAdministrativeUnit -ObjectId $AdministrativeUnit.ObjectId +``` + +This command removes the specified administrative unit from Microsoft Entra ID. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[Set-EntraAdministrativeUnit](Set-EntraAdministrativeUnit.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md new file mode 100644 index 0000000000..306fdee2a1 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember.md @@ -0,0 +1,108 @@ +--- +title: Remove-EntraAdministrativeUnitMember +description: This article provides details on the Remove-EntraAdministrativeUnitMember command. + +ms.topic: reference +ms.date: 07/17/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraAdministrativeUnitMember + +schema: 2.0.0 +--- + +# Remove-EntraAdministrativeUnitMember + +## Synopsis + +Removes an administrative unit member. + +## Syntax + +```powershell +Remove-EntraAdministrativeUnitMember + -AdministrativeUnitId + -MemberId + [] +``` + +## Description + +The `Remove-EntraAdministrativeUnitMember` cmdlet removes an administrative unit member in Microsoft Entra ID. Specify `AdministrativeUnitId` and `MemberId` to remove an administrative unit member. + +To remove a member from an administrative unit, the calling principal must have at least the Privileged Role Administrator role in Microsoft Entra. + +## Examples + +### Example 1: Remove an administrative unit member + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.Read.All' +$AdministrativeUnit = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + MemberId = 'eeeeeeee-4444-5555-6666-ffffffffffff' +} +Remove-EntraAdministrativeUnitMember @params +``` + +This command removes a specified member (user or group) from a specified administrative unit. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-MemberId` parameter specifies the ID of the administrative unit member. + +## Parameters + +### -MemberId + +Specifies the ID of the administrative unit member. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraAdministrativeUnitMember](Add-EntraAdministrativeUnitMember.md) + +[Get-EntraAdministrativeUnitMember](Get-EntraAdministrativeUnitMember.md) + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md new file mode 100644 index 0000000000..bb06d0fd75 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplication.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraApplication +description: This article provides details on the Remove-EntraApplication command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplication + +schema: 2.0.0 +--- + +# Remove-EntraApplication + +## Synopsis + +Deletes an application object. + +## Syntax + +```powershell +Remove-EntraApplication + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplication` cmdlet deletes an application object identified by ApplicationId. Specify the `ApplicationId` parameter to delete an application object. + +## Examples + +### Example 1: Remove an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$Application = Get-EntraApplication -SearchString '' +Remove-EntraApplication -ApplicationId $Application.ObjectId +``` + +This example demonstrates how to delete an application object. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[New-EntraApplication](New-EntraApplication.md) + +[Set-EntraApplication](Set-EntraApplication.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md new file mode 100644 index 0000000000..3ff1288b6e --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraApplicationExtensionProperty +description: This article provides details on the Remove-EntraApplicationExtensionProperty command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationExtensionProperty + +schema: 2.0.0 +--- + +# Remove-EntraApplicationExtensionProperty + +## Synopsis + +Removes an application extension property. + +## Syntax + +```powershell +Remove-EntraApplicationExtensionProperty + -ExtensionPropertyId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplicationExtensionProperty` cmdlet removes an application extension property for an object in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application extension property + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$Application = Get-EntraApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + ExtensionPropertyId = 'cccc2222-dd33-4444-55ee-666666ffffff' +} + +Remove-EntraApplicationExtensionProperty @params +``` + +This example removes the extension property that has the specified ID from an application in Microsoft Entra ID. + +- `-ApplicationId` parameter specifies the unique identifier of an application. +- `-ExtensionPropertyId` parameter specifies the unique identifier of the extension property to remove. + +## Parameters + +### -ExtensionPropertyId + +Specifies the unique ID of the extension property to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationExtensionProperty](Get-EntraApplicationExtensionProperty.md) + +[New-EntraApplicationExtensionProperty](New-EntraApplicationExtensionProperty.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md new file mode 100644 index 0000000000..9f0e4a9325 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKey.md @@ -0,0 +1,133 @@ +--- +title: Remove-EntraApplicationKey +description: This article provides details on the Remove-EntraApplicationKey command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationKey + +schema: 2.0.0 +--- + +# Remove-EntraApplicationKey + +## Synopsis + +Removes a key from an application. + +## Syntax + +```powershell +Remove-EntraApplicationKey + -ObjectId + [-Proof ] + [-KeyId ] + [] +``` + +## Description + +Removes a key from an application. + +## Examples + +### Example 1: Removes a key credential from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Directory.ReadWrite.All' +$app = Get-EntraApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $app.ObjectId + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' + Proof = {token} +} + +Remove-EntraApplicationKey @params +``` + +This command removes the specified key credential from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of an application. +- `-KeyId` parameter specifies the key Id corresponding to the key object to be removed. +- `-Proof` parameter specifies the JWT token provided as a proof of possession. + +## Parameters + +### -ObjectId + +Specifies the unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The key Id corresponding to the key object to be removed. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Proof + +The JWT token provided as a proof of possession. + +A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed with a private key that corresponds to one of the existing valid certificates associated with the application. The token should contain the following claims: + +- `aud`: Audience needs to be 00000002-0000-0000-c000-000000000000. +- `iss`: Issuer needs to be the ID of the application that initiates the request. +- `nbf`: Not before time. +- `exp`: Expiration time should be the value of nbf + 10 minutes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationKey](New-EntraApplicationKey.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md new file mode 100644 index 0000000000..944d130412 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential.md @@ -0,0 +1,108 @@ +--- +title: Remove-EntraApplicationKeyCredential +description: This article provides details on the Remove-EntraApplicationKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraApplicationKeyCredential + +## Synopsis + +Removes a key credential from an application. + +## Syntax + +```powershell +Remove-EntraApplicationKeyCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraApplicationKeyCredential` cmdlet removes a key credential from an application. + +An application can use this command along with `New-EntraApplicationKeyCredential` to automate the rolling of its expiring keys. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq ''" +$params = @{ + ApplicationId = $application.Id + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +} + +Remove-EntraApplicationKeyCredential @params +``` + +This command removes the specified key credential from the specified application. + +- `-ApplicationId` Specifies the ID of an application. +- `-KeyId` Specifies a custom key ID. Use `Get-EntraApplicationKeyCredential` to get the keyId details. + +## Parameters + +### -KeyId + +Specifies a custom key ID. The unique identifier for the password. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies a unique ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplicationKeyCredential](Get-EntraApplicationKeyCredential.md) + +[New-EntraApplicationKeyCredential](New-EntraApplicationKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md new file mode 100644 index 0000000000..a8a9019f62 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationOwner.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraApplicationOwner +description: This article provides details on the Remove-EntraApplicationOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationOwner + +schema: 2.0.0 +--- + +# Remove-EntraApplicationOwner + +## Synopsis + +Removes an owner from an application. + +## Syntax + +```powershell +Remove-EntraApplicationOwner + -OwnerId + -ApplicationId + [] +``` + +## Description + +The `Remove-EntraApplicationOwner` cmdlet removes an owner from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an owner from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$Application = Get-EntraApplication -SearchString '' +$params = @{ + ApplicationId = $Application.ObjectId + OwnerId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' +} + +Remove-EntraApplicationOwner @params +``` + +This example removes the specified owner from the specified application. You can use the command `Get-EntraApplication` to get application Id. + +- `-ApplicationId` parameter specifies the the unique identifier of a application. +- `-OwnerId` parameter specifies the ID of the owner. + +## Parameters + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, -`InformationVariable`, `-OutVariable`, -`OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraApplicationOwner](Add-EntraApplicationOwner.md) + +[Get-EntraApplicationOwner](Get-EntraApplicationOwner.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md new file mode 100644 index 0000000000..b63496136c --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPassword.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraApplicationPassword +description: This article provides details on the Remove-EntraApplicationPassword command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationPassword + +schema: 2.0.0 +--- + +# Remove-EntraApplicationPassword + +## Synopsis + +Remove a password from an application. + +## Syntax + +```powershell +Remove-EntraApplicationPassword + -ObjectId + [-KeyId ] + [] +``` + +## Description + +Remove a password from an application. + +## Examples + +### Example 1: Removes a password from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $application.Id + KeyId = 'cccccccc-2d2d-3e3e-4f4f-555555555555' +} + +Remove-EntraApplicationPassword @params +``` + +This example removes the specified password from the specified application. + +- `-ObjectId` parameter specifies the unique identifier of the application. +- `-KeyId` parameter specifies the unique identifier of the PasswordCredential. + +## Parameters + +### -ObjectId + +The unique identifier of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -KeyId + +The unique identifier for the key. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[New-EntraApplicationPassword](New-EntraApplicationPassword.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md new file mode 100644 index 0000000000..72d34ae5ff --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraApplicationPasswordCredential +description: This article provides details on the Remove-EntraApplicationPasswordCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraApplicationPasswordCredential + +## Synopsis + +Removes a password credential from an application. + +## Syntax + +```powershell +Remove-EntraApplicationPasswordCredential + -ApplicationId + -KeyId + [] +``` + +## Description + +The `Remove-EntraApplicationPasswordCredential` cmdlet removes a password credential from an application in Microsoft Entra ID. + +## Examples + +### Example 1: Remove an application password credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "displayName eq 'Contoso Helpdesk App'" +$KeyIDs = Get-EntraApplicationPasswordCredential -ApplicationId $application.Id +Remove-EntraApplicationPasswordCredential -ApplicationId $application.Id -KeyId $KeyIds[0].KeyId +``` + +This example demonstrates how to remove the password credential for an application. + +- `ApplicationId` Specifies the ID of the application. Use `Get-EntraApplication` to get application ObjectId value. +- `KeyId` Specifies the ID of the password credential. Use `Get-EntraApplicationPasswordCredential` to retrieve a specific credential details. + +## Parameters + +### -KeyId + +Specifies the ID of the password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of the application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[Get-EntraApplicationPasswordCredential](Get-EntraApplicationPasswordCredential.md) + +[Remove-EntraApplicationPasswordCredential](Remove-EntraApplicationPasswordCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..d34578e6cb --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher.md @@ -0,0 +1,83 @@ +--- +title: Remove-EntraApplicationVerifiedPublisher +description: This article provides details on the Remove-EntraApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Remove-EntraApplicationVerifiedPublisher + +## Synopsis + +Removes the verified publisher from an application. + +## Syntax + +```powershell +Remove-EntraApplicationVerifiedPublisher + -AppObjectId + [] +``` + +## Description + +Removes the verified publisher from an application. + +## Examples + +### Example 1: Remove the verified publisher from an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$app = Get-EntraApplication -Filter "DisplayName eq ''" +Remove-EntraApplicationVerifiedPublisher -AppObjectId $app.ObjectId +``` + +This command demonstrates how to remove the verified publisher from an application. + +- `-AppObjectId` parameter specifies the unique identifier of an application. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Set-EntraApplicationVerifiedPublisher](Set-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraContact.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraContact.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraContact.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraContact.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md new file mode 100644 index 0000000000..fb083eb0aa --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedApplication.md @@ -0,0 +1,92 @@ +--- +title: Remove-EntraDeletedApplication +description: This article provides details on the Remove-EntraDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraDeletedApplication + +schema: 2.0.0 +--- + +# Remove-EntraDeletedApplication + +## Synopsis + +Permanently delete a recently deleted application object from deleted items. + +## Syntax + +```powershell +Remove-EntraDeletedApplication + [-ObjectId] + [] +``` + +## Description + +Permanently delete a recently deleted application object from deleted items. After an item is permanently deleted, it can't be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator. + +## Examples + +### Example 1: Remove deleted application object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$App = Get-EntraDeletedApplication -SearchString 'My PowerShell Application' +Remove-EntraDeletedApplication -ObjectId $App.ObjectId +``` + +This command removes recently deleted application. You can use the command `Get-EntraDeletedApplication` to get deleted application Id. + +- `-ObjectId` parameter specifies the Id of a deleted application. + +## Parameters + +### -ObjectId + +The unique identifier of deleted application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) + +[Restore-EntraDeletedApplication](Restore-EntraDeletedApplication.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md new file mode 100644 index 0000000000..9860be4fb3 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject.md @@ -0,0 +1,96 @@ +--- +title: Remove-EntraDeletedDirectoryObject +description: This article provides details on the Remove-EntraDeletedDirectoryObject command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraDeletedDirectoryObject + +schema: 2.0.0 +--- + +# Remove-EntraDeletedDirectoryObject + +## Synopsis + +Permanently delete a previously deleted directory object. + +## Syntax + +```powershell +Remove-EntraDeletedDirectoryObject + -DirectoryObjectId + [] +``` + +## Description + +The `Remove-EntraDeletedDirectoryObject` cmdlet is used to permanently delete a previously deleted directory object. + +When a directory object is permanently deleted, it can no longer be restored. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- To permanently delete deleted applications or service principals: `Application Administrator`, `Cloud Application Administrator`, or `Hybrid Identity Administrator`. +- To permanently delete deleted users: `User Administrator`. +- To permanently delete deleted groups: `Groups Administrator`. + +## Examples + +### Example 1: Delete a previously deleted directory object + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Group.ReadWrite.All','Application.ReadWrite.All','User.ReadWrite.All' + +Remove-EntraDeletedDirectoryObject -DirectoryObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' +``` + +This example demonstrates how to permanently delete a previously deleted directory object by DirectoryObjectId. + +- `-DirectoryObjectId` parameter specifies the Id of the directory object that is permanently deleted. + +## Parameters + +### -DirectoryObjectId + +The DirectoryObjectId of the directory object that is permanently deleted. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraDeletedDirectoryObject](Get-EntraDeletedDirectoryObject.md) + +[Restore-EntraDeletedDirectoryObject](Restore-EntraDeletedDirectoryObject.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredOwner.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredOwner.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredOwner.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDeviceRegisteredUser.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleAssignment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleMember.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleMember.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDirectoryRoleMember.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDomain.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDomain.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDomain.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraDomain.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraExternalDomainFederation.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraExternalDomainFederation.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraExternalDomainFederation.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraExternalDomainFederation.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md new file mode 100644 index 0000000000..ae746e39ed --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroup.md @@ -0,0 +1,93 @@ +--- +title: Remove-EntraGroup +description: This article provides details on the Remove-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroup + +schema: 2.0.0 +--- + +# Remove-EntraGroup + +## Synopsis + +Removes a group. + +## Syntax + +```powershell +Remove-EntraGroup + -GroupId + [] +``` + +## Description + +The `Remove-EntraGroup` cmdlet removes a group from Microsoft Entra ID. Specify the `GroupId` parameter removes a group. + +Unified Group can be restored withing 30 days after deletion using the `Restore-EntraBetaDeletedDirectoryObject` cmdlet. Security groups can't be restored after deletion. + +**Notes on permissions:** + +The following conditions apply for apps to delete role-assignable groups: + +- For delegated scenarios, the app must be assigned the `RoleManagement.ReadWrite.Directory` delegated permission, and the calling user must be the creator of the group or be assigned at least the Privileged Role Administrator Microsoft Entra role. +- For app-only scenarios, the calling app must be the owner of the group or be assigned the `RoleManagement.ReadWrite.Directory` application permission or be assigned at least the Privileged Role Administrator Microsoft Entra role. + +## Examples + +### Example 1: Remove a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Remove-EntraGroup -GroupId $group.Id +``` + +This example demonstrates how to remove a group in Microsoft Entra ID. + +- `GroupId` parameter specifies the group ID . + +## Parameters + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroup](New-EntraGroup.md) + +[Set-EntraGroup](Set-EntraGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md new file mode 100644 index 0000000000..c5306735b7 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment.md @@ -0,0 +1,99 @@ +--- +title: Remove-EntraGroupAppRoleAssignment +description: This article provides details on the Remove-EntraGroupAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraGroupAppRoleAssignment + +## Synopsis + +Delete a group application role assignment. + +## Syntax + +```powershell +Remove-EntraGroupAppRoleAssignment + -AppRoleAssignmentId + -GroupId +[] +``` + +## Description + +The `Remove-EntraGroupAppRoleAssignment` cmdlet removes a group application role assignment from Microsoft Entra ID. + +## Examples + +### Example 1: Remove group app role assignment + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Remove-EntraGroupAppRoleAssignment -GroupId $group.Id -AppRoleAssignmentId 'CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3' +``` + +This example demonstrates how to remove the specified group application role assignment. +GroupId - Specifies the object ID of a group. +AppRoleAssignmentId - Specifies the object ID of the group application role assignment. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the object ID of the group application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroupAppRoleAssignment](Get-EntraGroupAppRoleAssignment.md) + +[New-EntraGroupAppRoleAssignment](New-EntraGroupAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..d60bc7953d --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy.md @@ -0,0 +1,87 @@ +--- +title: Remove-EntraGroupLifecyclePolicy +description: This article provides details on the Remove-EntraGroupLifecyclePolicy command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Remove-EntraGroupLifecyclePolicy + +## Synopsis + +Deletes a groupLifecyclePolicies object + +## Syntax + +```powershell +Remove-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Remove-EntraGroupLifecyclePolicy` command deletes a groupLifecyclePolicies object in Microsoft Entra ID. Specify `Id` parameter deletes the groupLifecyclePolicies object. + +## Examples + +### Example 1: Remove a groupLifecyclePolicies + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId '1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5' +``` + +This example demonstrates how to delete the groupLifecyclePolicies object that has the specified ID. You can use `Get-EntraGroupLifecyclePolicy` to get Id details. + +## Parameters + +### -GroupLifecyclePolicyId + +Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) + +[Set-EntraGroupLifecyclePolicy](Set-EntraGroupLifecyclePolicy.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md new file mode 100644 index 0000000000..ca01328299 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupMember.md @@ -0,0 +1,102 @@ +--- +title: Remove-EntraGroupMember +description: This article provides details on the Remove-EntraGroupMember command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupMember + +schema: 2.0.0 +--- + +# Remove-EntraGroupMember + +## Synopsis + +Removes a member from a group. + +## Syntax + +```powershell +Remove-EntraGroupMember + -GroupId + -MemberId + [] +``` + +## Description + +The `Remove-EntraGroupMember` cmdlet removes a member from a group in Microsoft Entra ID. Specify the `ObjectId` and `MemberId` parameters to remove a member from a group. + +## Examples + +### Example 1: Remove a member + +```powershell +Connect-Entra -Scopes 'GroupMember.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Remove-EntraGroupMember -GroupId $group.Id -MemberId 'zzzzzzzz-6666-8888-9999-pppppppppppp' +``` + +This command removes the specified member from the specified group. + +GroupId - Specifies the object ID of a group in Microsoft Entra ID. + +MemberId - Specifies the ID of the member to remove. + +## Parameters + +### -MemberId + +Specifies the ID of the member to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraGroupMember](Add-EntraGroupMember.md) + +[Get-EntraGroupMember](Get-EntraGroupMember.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md new file mode 100644 index 0000000000..759c736651 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraGroupOwner.md @@ -0,0 +1,101 @@ +--- +title: Remove-EntraGroupOwner +description: This article provides details on the Remove-EntraGroupOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraGroupOwner + +schema: 2.0.0 +--- + +# Remove-EntraGroupOwner + +## Synopsis + +Removes an owner from a group. + +## Syntax + +```powershell +Remove-EntraGroupOwner + -OwnerId + -GroupId + [] +``` + +## Description + +The `Remove-EntraGroupOwner` cmdlet removes an owner from a group in Microsoft Entra ID. Specify the `GroupId` and `OwnerId` parameters to remove an owner from a group. + +## Examples + +### Example 1: Remove an owner + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +Remove-EntraGroupOwner -GroupId $group.Id -OwnerId 'xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb' +``` + +This example demonstrates how to remove an owner from a group in Microsoft Entra ID. + +GroupId - Specifies the ID of a group in Microsoft Entra ID. + +- `OwnerId` specifies the ID of an owner. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of an owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related links + +[Add-EntraGroupOwner](Add-EntraGroupOwner.md) + +[Get-EntraGroupOwner](Get-EntraGroupOwner.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraIdentityProvider.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraIdentityProvider.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraIdentityProvider.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md new file mode 100644 index 0000000000..888872cd48 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup.md @@ -0,0 +1,117 @@ +--- +title: Remove-EntraLifecyclePolicyGroup +description: This article provides details on the Remove-EntraLifecyclePolicyGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraLifecyclePolicyGroup + +schema: 2.0.0 +--- + +# Remove-EntraLifecyclePolicyGroup + +## Synopsis + +Removes a group from a lifecycle policy. + +## Syntax + +```powershell +Remove-EntraLifecyclePolicyGroup + -GroupId + -GroupLifecyclePolicyId + [] +``` + +## Description + +The `Remove-EntraLifecyclePolicyGroup` cmdlet removes a group from a lifecycle policy in Microsoft Entra ID. + +## Examples + +### Example 1: Remove lifecycle policy group + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" +$policy = Get-EntraLifecyclePolicyGroup -Id $group.ObjectId +$params = @{ + GroupLifecyclePolicyId = $policy.Id + GroupId = $group.ObjectId +} +Remove-EntraLifecyclePolicyGroup @params +``` + +```Output +Value +----- +True +``` + +This example demonstrates how to remove a group from a lifecycle policy in Microsoft Entra ID with specified Id and groupId. + +- `-GroupLifecyclePolicyId` parameter specifies the lifecycle policy object ID. +- `-GroupId` parameter specifies the ID of Office365 group. + +## Parameters + +### -GroupId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of the lifecycle policy object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraLifecyclePolicyGroup](Get-EntraLifecyclePolicyGroup.md) + +[Add-EntraLifecyclePolicyGroup](Add-EntraLifecyclePolicyGroup.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraNamedLocationPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md new file mode 100644 index 0000000000..5b9cce4030 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant.md @@ -0,0 +1,84 @@ +--- +title: Remove-EntraOAuth2PermissionGrant +description: This article provides details on the Remove-EntraOAuth2PermissionGrant command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraOAuth2PermissionGrant + +schema: 2.0.0 +--- + +# Remove-EntraOAuth2PermissionGrant + +## Synopsis + +Removes an OAuth2PermissionGrant. + +## Syntax + +```powershell +Remove-EntraOAuth2PermissionGrant + -ObjectId + [] +``` + +## Description + +The `Remove-EntraOAuth2PermissionGrant` cmdlet removes an OAuth2PermissionGrant object in Microsoft Entra ID. + +When a delegated permission grant is deleted, the access it granted is revoked. Existing access tokens will continue to be valid for their lifetime, but new access tokens will not be granted for the delegated permissions identified in the deleted OAuth2PermissionGrant. + +## Examples + +### Example 1: Remove an OAuth2 permission grant + +```powershell +Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All' +$SharePointSP = Get-EntraServicePrincipal | Where-Object {$_.DisplayName -eq 'Microsoft.SharePoint'} +$SharePointOA2AllSitesRead = Get-EntraOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $SharePointSP.ObjectId} | Where-Object {$_.Scope -eq 'AllSites.Read'} +Remove-EntraOAuth2PermissionGrant -ObjectId $SharePointOA2AllSitesRead.ObjectId +``` + +This example shows how to remove an OAuth2PermissionGrant object in Microsoft Entra ID. + +## Parameters + +### -ObjectId + +Specifies the ID of an OAuth2PermissionGrant object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraOAuth2PermissionGrant](Get-EntraOAuth2PermissionGrant.md) + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPermissionGrantPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md new file mode 100644 index 0000000000..498ce84d81 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership.md @@ -0,0 +1,106 @@ +--- +title: Remove-EntraScopedRoleMembership +description: This article provides details on the Remove-EntraScopedRoleMembership command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraScopedRoleMembership + +schema: 2.0.0 +--- + +# Remove-EntraScopedRoleMembership + +## Synopsis + +Removes a scoped role membership. + +## Syntax + +```powershell +Remove-EntraScopedRoleMembership + -AdministrativeUnitId + -ScopedRoleMembershipId + [] +``` + +## Description + +The `Remove-EntraScopedRoleMembership` cmdlet removes a scoped role membership from Microsoft Entra ID. Specify `AdministrativeUnitId` and `ScopedRoleMembershipId` parameter to remove a scoped role membership. + +## Examples + +### Example 1: Remove a scoped role membership + +```powershell +Connect-Entra -Scopes 'RoleManagement.Read.Directory' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.AdministrativeUnitId + ScopedRoleMembershipId = 'dddddddddddd-bbbb-aaaa-bbbb-cccccccccccc' +} +Remove-EntraScopedRoleMembership @params +``` + +This cmdlet removes a specific scoped role membership from Microsoft Entra ID. You can use the command `Get-EntraAdministrativeUnit` to get administrative unit Id. + +- `-AdministrativeUnitId` parameter specifies the ID of an administrative unit. +- `-ScopedRoleMembershipId` parameter specifies the ID of the scoped role membership to remove. To obtain the details of a scoped role membership, you can use the `Get-EntraScopedRoleMembership` command. + +## Parameters + +### -AdministrativeUnitId + +Specifies the ID of an administrative unit object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ScopedRoleMembershipId + +Specifies the ID of the scoped role membership to remove. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraScopedRoleMembership](Add-EntraScopedRoleMembership.md) + +[Get-EntraScopedRoleMembership](Get-EntraScopedRoleMembership.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md new file mode 100644 index 0000000000..65cf9d1a54 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipal.md @@ -0,0 +1,86 @@ +--- +title: Remove-EntraServicePrincipal +description: This article provides details on the Remove-EntraServicePrincipal command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipal + +## Synopsis + +Removes a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipal + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipal` cmdlet removes a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Remove-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId +``` + +This example demonstrates how to remove a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipal](New-EntraServicePrincipal.md) + +[Set-EntraServicePrincipal](Set-EntraServicePrincipal.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md new file mode 100644 index 0000000000..333bf29a33 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment.md @@ -0,0 +1,117 @@ +--- +title: Remove-EntraServicePrincipalAppRoleAssignment +description: This article provides details on the Remove-EntraServicePrincipalAppRoleAssignment command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalAppRoleAssignment + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalAppRoleAssignment + +## Synopsis + +Removes a service principal application role assignment. + +## Syntax + +```powershell +Remove-EntraServicePrincipalAppRoleAssignment + -AppRoleAssignmentId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalAppRoleAssignment` cmdlet removes a service principal application role assignment in Microsoft Entra ID. + +App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. + +For delegated scenarios, the calling user needs at least one of the following Microsoft Entra roles. + +- Directory Synchronization Accounts +- Directory Writer +- Hybrid Identity Administrator +- Identity Governance Administrator +- Privileged Role Administrator +- User Administrator +- Application Administrator +- Cloud Application Administrator + +## Examples + +### Example 1: Removes a service principal application role assignment + +```powershell +Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId $servicePrincipal.Id -AppRoleAssignmentId '2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6' +``` + +This example demonstrates how to remove a service principal application role assignment in Microsoft Entra ID. + +- `-ServicePrincipalId` - specifies the unique identifier (Object ID) of the service principal or user from which you want to remove an app role assignment. +- `-AppRoleAssignmentId` - specifies the unique identifier (ID) of the app role assignment that you want to remove. The value `2bbbbbb2-3cc3-4dd4-5ee5-6ffffffffff6` represents the ID of the specific app role assignment to be removed. + +## Parameters + +### -AppRoleAssignmentId + +Specifies the ID of the application role assignment. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +`Remove-EntraServiceAppRoleAssignment` is an alias for `Remove-EntraServicePrincipalAppRoleAssignment`. + +## Related Links + +[Get-EntraServicePrincipalAppRoleAssignment](Get-EntraServicePrincipalAppRoleAssignment.md) + +[New-EntraServicePrincipalAppRoleAssignment](New-EntraServicePrincipalAppRoleAssignment.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md new file mode 100644 index 0000000000..6f2490f9fd --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.md @@ -0,0 +1,105 @@ +--- +title: Remove-EntraServicePrincipalDelegatedPermissionClassification +description: This article provides details on the Remove-EntraServicePrincipalDelegatedPermissionClassification command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalDelegatedPermissionClassification + +## Synopsis + +Remove delegated permission classification. + +## Syntax + +```powershell +Remove-EntraServicePrincipalDelegatedPermissionClassification + -ServicePrincipalId + -Id + [] +``` + +## Description + +The `Remove-EntraServicePrincipalDelegatedPermissionClassification` cmdlet deletes the given delegated permission classification by Id from service principal. + +## Examples + +### Example 1: Remove a delegated permission classification + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.PermissionGrant' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + Id = 'aaaa0000-bb11-2222-33cc-444444dddddd' +} +Remove-EntraServicePrincipalDelegatedPermissionClassification @params +``` + +This command deletes the delegated permission classification by Id from the service principal. + +- `-ServicePrincipalId` parameter specifies the unique identifier of a service principal. +- `-Id` parameter specifies the unique identifier of a delegated permission classification object Id. + +## Parameters + +### -ServicePrincipalId + +The unique identifier of a service principal object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Id + +The unique identifier of a delegated permission classification object Id. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalDelegatedPermissionClassification](Get-EntraServicePrincipalDelegatedPermissionClassification.md) + +[Add-EntraServicePrincipalDelegatedPermissionClassification](Add-EntraServicePrincipalDelegatedPermissionClassification.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md new file mode 100644 index 0000000000..18477f4493 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraServicePrincipalKeyCredential +description: This article provides details on the Remove-EntraServicePrincipalKeyCredential command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalKeyCredential + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalKeyCredential + +## Synopsis + +Removes a key credential from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalKeyCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The Remove-EntraServicePrincipalKeyCredential cmdlet removes a key credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a key credential + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' #Delegated Permission +Connect-Entra -Scopes 'Application.ReadWrite.OwnedBy' #Application Permission +$SPObjectID = (Get-EntraServicePrincipal -SearchString 'Entra Multi-Factor Auth Client').ObjectID +Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $SPObjectID +Remove-EntraServicePrincipalKeyCredential -ServicePrincipalId $SPObjectID -KeyId +``` + +This example demonstrates how to remove a key credential from a service principal in Microsoft Entra ID. + +- First command stores the ObjectID of your service principal in the $SPObjectID variable. +- The second command gets all the Key Credentials for the service principal. Copy the preferred KeyID associated with the certificate to be removed and paste it at the in the third command. +- The last command removes the certificate (key credential) from the service principal configuration. + +## Parameters + +### -KeyId + +Specifies the ID of a key credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalKeyCredential](Get-EntraServicePrincipalKeyCredential.md) + +[New-EntraServicePrincipalKeyCredential](New-EntraServicePrincipalKeyCredential.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md new file mode 100644 index 0000000000..685585aa07 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner.md @@ -0,0 +1,107 @@ +--- +title: Remove-EntraServicePrincipalOwner +description: This article provides details on the Remove-EntraServicePrincipalOwner command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalOwner + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalOwner + +## Synopsis + +Removes an owner from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalOwner + -OwnerId + -ServicePrincipalId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalOwner` cmdlet removes an owner from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Removes an owner from a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$owner = Get-EntraUser -UserId 'SawyerM@contoso.com' + +$params= @{ + ServicePrincipalId = $servicePrincipal.Id + OwnerId = $owner.Id +} +Remove-EntraServicePrincipalOwner @params +``` + +This example demonstrates how to remove an owner from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the service principal Id. +- `-OwnerId` parameter specifies the service principal owner Id. + +## Parameters + +### -ServicePrincipalId + +Specifies the ID of a service principal. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OwnerId + +Specifies the ID of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Add-EntraServicePrincipalOwner](Add-EntraServicePrincipalOwner.md) + +[Get-EntraServicePrincipalOwner](Get-EntraServicePrincipalOwner.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md new file mode 100644 index 0000000000..6706517f45 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential.md @@ -0,0 +1,104 @@ +--- +title: Remove-EntraServicePrincipalPasswordCredential +description: This article provides details on the Remove-EntraServicePrincipalPasswordCredential command. + +ms.topic: reference +ms.date: 08/20/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Remove-EntraServicePrincipalPasswordCredential + +schema: 2.0.0 +--- + +# Remove-EntraServicePrincipalPasswordCredential + +## Synopsis + +Removes a password credential from a service principal. + +## Syntax + +```powershell +Remove-EntraServicePrincipalPasswordCredential + -ServicePrincipalId + -KeyId + [] +``` + +## Description + +The `Remove-EntraServicePrincipalPasswordCredential` cmdlet removes a password credential from a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Remove a password credential from a service principal in Microsoft Entra ID + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$Params = @{ + ServicePrincipalId = $ServicePrincipal.ObjectId + KeyId = 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' +} +Remove-EntraServicePrincipalPasswordCredential @Params +``` + +This example demonstrates how to remove a password credential from a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ServicePrincipalId of a specified Service Principal Password Credential. +- `-KeyId` parameter specifies the unique identifier of a Password Credential. + +## Parameters + +### -KeyId + +Specifies the unique identifier of password credential. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipalPasswordCredential](Get-EntraServicePrincipalPasswordCredential.md) + +[New-EntraServicePrincipalPasswordCredential](New-EntraServicePrincipalPasswordCredential.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUser.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserAppRoleAssignment.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserAppRoleAssignment.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserAppRoleAssignment.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserAppRoleAssignment.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserExtension.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserExtension.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserExtension.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserExtension.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserManager.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserManager.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserManager.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Remove-EntraUserManager.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md new file mode 100644 index 0000000000..b8aeaa6a36 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup.md @@ -0,0 +1,84 @@ +--- +title: Reset-EntraLifeCycleGroup +description: This article provides details on the Reset-EntraLifeCycleGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Reset-EntraLifeCycleGroup + +schema: 2.0.0 +--- + +# Reset-EntraLifeCycleGroup + +## Synopsis + +Renews a group by updating the RenewedDateTime property on a group to the current DateTime. + +## Syntax + +```powershell +Reset-EntraLifeCycleGroup + -Id + [] +``` + +## Description + +The `Reset-EntraLifeCycleGroup` renews a group by updating the RenewedDateTime property on a group to the current DateTime. +When a group is renewed, the group expiration is extended by the number of days defined in the policy. + +## Examples + +### Example 1: Renew a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +Reset-EntraLifeCycleGroup -Id 'hhhhhhhh-8888-9999-8888-cccccccccccc' +``` + +This example demonstrates how to renew a specified group. + +- `-Id` - Specifies the lifecycle policy object ID. + +## Parameters + +### -Id + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### None + +## Outputs + +### System.Object + +## Notes + +## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraStrongAuthenticationMethodByUpn.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraStrongAuthenticationMethodByUpn.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraStrongAuthenticationMethodByUpn.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Reset-EntraStrongAuthenticationMethodByUpn.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md new file mode 100644 index 0000000000..a3c04f906a --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedApplication.md @@ -0,0 +1,127 @@ +--- +title: Restore-EntraDeletedApplication +description: This article provides details on the Restore-EntraDeletedApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Restore-EntraDeletedApplication + +schema: 2.0.0 +--- + +# Restore-EntraDeletedApplication + +## Synopsis + +Restores a previously deleted application. + +## Syntax + +```powershell +Restore-EntraDeletedApplication + [-IdentifierUris ] + -ObjectId + [] +``` + +## Description + +This cmdlet restores a previously deleted application. + +Restoring an application doesn't restore the associated service principal automatically. You must explicitly restore the deleted service principal. + +For delegated scenarios, the calling user needs to have at least one of the following Microsoft Entra roles. + +- Application Administrator +- Cloud Application Administrator +- Hybrid Identity Administrator + +## Examples + +### Example 1: Restores a previously deleted application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -SearchString 'New Entra Application' + +# Delete a specific application +Remove-EntraApplication -ObjectId $application.ObjectId + +# Confirm deleted application +Get-EntraDeletedApplication -Filter "DisplayName eq 'New Entra Application'" + +# Restore a deleted application +Restore-EntraDeletedApplication -ObjectId $application.ObjectId +``` + +```Output +Id DeletedDateTime +-- --------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa +``` + +This example shows how an application is deleted, then the deleted application is retrieved using the `Get-EntraDeletedApplication` cmdlet, and subsequently the application is restored by specifying the application's Object ID in the `Restore-EntraDeletedApplication` cmdlet. + +- `-ObjectId` parameter specifies the ObjectId of the deleted application that is to be restored. + +## Parameters + +### -IdentifierUris + +The IdentifierUris of the application that is to be restored. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ObjectId + +The ObjectId of the deleted application that is to be restored. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Remove-EntraDeletedApplication](Remove-EntraDeletedApplication.md) + +[Get-EntraDeletedApplication](Get-EntraDeletedApplication.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedDirectoryObject.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedDirectoryObject.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedDirectoryObject.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Restore-EntraDeletedDirectoryObject.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraSignedInUserAllRefreshToken.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraSignedInUserAllRefreshToken.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraSignedInUserAllRefreshToken.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraSignedInUserAllRefreshToken.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraUserAllRefreshToken.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraUserAllRefreshToken.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraUserAllRefreshToken.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Revoke-EntraUserAllRefreshToken.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md new file mode 100644 index 0000000000..80f5ee8ca8 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf.md @@ -0,0 +1,99 @@ +--- +title: Select-EntraGroupIdsContactIsMemberOf +description: This article provides details on the Select-EntraGroupIdsContactIsMemberOf command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsContactIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsContactIsMemberOf + +## Synopsis + +Get groups in which a contact is a member. + +## Syntax + +```powershell +Select-EntraGroupIdsContactIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsContactIsMemberOf` cmdlet gets groups in Microsoft Entra ID in which a contact is a member. + +## Examples + +### Example 1: Get groups in which a contact is a member + +```powershell +Connect-Entra -Scopes 'OrgContact.Read.All,Group.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraGroup -Filter "DisplayName eq 'Entra PowerShell Group'").ObjectId +$UserID = (Get-EntraContact -ObjectId 'hhhhhhhh-8888-9999-8888-cccccccccccc').ObjectId +Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups +``` + +This example demonstrates how to get groups in which a contact is a member. + +- `-ObjectId` parameter specifies the contact Object ID. +- `-GroupIdsForMembershipCheck` parameter specifies the group Object ID. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the object ID of a contact in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md new file mode 100644 index 0000000000..f0eabc7873 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf.md @@ -0,0 +1,101 @@ +--- +title: Select-EntraGroupIdsGroupIsMemberOf +description: This article provides details on the Select-EntraGroupIdsGroupIsMemberOf command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsGroupIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsGroupIsMemberOf + +## Synopsis + +Gets group IDs that a group is a member of. + +## Syntax + +```powershell +Select-EntraGroupIdsGroupIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsGroupIsMemberOf` cmdlet gets the groups that a specified group is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a group + +```powershell +Connect-Entra -Scopes 'GroupMember.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraGroup -Top 1).ObjectId +$GroupId = (Get-EntraGroup -Top 1).ObjectId +Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupId -GroupIdsForMembershipCheck $Groups +``` + +This example gets the group membership of a group identified by $GroupId. Use `Get-EntraGroup` cmdlet to obtain group `ObjectId` value. + +- `-ObjectId` parameter specifies the group ID. +- `-GroupIdsForMembershipCheck` Specifies an array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a group in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md new file mode 100644 index 0000000000..570791b14e --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.md @@ -0,0 +1,110 @@ +--- +title: Select-EntraGroupIdsServicePrincipalIsMemberOf +description: This article provides details on the Select-EntraGroupIdsServicePrincipalIsMemberOf command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsServicePrincipalIsMemberOf + +## Synopsis + +Selects the groups in which a service principal is a member. + +## Syntax + +```powershell +Select-EntraGroupIdsServicePrincipalIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsServicePrincipalIsMemberOf` cmdlet selects the groups in which a service principal is a member in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a service principal + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = (Get-EntraGroup -Top 10).ObjectId +$ServicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq ''" +$params = @{ + ObjectId = $ServicePrincipal.ObjectId + GroupIdsForMembershipCheck = $Groups +} +Select-EntraGroupIdsServicePrincipalIsMemberOf @params +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This command gets the group membership of a group for a specified service principal. +You can use the command `Get-EntraGroup` to get group Id. +You can use the command `Get-EntraServicePrincipal` to get service principal Id. + +- `-ObjectId` parameter specifies the service principal Id. +- `-GroupIdsForMembershipCheck` parameter specifies the array of group object IDs. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md new file mode 100644 index 0000000000..d5cb471ca8 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf.md @@ -0,0 +1,110 @@ +--- +title: Select-EntraGroupIdsUserIsMemberOf +description: This article provides details on the Select-EntraGroupIdsUserIsMemberOf command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Select-EntraGroupIdsUserIsMemberOf + +schema: 2.0.0 +--- + +# Select-EntraGroupIdsUserIsMemberOf + +## Synopsis + +Selects the groups that a user is a member of. + +## Syntax + +```powershell +Select-EntraGroupIdsUserIsMemberOf + -ObjectId + -GroupIdsForMembershipCheck + [] +``` + +## Description + +The `Select-EntraGroupIdsUserIsMemberOf` cmdlet selects the groups that a user is a member of in Microsoft Entra ID. + +## Examples + +### Example 1: Get the group membership of a group for a user + +```powershell +Connect-Entra -Scopes 'Application.Read.All' +$myGroup = Get-EntraGroup -Filter "DisplayName eq ''" +$UserId = 'SawyerM@contoso.com' +$Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck +$Groups.GroupIds = $myGroup.ObjectId +$Params = @{ + ObjectId = $UserId + GroupIdsForMembershipCheck = $Groups +} +Select-EntraGroupIdsUserIsMemberOf @Params +``` + +```Output +aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb +``` + +This example retrieves the group membership of a group for a user. + +- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId). +- `-GroupIdsForMembershipCheck` parameter specifies the group Object Ids. + +## Parameters + +### -GroupIdsForMembershipCheck + +Specifies an array of group object IDs. + +```yaml +Type: GroupIdsForMembershipCheck +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ObjectId + +Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraGroup](Get-EntraGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md new file mode 100644 index 0000000000..9087e6ebfb --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit.md @@ -0,0 +1,145 @@ +--- +title: Set-EntraAdministrativeUnit +description: This article provides details on the Set-EntraAdministrativeUnit command. + +ms.topic: reference +ms.date: 06/19/2023 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraAdministrativeUnit + +schema: 2.0.0 +--- + +# Set-EntraAdministrativeUnit + +## Synopsis + +Updates an administrative unit. + +## Syntax + +```powershell +Set-EntraAdministrativeUnit + -AdministrativeUnitId + [-Description ] + [-DisplayName ] + [] +``` + +## Description + +The `Set-EntraAdministrativeUnit` cmdlet updates an administrative unit in Microsoft Entra ID. Specify `AdministrativeUnitId` parameter to update a specific administrative unit. + +In delegated scenarios, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with the `microsoft.directory/administrativeUnits/allProperties/allTasks` permission. + +The Privileged Role Administrator is the least privileged role required for this operation. + +## Examples + +### Example 1: Update DisplayName + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + DisplayName = 'UpdatedAU' +} +Set-EntraAdministrativeUnit @params +``` + +This Command update DisplayName of specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-DisplayName` parameter specifies the display name for the administrative unit. + +### Example 2: Update Description + +```powershell +Connect-Entra -Scopes 'AdministrativeUnit.ReadWrite.All' +$AdministrativeUnit = Get-EntraAdministrativeUnit -Filter "DisplayName eq ''" +$params = @{ + AdministrativeUnitId = $AdministrativeUnit.ObjectId + Description = 'Updated AU Description' +} +Set-EntraAdministrativeUnit @params +``` + +This example shows how to update the description of a specific administrative unit. + +- `-AdministrativeUnitId` parameter specifies the Id of an administrative unit. +- `-Description` parameter specifies the description for the administrative unit. + +## Parameters + +### -Description + +Specifies a description. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AdministrativeUnitId + +Specifies the Id of an administrative unit in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraAdministrativeUnit](Get-EntraAdministrativeUnit.md) + +[New-EntraAdministrativeUnit](New-EntraAdministrativeUnit.md) + +[Remove-EntraAdministrativeUnit](Remove-EntraAdministrativeUnit.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md new file mode 100644 index 0000000000..a79faa2c1f --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplication.md @@ -0,0 +1,496 @@ +--- +title: Set-EntraApplication +description: This article provides details on the Set-EntraApplication command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplication + +schema: 2.0.0 +--- + +# Set-EntraApplication + +## Synopsis + +Updates the properties of an application object. + +## Syntax + +```powershell +Set-EntraApplication + -ApplicationId + [-PasswordCredentials ] + [-TokenEncryptionKeyId ] + [-SignInAudience ] + [-KeyCredentials ] + [-ParentalControlSettings ] + [-IdentifierUris ] + [-AppRoles ] + [-PublicClient ] + [-InformationalUrl ] + [-Tags ] + [-Api ] + [-OptionalClaims ] + [-GroupMembershipClaims ] + [-Web ] + [-DisplayName ] + [-IsFallbackPublicClient ] + [-IsDeviceOnlyAuthSupported ] + [-RequiredResourceAccess ] + [] +``` + +## Description + +Updates the properties of an application object. + +## Examples + +### Example 1: Update an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + DisplayName = 'New Demo Application' +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 2: Update an application using IdentifierUris parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + IdentifierUris = 'https://mynewapp.contoso.com' +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 3: Update an application using GroupMembershipClaims parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + GroupMembershipClaims = 'SecurityGroup' +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 4: Update an application using IsDeviceOnlyAuthSupported parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + IsDeviceOnlyAuthSupported = $false +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +### Example 5: Update an application using Tags parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$application = Get-EntraApplication -Filter "DisplayName eq 'Original Demo Application'" +$params = @{ + ApplicationId = $application.ObjectId + Tags = 'mytag' +} +Set-EntraApplication @params +``` + +This command updates an application in Microsoft Entra ID. + +## Parameters + +### -Api + +Specifies settings for an application that implements a web API. + +```yaml +Type: ApiApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoles + +The collection of application roles that an application might declare. + +These roles can be assigned to users, groups, or service principals. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupMembershipClaims + +Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IdentifierUris + +Specifies identifier Uniform Resource Identifiers (URIs). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -InformationalUrl + +Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. + +The terms of service and privacy statement are surfaced to users through the user consent experience. + +```yaml +Type: InformationalUrl +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsDeviceOnlyAuthSupported + +Specifies if the application supports authentication using a device token. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsFallbackPublicClient + +Specifies the fallback application type as public client, such as an installed application running on a mobile device. + +The default value is `false` that means the fallback application type is confidential client such as web app. + +There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI). + +In those cases Microsoft Entra ID interprets the application type based on the value of this property. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ApplicationId + +Specifies the ID of an application in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -OptionalClaims + +Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service. + +```yaml +Type: OptionalClaims +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ParentalControlSettings + +Specifies parental control settings for an application. + +```yaml +Type: ParentalControlSettings +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PublicClient + +Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is `false`. + +```yaml +Type: PublicClientApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RequiredResourceAccess + +Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. + +This pre-configuration of required resource access drives the consent experience. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SignInAudience + +Specifies what Microsoft accounts are supported for the current application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Custom strings that can be used to categorize and identify the application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TokenEncryptionKeyId + +Specifies the keyId of a public key from the keyCredentials collection. + +When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. + +The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Web + +Specifies settings for a web application. + +```yaml +Type: WebApplication +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### Boolean + +### Microsoft.Open.MSGraph.Model.ApiApplication + +### Microsoft.Open.MSGraph.Model.InformationalUrl + +### Microsoft.Open.MSGraph.Model.OptionalClaims + +### Microsoft.Open.MSGraph.Model.ParentalControlSettings + +### Microsoft.Open.MSGraph.Model.PublicClientApplication + +### Microsoft.Open.MSGraph.Model.WebApplication + +### String + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] + +### System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] + +### System.Collections.Generic.List`1[System.String] + +### System.Nullable`1[System.Boolean] + +## Outputs + +## Notes + +## Related Links + +[Get-EntraApplication](Get-EntraApplication.md) + +[New-EntraApplication](New-EntraApplication.md) + +[Remove-EntraApplication](Remove-EntraApplication.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md new file mode 100644 index 0000000000..a029dc0470 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationLogo.md @@ -0,0 +1,126 @@ +--- +title: Set-EntraApplicationLogo +description: This article provides details on the Set-EntraApplicationLogo command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplicationLogo + +schema: 2.0.0 +--- + +# Set-EntraApplicationLogo + +## Synopsis + +Sets the logo for an Application + +## Syntax + +### File (Default) + +```powershell +Set-EntraApplicationLogo + -ApplicationId + -FilePath + [] +``` + +### Stream + +```powershell +Set-EntraApplicationLogo + -ApplicationId + [] +``` + +### ByteArray + +```powershell +Set-EntraApplicationLogo + -ApplicationId + [] +``` + +## Description + +The `Set-EntraApplicationLogo` cmdlet is used to set the logo for an application. + +## Examples + +### Example 1: Sets the application logo for the application specified by the ApplicationId parameter + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$application = Get-EntraApplication -Filter "DisplayName eq 'Demo Application'" +$params = @{ + ObjectId = $application.ObjectId + FilePath = 'D:\applogo.jpg' +} +Set-EntraApplicationLogo @params +``` + +This cmdlet sets the application logo for the application specified by the `-ApplicationId` parameter to the image specified with the `-FilePath` parameter. + +## Parameters + +### -FilePath + +The file path of the file that is to be uploaded as the application logo. + +```yamlset-EntraApplicationLogo +Type: System.String +Parameter Sets: File +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ApplicationId + +The ApplicationId of the Application for which the logo is set. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +System.IO.Stream System.Byte\[\] + +## Outputs + +### System.Object + +## Notes + +File uploads must be smaller than 500KB. + +## Related Links + +[Get-EntraApplicationLogo](Get-EntraApplicationLogo.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md new file mode 100644 index 0000000000..722021d35c --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher.md @@ -0,0 +1,111 @@ +--- +title: Set-EntraApplicationVerifiedPublisher +description: This article provides details on the Set-EntraApplicationVerifiedPublisher command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraApplicationVerifiedPublisher + +schema: 2.0.0 +--- + +# Set-EntraApplicationVerifiedPublisher + +## Synopsis + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Syntax + +```powershell +Set-EntraApplicationVerifiedPublisher + -AppObjectId + -SetVerifiedPublisherRequest + [] +``` + +## Description + +Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. + +## Examples + +### Example 1: Set the verified publisher of an application + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All' +$app = Get-EntraApplication -Filter "DisplayName eq ''" +$appObjId = $app.ObjectId +$mpnId = '0433167' +$req = @{verifiedPublisherId = $mpnId} +$params = @{ + AppObjectId = $appObjId + SetVerifiedPublisherRequest = $req +} +Set-EntraApplicationVerifiedPublisher @params +``` + +This command sets the verified publisher of an application. + +The Microsoft Partner Network ID (MPNID) of the verified publisher can be obtained from the publisher's Partner Center account. + +- `-AppObjectId` parameter specifies the unique identifier of a Microsoft Entra ID Application. +- `-SetVerifiedPublisherRequest` parameter specifies the request body object containing the verifiedPublisherId property with it's the MPNID value. + +## Parameters + +### -AppObjectId + +The unique identifier of a Microsoft Entra ID Application object. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -SetVerifiedPublisherRequest + +A request body object containing the verifiedPublisherId property it's the MPNID value. + +```yaml +Type: SetVerifiedPublisherRequest +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### String + +## Outputs + +## Notes + +## Related Links + +[Remove-EntraApplicationVerifiedPublisher](Remove-EntraApplicationVerifiedPublisher.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAttributeSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAttributeSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAttributeSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAttributeSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAuthorizationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAuthorizationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAuthorizationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraAuthorizationPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraConditionalAccessPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraConditionalAccessPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraConditionalAccessPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraConditionalAccessPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDevice.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDevice.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDevice.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDevice.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncConfiguration.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncConfiguration.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncConfiguration.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncConfiguration.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncEnabled.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncEnabled.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncEnabled.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncEnabled.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncFeature.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncFeature.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncFeature.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirSyncFeature.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirectoryRoleDefinition.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirectoryRoleDefinition.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirectoryRoleDefinition.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDirectoryRoleDefinition.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomain.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomain.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomain.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomain.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomainFederationSettings.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomainFederationSettings.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomainFederationSettings.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraDomainFederationSettings.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraFeatureRolloutPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraFeatureRolloutPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraFeatureRolloutPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraFeatureRolloutPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md new file mode 100644 index 0000000000..1886cefa89 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md @@ -0,0 +1,313 @@ +--- +title: Set-EntraGroup +description: This article provides details on the Set-EntraGroup command. + + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraGroup + +schema: 2.0.0 +--- + +# Set-EntraGroup + +## Synopsis + +Sets the properties for an existing Microsoft Entra ID group. + +## Syntax + +```powershell +Set-EntraGroup + -GroupId + [-DisplayName ] + [-GroupTypes ] + [-SecurityEnabled ] + [-Description ] + [-MailEnabled ] + [-MailNickname ] + [-Visibility ] + [-IsAssignableToRole ] + [] +``` + +## Description + +The `Set-EntraGroup` cmdlet sets the properties for an existing Microsoft Entra ID group. Specify the `GroupId` parameter to set the properties for an existing Microsoft Entra ID group. + +## Examples + +### Example 1: Update a group display name + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + DisplayName = 'UPDATE HelpDesk Team Leaders' +} +Set-EntraGroup @params +``` + +This command updates the display name of a specified group in Microsoft Entra ID. + +### Example 2: Update a group description + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + Description = 'This is my new group' +} +Set-EntraGroup @params +``` + +This example demonstrates how to update a group description. + +### Example 3: Update a group mail nickname + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MailNickName = 'newnickname' +} +Set-EntraGroup @params +``` + +This command updates the mail nickname of a specified group in Microsoft Entra ID. + +### Example 4: Update a group security enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + SecurityEnabled = $true +} +Set-EntraGroup @params +``` + +This command updates the security enabled of a specified group in Microsoft Entra ID. + +### Example 5: Update a group mail enabled + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + MailEnabled = $false +} +Set-EntraGroup @params +``` + +This example demonstrates how to update a group main enabled. + +### Example 6: Update a property for a group + +```powershell +Connect-Entra -Scopes 'Group.ReadWrite.All' +$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" +$params = @{ + GroupId = $group.ObjectId + Visibility = 'Private' + GroupTypes = 'DynamicMembership' + IsAssignableToRole = $true +} +Set-EntraGroup @params +``` + +This example demonstrates how to update a property for an existing Microsoft Entra ID group. + +## Parameters + +### -Description + +Specifies a description for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies a display name for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupTypes + +Specifies that the group is a dynamic group. +To create a dynamic group, specify a value of DynamicMembership. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupId + +Specifies the object ID of a group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -MailEnabled + +Indicates whether this group is mail enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -MailNickname + +Specifies a mail nickname for the group. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SecurityEnabled + +Indicates whether the group is security enabled. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Visibility + +Specifies the visibility of the group's content and members list. +This parameter can take one of the following values: + +* "Public": Anyone can view the contents of the group. +* "Private": Only members can view the content of the group. +* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group. + +If no value is provided, the default value is "Public." + +Notes: + +* This parameter is only valid for groups that have the groupType set to "Unified." +* If a group has this attribute set to "HiddenMembership," it can't be changed later. +* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsAssignableToRole + +This property can only be set at the time of group creation and can't be modified on an existing group. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related links + +[Get-EntraGroup](Get-EntraGroup.md) + +[New-EntraGroup](New-EntraGroup.md) + +[Remove-EntraGroup](Remove-EntraGroup.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md new file mode 100644 index 0000000000..df8b9a3a99 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy.md @@ -0,0 +1,160 @@ +--- +title: Set-EntraGroupLifecyclePolicy +description: This article provides details on the Set-EntraGroupLifecyclePolicy command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraGroupLifecyclePolicy + +schema: 2.0.0 +--- + +# Set-EntraGroupLifecyclePolicy + +## Synopsis + +Updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Syntax + +```powershell +Set-EntraGroupLifecyclePolicy + -GroupLifecyclePolicyId + [-AlternateNotificationEmails ] + [-GroupLifetimeInDays ] + [-ManagedGroupTypes ] + [] +``` + +## Description + +The `Set-EntraGroupLifecyclePolicy` command updates a specific group Lifecycle Policy in Microsoft Entra ID. + +## Examples + +### Example 1: Updates group lifecycle policy + +```powershell +Connect-Entra -Scopes 'Directory.ReadWrite.All' +$policy = Get-EntraGroupLifecyclePolicy | Select-Object -First 1 +$params = @{ + GroupLifecyclePolicyId = $policy.Id + GroupLifetimeInDays = 200 + AlternateNotificationEmails = 'example@contoso.com' + ManagedGroupTypes = 'All' +} +Set-EntraGroupLifecyclePolicy @params +``` + +```Output +Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes +-- --------------------------- ------------------- ----------------- +ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 All +``` + +This example updates the specified groupLifecyclePolicy in Microsoft Entra ID. + +- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy to be modified. +- `-GroupLifetimeInDays` parameter specifies the lifetime of the groups in the policy to 200 days. The GroupLifetimeInDays represents the number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the number of days defined. +- `-AlternateNotificationEmails` parameter specifies the email address that receives notifications about the policy. Multiple email address can be defined by separating email address with a semicolon. +- `-ManagedGroupTypes` parameter specifies which office 365 groups the policy applies to. Possible values are `All`, `Selected`, or `None`. +In this case, 'All' suggests that the policy manages all types of groups. + +## Parameters + +### -AlternateNotificationEmails + +Notification emails for groups that have no owners are sent to these email addresses. +List of email addresses separated by a ";". + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifetimeInDays + +The number of days a group can exist before it needs to be renewed. + +```yaml +Type: System.Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -GroupLifecyclePolicyId + +Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: Id + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -ManagedGroupTypes + +Allows the admin to select which office 365 groups the policy applies to. + +- "None" will create the policy in a disabled state. +- "All" will apply the policy to every Office 365 group in the tenant. +- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +### System.String + +## Outputs + +### System.Object + +## Notes + +## Related Links + +[Get-EntraGroupLifecyclePolicy](Get-EntraGroupLifecyclePolicy.md) + +[New-EntraGroupLifecyclePolicy](New-EntraGroupLifecyclePolicy.md) + +[Remove-EntraGroupLifecyclePolicy](Remove-EntraGroupLifecyclePolicy.md) \ No newline at end of file diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraIdentityProvider.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraIdentityProvider.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraIdentityProvider.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraIdentityProvider.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraNamedLocationPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraNamedLocationPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraNamedLocationPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraNamedLocationPolicy.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPartnerInformation.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPartnerInformation.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPartnerInformation.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPartnerInformation.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantConditionSet.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantConditionSet.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantConditionSet.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantConditionSet.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantPolicy.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantPolicy.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPermissionGrantPolicy.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md new file mode 100644 index 0000000000..6f386abee5 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraPolicy.md @@ -0,0 +1,211 @@ +--- +title: Set-EntraPolicy +description: This article provides details on the Set-EntraPolicy command. + +ms.topic: reference +ms.date: 07/22/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraPolicy +schema: 2.0.0 +--- + +# Set-EntraPolicy + +## Synopsis + +Updates a policy. + +## Syntax + +```powershell +Set-EntraPolicy + -Id + [-Definition ] + [-DisplayName ] + [-Type ] + [-IsOrganizationDefault ] + [] +``` + +## Description + +The `Set-EntraPolicy` cmdlet sets a policy in Microsoft Entra ID. Specify `Id` parameter to updates specific policy. + +## Examples + +### Example 1: Update a policy display name + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + DisplayName = 'NewUpdated' +} +Set-EntraPolicy @params +``` + +This command updates display name of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `DisplayName` specifies the display name. + +### Example 2: Update a policy definition + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') +} +Set-EntraPolicy @params +``` + +This command updates definition of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `Definition` specifies the array of stringified JSON that contains all the rules of the policy. +In this example, `@('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')` represents definition of the activityBasedTimeoutPolicy. + +### Example 3: Update a policy organization default + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + IsOrganizationDefault = $false +} +Set-EntraPolicy @params +``` + +This command updates organization default of the specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-IsOrganizationDefault` If true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false. + +### Example 4: Update policy type + +```powershell +Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration' +$params = @{ + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + Type = 'ActivityBasedTimeoutPolicy' +} +Set-EntraPolicy @params +``` + +This example demonstrates how to update the `type` property of a specified policy in Microsoft Entra ID. + +- `-Id` specifies the ID of the policy for which you want to set values. + +- `-Type` specifies the type of policy. In this example, `ActivityBasedTimeoutPolicy` represents the type of policy. + +## Parameters + +### -Definition + +Specifies the array of stringified JSON that contains all the rules of the policy. +For example -Definition @('{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}'). + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IsOrganizationDefault + +True if this policy is the organizational default. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Type + +Specifies the type of policy. +For token lifetimes, use "TokenLifetimePolicy." + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Id + +The ID of the policy for which you want to set values. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraPolicy](Get-EntraPolicy.md) + +[New-EntraPolicy](New-EntraPolicy.md) + +[Remove-EntraPolicy](Remove-EntraPolicy.md) diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md new file mode 100644 index 0000000000..b2dd1e4636 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraServicePrincipal.md @@ -0,0 +1,440 @@ +--- +title: Set-EntraServicePrincipal +description: This article provides details on the Set-EntraServicePrincipal command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraServicePrincipal + +schema: 2.0.0 +--- + +# Set-EntraServicePrincipal + +## Synopsis + +Updates a service principal. + +## Syntax + +```powershell +Set-EntraServicePrincipal + -ServicePrincipalId + [-KeyCredentials ] + [-Homepage ] + [-AppId ] + [-LogoutUrl ] + [-ServicePrincipalType ] + [-AlternativeNames ] + [-PasswordCredentials ] + [-PreferredSingleSignOnMode ] + [-Tags ] + [-AccountEnabled ] + [-ServicePrincipalNames ] + [-AppRoleAssignmentRequired ] + [-DisplayName ] + [-ReplyUrls ] + [] +``` + +## Description + +The `Set-EntraServicePrincipal` cmdlet updates a service principal in Microsoft Entra ID. + +## Examples + +### Example 1: Disable the account of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AccountEnabled = $False +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update `AccountEnabled` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AccountEnabled` parameter specifies indicates whether the account is enabled. + +### Example 2: Update AppId and Homepage of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AppId = '22223333-cccc-4444-dddd-5555eeee6666' + Homepage = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update `AppId` and Homepage of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-AppId` parameter specifies the application ID. +- `-Homepage` parameter specifies the home page or landing page of the application. + +### Example 3: Update AlternativeNames and DisplayName of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + AlternativeNames = 'Service Principal Demo' + DisplayName = 'NewName' +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update AlternativeNames and DisplayName of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. + +### Example 4: Update LogoutUrl and ReplyUrls of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + LogoutUrl = 'https://securescore.office.com/SignOut' + ReplyUrls = 'https://admin.contoso.com' +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update LogoutUrl and ReplyUrls of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-LogoutUrl` parameter specifies the sign out URL. +- `-ReplyUrls` parameter specifies the URLs that user tokens are sent to for sign in with the associated application. + +### Example 5: Update ServicePrincipalType and AppRoleAssignmentRequired of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + ServicePrincipalType = 'Application' + AppRoleAssignmentRequired = $True +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update `ServicePrincipalType` and `AppRoleAssignmentRequired` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-ServicePrincipalType` parameter specifies the service principal type. +- `-AppRoleAssignmentRequired` parameter specifies indicates whether an application role assignment is required. + +### Example 6: Update KeyCredentials of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential +$creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes('Test') +$startdate = Get-Date -Year 2024 -Month 10 -Day 10 +$creds.StartDate = $startdate +$creds.Type = 'Symmetric' +$creds.Usage = 'Sign' +$creds.Value = [System.Text.Encoding]::UTF8.GetBytes('A') +$creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 +Set-EntraServicePrincipal -ServicePrincipalId $servicePrincipal.ObjectId -KeyCredentials $creds +``` + +This example demonstrates how to update KeyCredentials of a service principal in Microsoft Entra ID. + +Use the `New-EntraServicePrincipalPasswordCredential` and `Remove-EntraServicePrincipalPasswordCredential` cmdlets to update the password or secret for a servicePrincipal. + +### Example 7: Update PreferredSingleSignOnMode of a service principal + +```powershell +Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy' +$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Entra PowerShell Service Principal'" +$params = @{ + ServicePrincipalId = $servicePrincipal.ObjectId + PreferredSingleSignOnMode = 'saml' +} +Set-EntraServicePrincipal @params +``` + +This example demonstrates how to update `PreferredSingleSignOnMode` of a service principal in Microsoft Entra ID. + +- `-ServicePrincipalId` parameter specifies the ID of a service principal. +- `-PreferredSingleSignOnMode` parameter specifies the single sign-on mode configured for this application. + +## Parameters + +### -AccountEnabled + +Indicates whether the account is enabled. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AlternativeNames + +The alternative names for this service principal. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppId + +Specifies the application ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AppRoleAssignmentRequired + +Indicates whether an application role assignment is required. + +```yaml +Type: System.Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -DisplayName + +Specifies the display name. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Homepage + +Specifies the home page or landing page of the application. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -KeyCredentials + +Specifies key credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -LogoutUrl + +Specifies the sign out URL. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalId + +Species the ID of a service principal in Microsoft Entra ID. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: ObjectId + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -PasswordCredentials + +Specifies password credentials. + +```yaml +Type: System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PreferredSingleSignOnMode + +Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ReplyUrls + +The URLs that user tokens are sent to for sign in with the associated application, or the redirect Uniform Resource Identifiers that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalNames + +Specifies service principal names. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ServicePrincipalType + +The service principal type. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Tags + +Specifies an array of tags. + +If you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraServicePrincipal](Get-EntraServicePrincipal.md) + +[New-EntraServicePrincipal](New-EntraServicePrincipal.md) + +[Remove-EntraServicePrincipal](Remove-EntraServicePrincipal.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTenantDetail.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTenantDetail.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTenantDetail.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTenantDetail.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTrustedCertificateAuthority.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTrustedCertificateAuthority.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTrustedCertificateAuthority.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraTrustedCertificateAuthority.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUser.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUser.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUser.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUser.md diff --git a/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md new file mode 100644 index 0000000000..82ec532e91 --- /dev/null +++ b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserExtension.md @@ -0,0 +1,91 @@ +--- +title: Set-EntraUserExtension +description: This article provides details on the Set-EntraUserExtension command. + +ms.topic: reference +ms.date: 06/26/2024 +ms.author: eunicewaweru +ms.reviewer: stevemutungi +manager: CelesteDG +author: msewaweru + +external help file: Microsoft.Graph.Entra-Help.xml +Module Name: Microsoft.Graph.Entra +online version: https://learn.microsoft.com/powershell/module/Microsoft.Graph.Entra/Set-EntraUserExtension + +schema: 2.0.0 +--- + +# Set-EntraUserExtension + +## Synopsis + +Sets a user extension. + +## Syntax + +```powershell +Set-EntraUserExtension + -UserId + [] +``` + +## Description + +The `Set-EntraUserExtension` cmdlet updates a user extension in Microsoft Entra ID. + +## Examples + +### Example 1: Set the value of an extension attribute for a user + +```powershell +Connect-Entra -Scopes 'User.ReadWrite.All' +$params = @{ + UserId = 'SawyerM@contoso.com' + ExtensionName = 'extension_e5e29b8a85d941eab8d12162bd004528_extensionAttribute8' + ExtensionValue = 'New Value' +} +Set-EntraUserExtension @params +``` + +This example shows how to update the value of the extension attribute for a specified user. + +- `-UserId` parameter specifies the user Id. +- `-ExtensionName` parameter specifies the name of an extension. +- `-ExtensionValue` parameter specifies the extension name values. + +## Parameters + +### -UserId + +Specifies the ID of the user. + +```yaml +Type: System.String +Parameter Sets: (All) +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### CommonParameters + +This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVariable`, `-InformationAction`, `-InformationVariable`, `-OutVariable`, `-OutBuffer`, `-PipelineVariable`, `-Verbose`, `-WarningAction`, and `-WarningVariable`. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). + +## Inputs + +## Outputs + +## Notes + +## Related Links + +[Get-EntraUser](Get-EntraUser.md) + +[Get-EntraUserExtension](Get-EntraUserExtension.md) + +[Remove-EntraUserExtension](Remove-EntraUserExtension.md) diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserLicense.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserLicense.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserLicense.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserLicense.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserManager.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserManager.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserManager.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserManager.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserPassword.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserPassword.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserPassword.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserPassword.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserThumbnailPhoto.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserThumbnailPhoto.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserThumbnailPhoto.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraUserThumbnailPhoto.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Test-EntraScript.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Test-EntraScript.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Test-EntraScript.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Test-EntraScript.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraOauth2PermissionGrant.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraOauth2PermissionGrant.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraOauth2PermissionGrant.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraOauth2PermissionGrant.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraSignedInUserPassword.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraSignedInUserPassword.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraSignedInUserPassword.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraSignedInUserPassword.md diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraUserFromFederated.md b/module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraUserFromFederated.md similarity index 100% rename from module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraUserFromFederated.md rename to module_legacy/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Update-EntraUserFromFederated.md diff --git a/module/docs/entra-powershell-v1.0/index.md b/module_legacy/docs/entra-powershell-v1.0/index.md similarity index 100% rename from module/docs/entra-powershell-v1.0/index.md rename to module_legacy/docs/entra-powershell-v1.0/index.md diff --git a/module/docs/entra-powershell-v1.0/toc.yml b/module_legacy/docs/entra-powershell-v1.0/toc.yml similarity index 100% rename from module/docs/entra-powershell-v1.0/toc.yml rename to module_legacy/docs/entra-powershell-v1.0/toc.yml diff --git a/module/docs/future/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleAssignmentRequest.md b/module_legacy/docs/future/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleAssignmentRequest.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleAssignmentRequest.md rename to module_legacy/docs/future/Microsoft.Graph.Entra.Beta/Get-EntraBetaPrivilegedRoleAssignmentRequest.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplication.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplication.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplication.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplication.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplicationConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplicationConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplicationConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyApplicationConnectorGroup.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnector.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnector.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnector.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnector.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroup.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMember.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMember.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMember.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMember.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMembers.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMembers.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMembers.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorGroupMembers.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorMemberOf.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorMemberOf.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorMemberOf.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Get-EntraApplicationProxyConnectorMemberOf.md diff --git a/module/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyApplication.md b/module_legacy/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyApplication.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyApplication.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyApplication.md diff --git a/module/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/New-EntraApplicationProxyConnectorGroup.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplication.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplication.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplication.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplication.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplicationConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplicationConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplicationConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyApplicationConnectorGroup.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Remove-EntraApplicationProxyConnectorGroup.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplication.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplication.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplication.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplication.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationCustomDomainCertificate.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationCustomDomainCertificate.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationCustomDomainCertificate.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationCustomDomainCertificate.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationSingleSignOn.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationSingleSignOn.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationSingleSignOn.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyApplicationSingleSignOn.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnector.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnector.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnector.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnector.md diff --git a/module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnectorGroup.md b/module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnectorGroup.md similarity index 100% rename from module/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnectorGroup.md rename to module_legacy/docs/future/Microsoft.Graph.Entra/Set-EntraApplicationProxyConnectorGroup.md diff --git a/module_legacy/mapping/monikerMapping.json b/module_legacy/mapping/monikerMapping.json new file mode 100644 index 0000000000..f92e4cc249 --- /dev/null +++ b/module_legacy/mapping/monikerMapping.json @@ -0,0 +1,14 @@ +{ + "entra-powershell-preview": { + "packageRoot": "entra-powershell-v1.0", + "conceptualToc": "docs/entra-powershell-v1.0/toc.yml", + "conceptualTocUrl": "/powershell/entra-preview/toc.json", + "referenceTocUrl": "/powershell/module/entra-powershell-v1.0/toc.json" + }, + "entra-powershell-beta-preview": { + "packageRoot": "entra-powershell-beta", + "conceptualToc": "docs/entra-powershell-beta/toc.yml", + "conceptualTocUrl": "/powershell/entra-preview/toc.json", + "referenceTocUrl": "/powershell/module/entra-powershell-beta/toc.json" + } +} diff --git a/samples/export-apps-with-expiring-secrets-modified.ps1 b/samples/export-apps-with-expiring-secrets-modified.ps1 index e5da85f56a..d272966709 100644 --- a/samples/export-apps-with-expiring-secrets-modified.ps1 +++ b/samples/export-apps-with-expiring-secrets-modified.ps1 @@ -9,7 +9,7 @@ #The entire risk arising out of the use or performance of the sample and documentation remains with you. #In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the script be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample or documentation, even if Microsoft has been advised of the possibility of such damages. ################################################################################# -Import-Module Microsoft.Graph.Entra +Import-Module Microsoft.Entra Connect-MgGraph #Replaces Connect-AzureAD for auth Enable-EntraAzureADAlias #Activate aliasing diff --git a/src/CompatibilityAdapterBuilder.ps1 b/src/CompatibilityAdapterBuilder.ps1 index d47b584dc2..92b5583bf3 100644 --- a/src/CompatibilityAdapterBuilder.ps1 +++ b/src/CompatibilityAdapterBuilder.ps1 @@ -5,26 +5,26 @@ Set-StrictMode -Version 5 class CompatibilityAdapterBuilder { [string] $SourceModuleName - [string[]] $SourceModulePrefixs + [string[]] $SourceModulePrefixes [string] $NewPrefix [string[]] $DestinationModuleName - [string[]] $DestinationPrefixs + [string[]] $DestinationPrefixes [string] $ModuleName hidden [string[]] $MissingCommandsToMap = @() hidden [string[]] $TypesToCreate = @() - hidden [string] $TypePrefix = "" + hidden [string] $TypePrefix = '' hidden [hashtable] $CmdCustomizations = @{} hidden [hashtable] $GenericParametersTransformations = @{} hidden [hashtable] $GenericOutputTransformations = @{} hidden [hashtable] $TypeCustomizations = @{} - hidden [string] $OutputFolder = (join-path $PSScriptRoot '../bin') + hidden [string] $OutputFolder = (Join-Path $PSScriptRoot '../bin') hidden [string] $HelpFolder = $null hidden [MappedCmdCollection] $ModuleMap = $null hidden [bool] $GenerateCommandsToMapData hidden [hashtable] $HelperCmdletsToExport = @{} hidden [string] $BasePath = $null hidden [string] $LoadMessage - hidden [string[]] $cmdtoSkipNameconverssion = @( + hidden [string[]] $cmdToSkipNameConversion = @( 'Select-EntraGroupIdsGroupIsMemberOf', 'Get-EntraUserAppRoleAssignment', 'Get-EntraPermissionGrantConditionSet', @@ -64,132 +64,131 @@ class CompatibilityAdapterBuilder { 'New-EntraNamedLocationPolicy', 'New-EntraServicePrincipalAppRoleAssignment', 'Restore-EntraDeletedDirectoryObject', - 'Restore-EntraBetaDeletedDirectoryObject', - 'New-EntraBetaServicePrincipalAppRoleAssignment', - 'New-EntraBetaNamedLocationPolicy', - 'Get-EntraBetaPermissionGrantConditionSet', - 'Get-EntraBetaPermissionGrantConditionSet', - 'Get-EntraBetaApplicationKeyCredential', - 'Get-EntraBetaPrivilegedRoleDefinition', - 'Get-EntraBetaFeatureRolloutPolicy', - 'Set-EntraBetaPermissionGrantPolicy', - 'Remove-EntraBetaApplicationPassword', - 'Get-EntraBetaServicePrincipalPolicy', - 'Get-EntraBetaPrivilegedRoleAssignmentRequest', - 'New-EntraBetaApplicationPassword', - 'Set-EntraBetaPasswordSingleSignOnCredential', - 'Get-EntraBetaObjectSetting', - 'Add-EntraBetaApplicationPolicy', - 'Add-EntraBetaFeatureRolloutPolicyDirectoryObject', - 'Revoke-EntraBetaUserAllRefreshToken', - 'Get-EntraBetaPrivilegedRole', - 'Get-EntraBetaApplicationTemplate', - 'Select-EntraBetaGroupIdsContactIsMemberOf', - 'Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', - 'Set-EntraBetaUserLicense', - 'Set-EntraBetaTrustFrameworkPolicy', - 'Remove-EntraBetaUserAppRoleAssignment', - 'Get-EntraBetaApplicationPolicy', - 'Get-EntraBetaPermissionGrantPolicy', - 'Select-EntraBetaGroupIdsGroupIsMemberOf', - 'New-EntraBetaUserAppRoleAssignment', - 'Get-EntraBetaTrustFrameworkPolicy', - 'Remove-EntraBetaObjectSetting', - 'Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue', - 'Get-EntraBetaUserOAuth2PermissionGrant', - 'New-EntraBetaApplicationKey', - 'Get-EntraBetaPolicy', - 'Get-EntraBetaDirectorySetting', - 'New-EntraBetaServiceAppRoleAssignment', - 'Get-EntraBetaObjectByObjectId', - 'Remove-EntraBetaPasswordSingleSignOnCredential', - 'Set-EntraBetaPermissionGrantConditionSet', - 'Set-EntraBetaConditionalAccessPolicy', - 'Get-EntraBetaPolicyAppliedObject', - 'Remove-EntraBetaDeletedApplication', - 'Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', - 'Get-EntraBetaUserAppRoleAssignment', - 'Get-EntraBetaDirectorySettingTemplate', - 'Remove-EntraBetaServicePrincipalPolicy', - 'Get-EntraBetaPermissionGrantConditionSet', - 'Set-EntraBetaObjectSetting', - 'Remove-EntraBetaFeatureRolloutPolicyDirectoryObject', - 'Get-EntraBetaAuthorizationPolicy', - 'Remove-EntraBetaPermissionGrantPolicy', - 'Set-EntraBetaDirectorySetting', - 'Set-EntraBetaAuthorizationPolicy', - 'Remove-EntraBetaDirectorySetting', - 'Remove-EntraBetaApplicationPolicy', - 'New-EntraBetaConditionalAccessPolicy', - 'Set-EntraBetaPrivilegedRoleAssignmentRequest', - 'Remove-EntraBetaTrustFrameworkPolicy', - 'New-EntraBetaPasswordSingleSignOnCredential', - 'Remove-EntraBetaPolicy', - 'Set-EntraBetaPolicy', - 'Set-EntraBetaCustomSecurityAttributeDefinition', - 'Get-EntraBetaPrivilegedResource', - 'Set-EntraBetaUserPassword', - 'New-EntraBetaApplicationFromApplicationTemplate', - 'Set-EntraBetaPrivilegedRoleSetting', - 'Remove-EntraBetaApplicationKey', - 'Get-EntraBetaPrivilegedRoleSetting', - 'Remove-EntraBetaOAuth2PermissionGrant', - 'Select-EntraBetaGroupIdsServicePrincipalIsMemberOf', - 'Get-EntraBetaServicePrincipalDelegatedPermissionClassification', - 'New-EntraBetaPrivilegedRoleAssignment', - 'Get-EntraBetaPasswordSingleSignOnCredential', - 'Set-EntraBetaFeatureRolloutPolicy', - 'New-EntraBetaPermissionGrantPolicy', - 'Remove-EntraBetaFeatureRolloutPolicy', - 'Get-EntraBetaCustomSecurityAttributeDefinition', - 'Remove-EntraBetaServicePrincipalDelegatedPermissionClassification', - 'Select-EntraBetaGroupIdsUserIsMemberOf', - 'Set-EntraBetaNamedLocationPolicy', - 'New-EntraBetaNamedLocationPolicy', - 'Restore-EntraBetaDeletedApplication', - 'Remove-EntraBetaPermissionGrantConditionSet' - + 'Restore-EntraBetaDeletedDirectoryObject', + 'New-EntraBetaServicePrincipalAppRoleAssignment', + 'New-EntraBetaNamedLocationPolicy', + 'Get-EntraBetaPermissionGrantConditionSet', + 'Get-EntraBetaPermissionGrantConditionSet', + 'Get-EntraBetaApplicationKeyCredential', + 'Get-EntraBetaPrivilegedRoleDefinition', + 'Get-EntraBetaFeatureRolloutPolicy', + 'Set-EntraBetaPermissionGrantPolicy', + 'Remove-EntraBetaApplicationPassword', + 'Get-EntraBetaServicePrincipalPolicy', + 'Get-EntraBetaPrivilegedRoleAssignmentRequest', + 'New-EntraBetaApplicationPassword', + 'Set-EntraBetaPasswordSingleSignOnCredential', + 'Get-EntraBetaObjectSetting', + 'Add-EntraBetaApplicationPolicy', + 'Add-EntraBetaFeatureRolloutPolicyDirectoryObject', + 'Revoke-EntraBetaUserAllRefreshToken', + 'Get-EntraBetaPrivilegedRole', + 'Get-EntraBetaApplicationTemplate', + 'Select-EntraBetaGroupIdsContactIsMemberOf', + 'Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', + 'Set-EntraBetaUserLicense', + 'Set-EntraBetaTrustFrameworkPolicy', + 'Remove-EntraBetaUserAppRoleAssignment', + 'Get-EntraBetaApplicationPolicy', + 'Get-EntraBetaPermissionGrantPolicy', + 'Select-EntraBetaGroupIdsGroupIsMemberOf', + 'New-EntraBetaUserAppRoleAssignment', + 'Get-EntraBetaTrustFrameworkPolicy', + 'Remove-EntraBetaObjectSetting', + 'Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', + 'Get-EntraBetaUserOAuth2PermissionGrant', + 'New-EntraBetaApplicationKey', + 'Get-EntraBetaPolicy', + 'Get-EntraBetaDirectorySetting', + 'New-EntraBetaServiceAppRoleAssignment', + 'Get-EntraBetaObjectByObjectId', + 'Remove-EntraBetaPasswordSingleSignOnCredential', + 'Set-EntraBetaPermissionGrantConditionSet', + 'Set-EntraBetaConditionalAccessPolicy', + 'Get-EntraBetaPolicyAppliedObject', + 'Remove-EntraBetaDeletedApplication', + 'Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', + 'Get-EntraBetaUserAppRoleAssignment', + 'Get-EntraBetaDirectorySettingTemplate', + 'Remove-EntraBetaServicePrincipalPolicy', + 'Get-EntraBetaPermissionGrantConditionSet', + 'Set-EntraBetaObjectSetting', + 'Remove-EntraBetaFeatureRolloutPolicyDirectoryObject', + 'Get-EntraBetaAuthorizationPolicy', + 'Remove-EntraBetaPermissionGrantPolicy', + 'Set-EntraBetaDirectorySetting', + 'Set-EntraBetaAuthorizationPolicy', + 'Remove-EntraBetaDirectorySetting', + 'Remove-EntraBetaApplicationPolicy', + 'New-EntraBetaConditionalAccessPolicy', + 'Set-EntraBetaPrivilegedRoleAssignmentRequest', + 'Remove-EntraBetaTrustFrameworkPolicy', + 'New-EntraBetaPasswordSingleSignOnCredential', + 'Remove-EntraBetaPolicy', + 'Set-EntraBetaPolicy', + 'Set-EntraBetaCustomSecurityAttributeDefinition', + 'Get-EntraBetaPrivilegedResource', + 'Set-EntraBetaUserPassword', + 'New-EntraBetaApplicationFromApplicationTemplate', + 'Set-EntraBetaPrivilegedRoleSetting', + 'Remove-EntraBetaApplicationKey', + 'Get-EntraBetaPrivilegedRoleSetting', + 'Remove-EntraBetaOAuth2PermissionGrant', + 'Select-EntraBetaGroupIdsServicePrincipalIsMemberOf', + 'Get-EntraBetaServicePrincipalDelegatedPermissionClassification', + 'New-EntraBetaPrivilegedRoleAssignment', + 'Get-EntraBetaPasswordSingleSignOnCredential', + 'Set-EntraBetaFeatureRolloutPolicy', + 'New-EntraBetaPermissionGrantPolicy', + 'Remove-EntraBetaFeatureRolloutPolicy', + 'Get-EntraBetaCustomSecurityAttributeDefinition', + 'Remove-EntraBetaServicePrincipalDelegatedPermissionClassification', + 'Select-EntraBetaGroupIdsUserIsMemberOf', + 'Set-EntraBetaNamedLocationPolicy', + 'New-EntraBetaNamedLocationPolicy', + 'Restore-EntraBetaDeletedApplication', + 'Remove-EntraBetaPermissionGrantConditionSet' + ) # Constructor that changes the output folder, load all the Required Modules and creates the output folder. - CompatibilityAdapterBuilder() { - $this.BasePath = (join-path $PSScriptRoot '../module/Entra/') - $this.HelpFolder = (join-path $this.BasePath './help') - $this.Configure((join-path $this.BasePath "/config/ModuleSettings.json")) + CompatibilityAdapterBuilder() { + $this.BasePath = (Join-Path $PSScriptRoot '../module_legacy/Entra/') + $this.HelpFolder = (Join-Path $this.BasePath './help') + $this.Configure((Join-Path $this.BasePath '/config/ModuleSettings.json')) } - CompatibilityAdapterBuilder([string] $Module){ - $this.BasePath = (join-path $PSScriptRoot '../module/') - $this.BasePath = (join-path $this.BasePath $Module) - $this.HelpFolder = (join-path $this.BasePath './help') - $this.Configure((join-path $this.BasePath "/config/ModuleSettings.json")) + CompatibilityAdapterBuilder([string] $Module) { + $this.BasePath = (Join-Path $PSScriptRoot '../module_legacy/') + $this.BasePath = (Join-Path $this.BasePath $Module) + $this.HelpFolder = (Join-Path $this.BasePath './help') + $this.Configure((Join-Path $this.BasePath '/config/ModuleSettings.json')) } - CompatibilityAdapterBuilder([bool] $notRunningUT = $false){ - if($notRunningUT) - { - $this.BasePath = (join-path $PSScriptRoot '../module/Entra/') - $this.HelpFolder = (join-path $this.BasePath './help') - $this.Configure((join-path $this.BasePath "/config/ModuleSettings.json")) - } + CompatibilityAdapterBuilder([bool] $notRunningUT = $false) { + if ($notRunningUT) { + $this.BasePath = (Join-Path $PSScriptRoot '../module_legacy/Entra/') + $this.HelpFolder = (Join-Path $this.BasePath './help') + $this.Configure((Join-Path $this.BasePath '/config/ModuleSettings.json')) + } } - hidden Configure([string] $ModuleSettingsPath){ + hidden Configure([string] $ModuleSettingsPath) { $settingPath = $ModuleSettingsPath $content = Get-Content -Path $settingPath | ConvertFrom-Json $this.SourceModuleName = $content.sourceModule - $this.SourceModulePrefixs = $content.sourceModulePrefix + $this.SourceModulePrefixes = $content.sourceModulePrefix $this.NewPrefix = $content.newPrefix $this.DestinationModuleName = $content.destinationModuleName - $this.DestinationPrefixs = $content.destinationPrefix + $this.DestinationPrefixes = $content.destinationPrefix $this.ModuleName = $content.moduleName $this.TypePrefix = $content.typePrefix Import-Module $this.SourceModuleName -Force | Out-Null - foreach ($moduleName in $this.DestinationModuleName){ + foreach ($moduleName in $this.DestinationModuleName) { Import-Module $moduleName -RequiredVersion $content.destinationModuleVersion -Force | Out-Null } - if(!(Test-Path $this.OutputFolder)){ + if (!(Test-Path $this.OutputFolder)) { New-Item -ItemType Directory -Path $this.OutputFolder | Out-Null } @@ -198,56 +197,55 @@ class CompatibilityAdapterBuilder { # Generates the module then generates all the files required to create the module. BuildModule() { - $this.WriteModuleFile() - $this.WriteModuleManifest() + $this.WriteModuleFile() + $this.WriteModuleManifest() } - + AddTypes($types) { $this.TypeCustomizations = $types - foreach($type in $types.Keys){ + foreach ($type in $types.Keys) { $this.TypesToCreate += $type } } # Add customization based on the the CommandMap object. AddCustomization([hashtable[]] $Commands) { - foreach($cmd in $Commands) { + foreach ($cmd in $Commands) { $parameters = $null $outputs = $null - if($null -ne $cmd.TargetName){ - if($cmd.Parameters){ + if ($null -ne $cmd.TargetName) { + if ($cmd.Parameters) { $parameters = @{} - foreach($param in $cmd.Parameters){ + foreach ($param in $cmd.Parameters) { $parameters.Add($param.SourceName, [DataMap]::New($param.SourceName, $param.TargetName, $param.ConversionType, [Scriptblock]::Create($param.SpecialMapping))) } } - - if($cmd.Outputs){ + + if ($cmd.Outputs) { $outputs = @{} - foreach($param in $cmd.Outputs){ + foreach ($param in $cmd.Outputs) { $outputs.Add($param.SourceName, [DataMap]::New($param.SourceName, $param.TargetName, $param.ConversionType, [Scriptblock]::Create($param.SpecialMapping))) } } - $customCommand = [CommandMap]::New($cmd.SourceName,$cmd.TargetName, $parameters, $outputs) + $customCommand = [CommandMap]::New($cmd.SourceName, $cmd.TargetName, $parameters, $outputs) $this.CmdCustomizations.Add($cmd.SourceName, $customCommand) - } - else { - if($cmd.Parameters){ + } else { + if ($cmd.Parameters) { $parameters = @{} - foreach($param in $cmd.Parameters){ + foreach ($param in $cmd.Parameters) { $this.GenericParametersTransformations.Add($param.SourceName, [DataMap]::New($param.SourceName, $param.TargetName, $param.ConversionType, [Scriptblock]::Create($param.SpecialMapping))) } } - - if($cmd.Outputs){ + + if ($cmd.Outputs) { $outputs = @{} - foreach($param in $cmd.Outputs){ + foreach ($param in $cmd.Outputs) { $this.GenericOutputTransformations.Add($param.SourceName, [DataMap]::New($param.SourceName, $param.TargetName, $param.ConversionType, [Scriptblock]::Create($param.SpecialMapping))) } } - if($null -ne $cmd.SourceName) { + if ($null -ne $cmd.SourceName) { $scriptBlock = [Scriptblock]::Create($cmd.CustomScript) $customCommand = [CommandMap]::New($cmd.SourceName, $scriptBlock) $this.CmdCustomizations.Add($cmd.SourceName, $customCommand) @@ -256,16 +254,16 @@ class CompatibilityAdapterBuilder { } } - AddHelperCommand([string] $FileName){ + AddHelperCommand([string] $FileName) { $properties = Get-ItemProperty -Path $FileName - if($null -ne $properties){ - $name = $properties.PSChildName.Replace(".ps1","") + if ($null -ne $properties) { + $name = $properties.PSChildName.Replace('.ps1', '') $this.HelperCmdletsToExport.Add($name, $(Get-Content -Path $FileName) -join "`n") } } hidden GenerateHelpFiles() { - foreach($file in Get-ChildItem -Path $this.HelpFolder -Filter "*.xml") { + foreach ($file in Get-ChildItem -Path $this.HelpFolder -Filter '*.xml') { Copy-Item $file.FullName $this.OutputFolder -Force } #$helpPath = Join-Path $this.OutputFolder "$($this.ModuleName)-Help.xml" @@ -275,123 +273,122 @@ class CompatibilityAdapterBuilder { } hidden [string] GetHelpHeader() { - $helpHeader = @" + $helpHeader = @' -"@ +'@ return $helpHeader } hidden [string] GetHelpCommandsFromFiles($filePath) { - $helpCommands = "" - $replacePrefix = "-" + $this.NewPrefix - $oldPrefix = "-AzureAD" - foreach($file in Get-ChildItem -Path $this.HelpFolder -Filter "*.xml") { - (Get-Content $file.FullName | Select-Object -Skip 2 | Select-Object -SkipLast 1).Replace($oldPrefix,$replacePrefix) | Add-Content -Path $filePath + $helpCommands = '' + $replacePrefix = '-' + $this.NewPrefix + $oldPrefix = '-AzureAD' + foreach ($file in Get-ChildItem -Path $this.HelpFolder -Filter '*.xml') { + (Get-Content $file.FullName | Select-Object -Skip 2 | Select-Object -SkipLast 1).Replace($oldPrefix, $replacePrefix) | Add-Content -Path $filePath } return $helpCommands } hidden [string] GetHelpFooter() { - $helpHeader = @" + $helpHeader = @' -"@ +'@ return $helpHeader } - - hidden WriteModuleFile() { + + hidden WriteModuleFile() { $filePath = Join-Path $this.OutputFolder "$($this.ModuleName).psm1" #This call create the mapping used to create the final module. $data = $this.Map() $psm1FileContent = $this.GetFileHeader() + $doubleSpace="`n`n" foreach($cmd in $data.Commands) { - $psm1FileContent += $cmd.CommandBlock + $psm1FileContent += $doubleSpace+$cmd.CommandBlock } - $psm1FileContent += $this.GetUnsupportedCommand() + $psm1FileContent +=$doubleSpace+ $this.GetUnsupportedCommand() - $psm1FileContent += $this.GetAlisesFunction() + $psm1FileContent += $doubleSpace+$this.GetAlisesFunction() foreach($function in $this.HelperCmdletsToExport.GetEnumerator()){ - $psm1FileContent += $function.Value + $psm1FileContent += $doubleSpace+$function.Value } - $psm1FileContent += $this.GetExportMemeber() + $psm1FileContent += $this.GetExportMember() $psm1FileContent += $this.SetMissingCommands() $psm1FileContent += $this.LoadMessage $psm1FileContent += $this.GetTypesDefinitions() $psm1FileContent | Out-File -FilePath $filePath } - hidden GetInnerTypes([string] $type){ - $object = New-Object -TypeName $type + hidden GetInnerTypes([string] $type) { + $object = New-Object -TypeName $type $object.GetType().GetProperties() | ForEach-Object { - if($_.PropertyType.Name -eq 'Nullable`1') { + if ($_.PropertyType.Name -eq 'Nullable`1') { $name = $_.PropertyType.GenericTypeArguments.FullName - if(!$_.PropertyType.GenericTypeArguments.IsEnum){ - if($name -like "$($this.TypePrefix)*") { - if(!$this.TypesToCreate.Contains($name)){ + if (!$_.PropertyType.GenericTypeArguments.IsEnum) { + if ($name -like "$($this.TypePrefix)*") { + if (!$this.TypesToCreate.Contains($name)) { $this.TypesToCreate += $name $this.GetInnerTypes($name) - } + } } } - } - elseif($_.PropertyType.Name -eq 'List`1') { + } elseif ($_.PropertyType.Name -eq 'List`1') { $name = $_.PropertyType.GenericTypeArguments.FullName - if(!$_.PropertyType.GenericTypeArguments.IsEnum){ - if($name -like "$($this.TypePrefix)*") { - if(!$this.TypesToCreate.Contains($name)){ + if (!$_.PropertyType.GenericTypeArguments.IsEnum) { + if ($name -like "$($this.TypePrefix)*") { + if (!$this.TypesToCreate.Contains($name)) { $this.TypesToCreate += $name $this.GetInnerTypes($name) - } + } } } - } - else { - if(!$_.PropertyType.IsEnum){ + } else { + if (!$_.PropertyType.IsEnum) { $name = $_.PropertyType.FullName - if($name -like "$($this.TypePrefix)*") { - if(!$this.TypesToCreate.Contains($name)){ + if ($name -like "$($this.TypePrefix)*") { + if (!$this.TypesToCreate.Contains($name)) { $this.TypesToCreate += $name $this.GetInnerTypes($name) } } } - } + } } } hidden [string] GetTypesDefinitions() { $types = $this.TypesToCreate | Sort-Object -Unique - - foreach($type in $types) { + + foreach ($type in $types) { $this.GetInnerTypes($type) } - $types = $this.TypesToCreate | Sort-Object -Unique + $types = $this.TypesToCreate | Sort-Object -Unique $namespace = $null $def = @" # ------------------------------------------------------------------------------ -# Type definitios required for commands inputs +# Type definitions required for commands inputs # ------------------------------------------------------------------------------ `$def = @" "@ Write-Host "Creating types definitions for $($types.Count) types." - foreach($type in $types) { - Write-Host "- Generating type for $type" - if($type.contains("+")){ - $type = $type.Substring(0,$type.IndexOf("+")) - Write-Host "- Real type is $type" - } - $object = New-Object -TypeName $type - $namespaceNew = $object.GetType().Namespace - $enumsDefined = @() + foreach ($type in $types) { + Write-Host "- Generating type for $type" + if ($type.contains('+')) { + $type = $type.Substring(0, $type.IndexOf('+')) + Write-Host "- Real type is $type" + } + $object = New-Object -TypeName $type + $namespaceNew = $object.GetType().Namespace + $enumsDefined = @() - if($namespace -ne $namespaceNew){ - if($null -ne $namespace){ - $def += @" + if ($namespace -ne $namespaceNew) { + if ($null -ne $namespace) { + $def += @" } namespace $namespaceNew @@ -400,117 +397,113 @@ namespace $namespaceNew using System.Linq; "@ - } - else { - $def += @" + } else { + $def += @" namespace $namespaceNew { using System.Linq; - -"@ + +"@ + } + $namespace = $object.GetType().Namespace } - $namespace = $object.GetType().Namespace - } - $name = $object.GetType().Name - if($object.GetType().IsEnum){ $name = $object.GetType().Name - if(!$enumsDefined.Contains($name)){ - $def += $this.GetEnumString($name, $object.GetType().FullName) - $enumsDefined += $name - continue - } - } - $def += @" + if ($object.GetType().IsEnum) { + $name = $object.GetType().Name + if (!$enumsDefined.Contains($name)) { + $def += $this.GetEnumString($name, $object.GetType().FullName) + $enumsDefined += $name + continue + } + } + $def += @" public class $name { "@ - if($this.TypeCustomizations.ContainsKey($object.GetType().FullName)){ - $extraFunctions = $this.TypeCustomizations[$object.GetType().FullName] - $def += @" + if ($this.TypeCustomizations.ContainsKey($object.GetType().FullName)) { + $extraFunctions = $this.TypeCustomizations[$object.GetType().FullName] + $def += @" $extraFunctions } "@ - } - else { - - $object.GetType().GetProperties() | ForEach-Object { - if($_.PropertyType.Name -eq 'Nullable`1') { - $name = $_.PropertyType.GenericTypeArguments.FullName - if($_.PropertyType.GenericTypeArguments.IsEnum){ - $name = $_.PropertyType.GenericTypeArguments.Name - if(!$enumsDefined.Contains($name)){ - $def += $this.GetEnumString($name, $_.PropertyType.GenericTypeArguments.FullName) - $enumsDefined += $name - } - } - $name = "System.Nullable<$($name)>" - } - elseif ($_.PropertyType.Name -eq 'List`1') { - $name = $_.PropertyType.GenericTypeArguments.FullName - if($_.PropertyType.GenericTypeArguments.IsEnum){ - $name = $_.PropertyType.GenericTypeArguments.Name - if(!$enumsDefined.Contains($name)){ - $def += $this.GetEnumString($name, $_.PropertyType.GenericTypeArguments.FullName) - $enumsDefined += $name + } else { + + $object.GetType().GetProperties() | ForEach-Object { + if ($_.PropertyType.Name -eq 'Nullable`1') { + $name = $_.PropertyType.GenericTypeArguments.FullName + if ($_.PropertyType.GenericTypeArguments.IsEnum) { + $name = $_.PropertyType.GenericTypeArguments.Name + if (!$enumsDefined.Contains($name)) { + $def += $this.GetEnumString($name, $_.PropertyType.GenericTypeArguments.FullName) + $enumsDefined += $name + } + } + $name = "System.Nullable<$($name)>" + } elseif ($_.PropertyType.Name -eq 'List`1') { + $name = $_.PropertyType.GenericTypeArguments.FullName + if ($_.PropertyType.GenericTypeArguments.IsEnum) { + $name = $_.PropertyType.GenericTypeArguments.Name + if (!$enumsDefined.Contains($name)) { + $def += $this.GetEnumString($name, $_.PropertyType.GenericTypeArguments.FullName) + $enumsDefined += $name + } + } + $name = "System.Collections.Generic.List<$($name)>" + } else { + $name = $_.PropertyType.FullName + if ($_.PropertyType.IsEnum) { + $name = $_.PropertyType.Name + if (!$enumsDefined.Contains($name)) { + $def += $this.GetEnumString($name, $_.PropertyType.FullName) + $enumsDefined += $name + } + } } + $def += " public $($name) $($_.Name);`n" } - $name = "System.Collections.Generic.List<$($name)>" - } - else { - $name = $_.PropertyType.FullName - if($_.PropertyType.IsEnum){ - $name = $_.PropertyType.Name - if(!$enumsDefined.Contains($name)){ - $def += $this.GetEnumString($name, $_.PropertyType.FullName) - $enumsDefined += $name - } - } - } - $def += " public $($name) $($_.Name);`n" - } - $constructor = "" + $constructor = '' - if(1 -eq $object.GetType().GetProperties().Count){ + if (1 -eq $object.GetType().GetProperties().Count) { - $constructor = @" + $constructor = @" public $($object.GetType().Name)() - { + { } - + public $($object.GetType().Name)($name value) { $($object.GetType().GetProperties()[0].Name) = value; } "@ - } + } - $def += @" + $def += @" $constructor } "@ + } } - } - $def += @" + $def += @' } -"@ +'@ $def += @" `"@ try{ Add-Type -TypeDefinition `$def } - catch{} + catch { Write-Error $_.Exception.Message } # ------------------------------------------------------------------------------ -# End of Type definitios required for commands inputs +# End of Type definitions required for commands inputs # ------------------------------------------------------------------------------ "@ @@ -522,140 +515,134 @@ public $($object.GetType().Name)() public enum $($enumName){ "@ - [enum]::getvalues([type]$enumType) | ForEach-Object { - $def += " $_ = $($_.value__),`n" - } - $def += @" + [enum]::GetValues([type]$enumType) | ForEach-Object { + $def += " $_ = $($_.value__),`n" + } + $def += @' } -"@ +'@ return $def } hidden WriteModuleManifest() { - $settingPath = join-path $this.BasePath "./config/ModuleMetadata.json" + $settingPath = Join-Path $this.BasePath './config/ModuleMetadata.json' $files = @("$($this.ModuleName).psd1", "$($this.ModuleName).psm1", "$($this.ModuleName)-Help.xml") $content = Get-Content -Path $settingPath | ConvertFrom-Json $PSData = @{ - Tags = $($content.tags) - LicenseUri = $($content.licenseUri) - ProjectUri = $($content.projectUri) - IconUri = $($content.iconUri) + Tags = $($content.tags) + LicenseUri = $($content.licenseUri) + ProjectUri = $($content.projectUri) + IconUri = $($content.iconUri) ReleaseNotes = $($content.releaseNotes) - Prerelease = $null + Prerelease = $null } - $manisfestPath = Join-Path $this.OutputFolder "$($this.ModuleName).psd1" - $functions = $this.ModuleMap.CommandsList + "Enable-EntraAzureADAlias" + "Get-EntraUnsupportedCommand" + $manifestPath = Join-Path $this.OutputFolder "$($this.ModuleName).psd1" + $functions = $this.ModuleMap.CommandsList + 'Enable-EntraAzureADAlias' + 'Get-EntraUnsupportedCommand' $requiredModules = @() - foreach($module in $content.requiredModules){ - $requiredModules += @{ModuleName = $module; RequiredVersion = $content.requiredModulesVersion} + foreach ($module in $content.requiredModules) { + $requiredModules += @{ModuleName = $module; RequiredVersion = $content.requiredModulesVersion } } $moduleSettings = @{ - Path = $manisfestPath - GUID = $($content.guid) - ModuleVersion = "$($content.version)" - FunctionsToExport = $functions - CmdletsToExport=@() - AliasesToExport=@() - Author = $($content.authors) - CompanyName = $($content.owners) - FileList = $files - RootModule = "$($this.ModuleName).psm1" - Description = 'Microsoft Graph Entra PowerShell.' - DotNetFrameworkVersion = $([System.Version]::Parse('4.7.2')) - PowerShellVersion = $([System.Version]::Parse('5.1')) - CompatiblePSEditions = @('Desktop','Core') - RequiredModules = $requiredModules - NestedModules = @() + Path = $manifestPath + GUID = $($content.guid) + ModuleVersion = "$($content.version)" + FunctionsToExport = $functions + CmdletsToExport = @() + AliasesToExport = @() + Author = $($content.authors) + CompanyName = $($content.owners) + FileList = $files + RootModule = "$($this.ModuleName).psm1" + Description = 'Microsoft Graph Entra PowerShell.' + DotNetFrameworkVersion = $([System.Version]::Parse('4.7.2')) + PowerShellVersion = $([System.Version]::Parse('5.1')) + CompatiblePSEditions = @('Desktop', 'Core') + RequiredModules = $requiredModules + NestedModules = @() } - - if($null -ne $content.Prerelease){ + + if ($null -ne $content.Prerelease) { $PSData.Prerelease = $content.Prerelease } - $this.LoadMessage = $this.LoadMessage.Replace("{VERSION}", $content.version) + $this.LoadMessage = $this.LoadMessage.Replace('{VERSION}', $content.version) New-ModuleManifest @moduleSettings - Update-ModuleManifest -Path $manisfestPath -PrivateData $PSData + Update-ModuleManifest -Path $manifestPath -PrivateData $PSData } # Creates the ModuleMap object, this is mainly used by other methods but can be called when debugging or finding missing cmdlets - hidden [MappedCmdCollection] Map(){ + hidden [MappedCmdCollection] Map() { $this.ModuleMap = [MappedCmdCollection]::new($this.ModuleName) - $originalCmdlets = $this.GetModuleCommands($this.SourceModuleName, $this.SourceModulePrefixs, $true) - $targetCmdlets = $this.GetModuleCommands($this.DestinationModuleName, $this.DestinationPrefixs, $true) + $originalCmdlets = $this.GetModuleCommands($this.SourceModuleName, $this.SourceModulePrefixes, $true) + $targetCmdlets = $this.GetModuleCommands($this.DestinationModuleName, $this.DestinationPrefixes, $true) $newCmdletData = @() $cmdletsToExport = @() $missingCmdletsToExport = @() - if('Microsoft.Graph.Entra' -eq $this.ModuleName){ - $cmdletsToSkip = @("Add-AzureADMSApplicationOwner", "Get-AzureADMSApplication", "Get-AzureADMSApplicationExtensionProperty", "Get-AzureADMSApplicationOwner", "New-AzureADApplication", "New-AzureADMSApplicationExtensionProperty", "Remove-AzureADMSApplication", "Remove-AzureADMSApplicationExtensionProperty", "Remove-AzureADMSApplicationOwner", "Set-AzureADApplication", "Set-AzureADMSApplicationLogo", "Get-AzureADMSGroup", "New-AzureADGroup", "Remove-AzureADMSGroup", "Set-AzureADGroup") - } - else{ - $cmdletsToSkip = @("Add-AzureADMSAdministrativeUnitMember", "Add-AzureADMSScopedRoleMembership", "Get-AzureADMSAdministrativeUnit", "Get-AzureADMSAdministrativeUnitMember", "Get-AzureADMSScopedRoleMembership", "New-AzureADAdministrativeUnit", "Remove-AzureADMSAdministrativeUnit", "Remove-AzureADMSAdministrativeUnitMember", "Remove-AzureADMSScopedRoleMembership", "Set-AzureADAdministrativeUnit", "Add-AzureADMSApplicationOwner", "Get-AzureADMSApplication", "Get-AzureADMSApplicationExtensionProperty", "Get-AzureADMSApplicationOwner", "New-AzureADApplication","New-AzureADMSApplicationExtensionProperty","Remove-AzureADMSApplication","Remove-AzureADMSApplicationExtensionProperty","Remove-AzureADMSApplicationOwner","Set-AzureADApplication","Set-AzureADMSApplicationLogo","Get-AzureADMSGroup","New-AzureADGroup","Remove-AzureADMSGroup","Set-AzureADGroup","Get-AzureADMSPrivilegedRoleAssignment","Get-AzureADMSServicePrincipal","Set-AzureADMSServicePrincipal","Get-AzureADMSUser","Set-AzureADMSUser","New-AzureADMSUser","New-AzureADMSServicePrincipal") + if ('Microsoft.Graph.Entra' -eq $this.ModuleName) { + $cmdletsToSkip = @('Add-AzureADMSApplicationOwner', 'Get-AzureADMSApplication', 'Get-AzureADMSApplicationExtensionProperty', 'Get-AzureADMSApplicationOwner', 'New-AzureADApplication', 'New-AzureADMSApplicationExtensionProperty', 'Remove-AzureADMSApplication', 'Remove-AzureADMSApplicationExtensionProperty', 'Remove-AzureADMSApplicationOwner', 'Set-AzureADApplication', 'Set-AzureADMSApplicationLogo', 'Get-AzureADMSGroup', 'New-AzureADGroup', 'Remove-AzureADMSGroup', 'Set-AzureADGroup') + } else { + $cmdletsToSkip = @('Add-AzureADMSAdministrativeUnitMember', 'Add-AzureADMSScopedRoleMembership', 'Get-AzureADMSAdministrativeUnit', 'Get-AzureADMSAdministrativeUnitMember', 'Get-AzureADMSScopedRoleMembership', 'New-AzureADAdministrativeUnit', 'Remove-AzureADMSAdministrativeUnit', 'Remove-AzureADMSAdministrativeUnitMember', 'Remove-AzureADMSScopedRoleMembership', 'Set-AzureADAdministrativeUnit', 'Add-AzureADMSApplicationOwner', 'Get-AzureADMSApplication', 'Get-AzureADMSApplicationExtensionProperty', 'Get-AzureADMSApplicationOwner', 'New-AzureADApplication', 'New-AzureADMSApplicationExtensionProperty', 'Remove-AzureADMSApplication', 'Remove-AzureADMSApplicationExtensionProperty', 'Remove-AzureADMSApplicationOwner', 'Set-AzureADApplication', 'Set-AzureADMSApplicationLogo', 'Get-AzureADMSGroup', 'New-AzureADGroup', 'Remove-AzureADMSGroup', 'Set-AzureADGroup', 'Get-AzureADMSPrivilegedRoleAssignment', 'Get-AzureADMSServicePrincipal', 'Set-AzureADMSServicePrincipal', 'Get-AzureADMSUser', 'Set-AzureADMSUser', 'New-AzureADMSUser', 'New-AzureADMSServicePrincipal') } - foreach ($cmd in $originalCmdlets.Keys){ + foreach ($cmd in $originalCmdlets.Keys) { if ($cmdletsToSkip -contains $cmd) { continue } $originalCmdlet = $originalCmdlets[$cmd] $newFunction = $this.GetNewCmdTranslation($cmd, $originalCmdlet, $targetCmdlets, $this.NewPrefix) - if($newFunction){ + if ($newFunction) { $newCmdletData += $newFunction - $cmdletsToExport += $newFunction.Generate - } - else{ - $missingCmdletsToExport += $cmd + $cmdletsToExport += $newFunction.Generate + } else { + $missingCmdletsToExport += $cmd $this.MissingCommandsToMap += $cmd - } + } } - foreach($function in $this.HelperCmdletsToExport.GetEnumerator()){ + foreach ($function in $this.HelperCmdletsToExport.GetEnumerator()) { $cmdletsToExport += $function.Key } - + $this.ModuleMap.CommandsList = $cmdletsToExport $this.ModuleMap.MissingCommandsList = $missingCmdletsToExport $this.ModuleMap.Commands = $this.NewModuleMap($newCmdletData) return $this.ModuleMap - } + } - hidden [scriptblock] GetUnsupportedCommand(){ - $unsupported = @" + hidden [scriptblock] GetUnsupportedCommand() { + $unsupported = @' function Get-EntraUnsupportedCommand { Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." } -"@ +'@ return [scriptblock]::Create($unsupported) } - hidden [scriptblock] GetAlisesFunction() { - if($this.ModuleMap){ + hidden [scriptblock] GetAliasesFunction() { + if ($this.ModuleMap) { $aliases = '' - foreach ($func in $this.ModuleMap.Commands) { + foreach ($func in $this.ModuleMap.Commands) { $aliases += " Set-Alias -Name $($func.SourceName) -Value $($func.Name) -Scope Global -Force`n" } foreach ($func in $this.MissingCommandsToMap) { $aliases += " Set-Alias -Name $($func) -Value Get-EntraUnsupportedCommand -Scope Global -Force`n" } - - #Adding direct aliases - $aliasDefinitionsPath ="" - if($this.ModuleName -eq 'Microsoft.Graph.Entra') - { + + #Adding direct aliases + $aliasDefinitionsPath = '' + if ($this.ModuleName -eq 'Microsoft.Graph.Entra') { $aliasDefinitionsPath = "$PSScriptRoot/EntraAliasDefinitions.ps1" - } - elseif ($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') { + } elseif ($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') { $aliasDefinitionsPath = "$PSScriptRoot/EntraBetaAliasDefinitions.ps1" } - #Adding direct aliases - $aliasDefinitionsPath ="" - if($this.ModuleName -eq 'Microsoft.Graph.Entra') - { + #Adding direct aliases + $aliasDefinitionsPath = '' + if ($this.ModuleName -eq 'Microsoft.Graph.Entra') { $aliasDefinitionsPath = "$PSScriptRoot/EntraAliasDefinitions.ps1" - } - elseif ($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') { + } elseif ($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') { $aliasDefinitionsPath = "$PSScriptRoot/EntraBetaAliasDefinitions.ps1" } @@ -664,7 +651,7 @@ function Get-EntraUnsupportedCommand { $aliases += $directAliases # Append the content to $aliases } - $aliasFunction = @" + $aliasFunction = @" function Enable-EntraAzureADAlias { $($aliases)} @@ -675,10 +662,10 @@ $($aliases)} return $null } - hidden [scriptblock] GetExportMemeber() { + hidden [scriptblock] GetExportMember() { $CommandsToExport = $this.ModuleMap.CommandsList - $CommandsToExport += "Get-EntraUnsupportedCommand" - $CommandsToExport += "Enable-EntraAzureADAlias" + $CommandsToExport += 'Get-EntraUnsupportedCommand' + $CommandsToExport += 'Enable-EntraAzureADAlias' $functionsToExport = @" Export-ModuleMember -Function @( @@ -699,31 +686,29 @@ Set-Variable -name MISSING_CMDS -value @('$($this.ModuleMap.MissingCommandsList hidden [CommandTranslation[]] NewModuleMap([PSCustomObject[]] $Commands) { [CommandTranslation[]] $translations = @() - foreach($Command in $Commands){ - if('' -eq $command.New){ + foreach ($Command in $Commands) { + if ('' -eq $command.New) { $translations += $this.NewCustomFunctionMap($Command) - } - else { + } else { $translations += $this.NewFunctionMap($Command) - } + } } return $translations } - hidden [CommandTranslation] NewCustomFunctionMap([PSCustomObject] $Command){ + hidden [CommandTranslation] NewCustomFunctionMap([PSCustomObject] $Command) { Write-Host "Creating custom function map for $($Command.Generate)" $parameterDefinitions = $this.GetParametersDefinitions($Command) - $ParamterTransformations = $this.GetParametersTransformations($Command) + $ParameterTransformations = $this.GetParametersTransformations($Command) $OutputTransformations = $this.GetOutputTransformations($Command) - if (($this.cmdtoSkipNameconverssion -notcontains $Command.Generate) -and ($parameterDefinitions.Contains('$ObjectId') -or $parameterDefinitions.Contains('$Id'))) { + if (($this.cmdToSkipNameConversion -notcontains $Command.Generate) -and ($parameterDefinitions.Contains('$ObjectId') -or $parameterDefinitions.Contains('$Id'))) { $function = @" function $($Command.Generate) { -$($Command.CustomScript) +$($Command.CustomScript) } "@ - } - else { + } else { $function = @" function $($Command.Generate) { [CmdletBinding($($Command.DefaultParameterSet))] @@ -731,63 +716,61 @@ function $($Command.Generate) { $parameterDefinitions ) -$($Command.CustomScript) +$($Command.CustomScript) } -"@ +"@ } $codeBlock = [Scriptblock]::Create($function) - return [CommandTranslation]::New($Command.Generate,$Command.Old,$codeBlock) + return [CommandTranslation]::New($Command.Generate, $Command.Old, $codeBlock) } - hidden [CommandTranslation] NewFunctionMap([PSCustomObject] $Command){ + hidden [CommandTranslation] NewFunctionMap([PSCustomObject] $Command) { Write-Host "Creating new function for $($Command.Generate)" - - $cmdLstToSkipKeyIdpair=@( - "Get-EntraGroup", - "Get-EntraServicePrincipalDelegatedPermissionClassification", - "Get-EntraApplication", - "Get-EntraDeletedApplication", - "Get-EntraDeletedGroup", - "Get-EntraBetaDeletedGroup", - "Get-EntraRoleAssignment", - "Get-EntraContact", - "Get-EntraRoleDefinition", - "Get-EntraContract", - "Get-EntraDevice", - "Get-EntraDirectoryRole", - "Get-EntraServicePrincipal", - "Get-EntraAdministrativeUnit", - "Get-EntraDirectoryRoleAssignment", - "Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue", - "Get-EntraBetaFeatureRolloutPolicy", - "Get-EntraBetaGroup", - "Get-EntraBetaPrivilegedResource", - "Get-EntraBetaServicePrincipal", - "Get-EntraBetaAdministrativeUnit", - "Get-EntraBetaAdministrativeUnit", - "Get-EntraBetaDevice", - "Get-EntraBetaPrivilegedRoleDefinition" + + $cmdLstToSkipKeyIdpair = @( + 'Get-EntraGroup', + 'Get-EntraServicePrincipalDelegatedPermissionClassification', + 'Get-EntraApplication', + 'Get-EntraDeletedApplication', + 'Get-EntraDeletedGroup', + 'Get-EntraBetaDeletedGroup', + 'Get-EntraRoleAssignment', + 'Get-EntraContact', + 'Get-EntraRoleDefinition', + 'Get-EntraContract', + 'Get-EntraDevice', + 'Get-EntraDirectoryRole', + 'Get-EntraServicePrincipal', + 'Get-EntraAdministrativeUnit', + 'Get-EntraDirectoryRoleAssignment', + 'Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue', + 'Get-EntraBetaFeatureRolloutPolicy', + 'Get-EntraBetaGroup', + 'Get-EntraBetaPrivilegedResource', + 'Get-EntraBetaServicePrincipal', + 'Get-EntraBetaAdministrativeUnit', + 'Get-EntraBetaAdministrativeUnit', + 'Get-EntraBetaDevice', + 'Get-EntraBetaPrivilegedRoleDefinition' ) - - + + $parameterDefinitions = $this.GetParametersDefinitions($Command) - $ParamterTransformations = $this.GetParametersTransformations($Command) + $ParameterTransformations = $this.GetParametersTransformations($Command) $OutputTransformations = $this.GetOutputTransformations($Command) - - if($cmdLstToSkipKeyIdpair.Contains($Command.Generate)) { - + + if ($cmdLstToSkipKeyIdpair.Contains($Command.Generate)) { + $keyId = $this.GetKeyIdPair($Command) + } else { + $keyId = '' } - else { - $keyId='' - } - - $customHeadersCommandName = "New-EntraCustomHeaders" - if($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') - { - $customHeadersCommandName = "New-EntraBetaCustomHeaders" + $customHeadersCommandName = 'New-EntraCustomHeaders' + + if ($this.ModuleName -eq 'Microsoft.Graph.Entra.Beta') { + $customHeadersCommandName = 'New-EntraBetaCustomHeaders' } $function = @" @@ -797,15 +780,15 @@ function $($Command.Generate) { $parameterDefinitions ) - PROCESS { + PROCESS { `$params = @{} `$customHeaders = $customHeadersCommandName -Command `$MyInvocation.MyCommand $($keyId) -$ParamterTransformations +$ParameterTransformations Write-Debug("============================ TRANSFORMATIONS ============================") `$params.Keys | ForEach-Object {"`$_ : `$(`$params[`$_])" } | Write-Debug Write-Debug("=========================================================================``n") - + `$response = $($Command.New) @params -Headers `$customHeaders $OutputTransformations `$response @@ -814,77 +797,76 @@ $OutputTransformations "@ $codeBlock = [Scriptblock]::Create($function) - return [CommandTranslation]::New($Command.Generate,$Command.Old,$codeBlock) + return [CommandTranslation]::New($Command.Generate, $Command.Old, $codeBlock) } - hidden [string] GetParametersDefinitions([PSCustomObject] $Command) { - $commonParameterNames = @("ProgressAction","Verbose", "Debug","ErrorAction", "ErrorVariable", "WarningAction", "WarningVariable", "OutBuffer", "PipelineVariable", "OutVariable", "InformationAction", "InformationVariable","WhatIf","Confirm") - $ignorePropertyParameter = @("Get-EntraBetaApplicationPolicy", "Get-EntraBetaApplicationSignInSummary","Get-EntraBetaPrivilegedRoleAssignment","Get-EntraBetaTrustFrameworkPolicy","Get-EntraBetaPolicy","Get-EntraBetaPolicyAppliedObject","Get-EntraBetaServicePrincipalPolicy","Get-EntraApplicationLogo","Get-EntraBetaApplicationLogo","Get-EntraApplicationKeyCredential","Get-EntraBetaApplicationKeyCredential","Get-EntraBetaServicePrincipalKeyCredential","Get-EntraBetaServicePrincipalPasswordCredential","Get-EntraServicePrincipalKeyCredential","Get-EntraServicePrincipalPasswordCredential") + hidden [string] GetParametersDefinitions([PSCustomObject] $Command) { + $commonParameterNames = @('ProgressAction', 'Verbose', 'Debug', 'ErrorAction', 'ErrorVariable', 'WarningAction', 'WarningVariable', 'OutBuffer', 'PipelineVariable', 'OutVariable', 'InformationAction', 'InformationVariable', 'WhatIf', 'Confirm') + $ignorePropertyParameter = @('Get-EntraBetaApplicationPolicy', 'Get-EntraBetaApplicationSignInSummary', 'Get-EntraBetaPrivilegedRoleAssignment', 'Get-EntraBetaTrustFrameworkPolicy', 'Get-EntraBetaPolicy', 'Get-EntraBetaPolicyAppliedObject', 'Get-EntraBetaServicePrincipalPolicy', 'Get-EntraApplicationLogo', 'Get-EntraBetaApplicationLogo', 'Get-EntraApplicationKeyCredential', 'Get-EntraBetaApplicationKeyCredential', 'Get-EntraBetaServicePrincipalKeyCredential', 'Get-EntraBetaServicePrincipalPasswordCredential', 'Get-EntraServicePrincipalKeyCredential', 'Get-EntraServicePrincipalPasswordCredential') $params = $(Get-Command -Name $Command.Old).Parameters $paramsList = @() - $ParamAlias=$null + $ParamAlias = $null foreach ($paramKey in $Command.Parameters.Keys) { - if($commonParameterNames.Contains($paramKey)) { + if ($commonParameterNames.Contains($paramKey)) { continue } $targetParam = $Command.Parameters[$paramKey] $param = $params[$paramKey] $paramType = $param.ParameterType.ToString() - $paramtypeToCreate = $param.ParameterType.ToString() - if($param.Name -eq 'All'){ - $paramType = "switch" + $paramTypeToCreate = $param.ParameterType.ToString() + if ($param.Name -eq 'All') { + $paramType = 'switch' } - - if( ($this.cmdtoSkipNameconverssion -notcontains $Command.Generate) -and (($param.Name -eq 'ObjectId' -or $param.Name -eq 'Id') -and $null -ne $targetParam.TargetName)){ + + if ( ($this.cmdToSkipNameConversion -notcontains $Command.Generate) -and (($param.Name -eq 'ObjectId' -or $param.Name -eq 'Id') -and $null -ne $targetParam.TargetName)) { if ($targetParam.TargetName) { $ParamAlias = $this.GetParameterAlias($param.Name) $param.Name = $targetParam.TargetName - } - } - if(($null -ne $this.TypePrefix) -and ($paramType -like "*$($this.TypePrefix)*")){ - if($paramType -like "*List*"){ - $paramType = "System.Collections.Generic.List``1[$($param.ParameterType.GenericTypeArguments.FullName)]" - $paramtypeToCreate = $param.ParameterType.GenericTypeArguments.FullName } - elseif($paramType -like "*Nullable*"){ + } + if (($null -ne $this.TypePrefix) -and ($paramType -like "*$($this.TypePrefix)*")) { + if ($paramType -like '*List*') { + $paramType = "System.Collections.Generic.List``1[$($param.ParameterType.GenericTypeArguments.FullName)]" + $paramTypeToCreate = $param.ParameterType.GenericTypeArguments.FullName + } elseif ($paramType -like '*Nullable*') { $paramType = "System.Nullable``1[$($param.ParameterType.GenericTypeArguments.FullName)]" - $paramtypeToCreate = $param.ParameterType.GenericTypeArguments.FullName + $paramTypeToCreate = $param.ParameterType.GenericTypeArguments.FullName + } + if (!$this.TypesToCreate.Contains($paramTypeToCreate)) { + $this.TypesToCreate += $paramTypeToCreate } - if(!$this.TypesToCreate.Contains($paramtypeToCreate)) { - $this.TypesToCreate += $paramtypeToCreate - } - } + } $paramBlock = @" - $ParamAlias + $ParamAlias $($this.GetParameterAttributes($Param))[$($paramType)] `$$($param.Name) "@ $paramsList += $paramBlock - $ParamAlias=$null + $ParamAlias = $null } $addProperty = $true - if('' -ne $Command.New){ + if ('' -ne $Command.New) { $addProperty = $false - $targetCmdparams = $(Get-Command -Name $Command.New).Parameters.Keys - if($null -ne $targetCmdparams){ - foreach($param in $targetCmdparams) { - if($param -eq 'Property') { + $targetCmdParams = $(Get-Command -Name $Command.New).Parameters.Keys + if ($null -ne $targetCmdParams) { + foreach ($param in $targetCmdParams) { + if ($param -eq 'Property') { $addProperty = $true break } - } - } + } + } } - if("Get" -eq $Command.Verb -and !$ignorePropertyParameter.Contains($Command.Generate) -and $addProperty){ + if ('Get' -eq $Command.Verb -and !$ignorePropertyParameter.Contains($Command.Generate) -and $addProperty) { $paramsList += $this.GetPropertyParameterBlock() } return $paramsList -Join ",`n" } - hidden [string] GetPropertyParameterBlock(){ - $propertyType = "System.String[]" + hidden [string] GetPropertyParameterBlock() { + $propertyType = 'System.String[]' $arrayAttrib = @() $arrayAttrib += "Mandatory = `$false" $arrayAttrib += "ValueFromPipeline = `$false" @@ -897,48 +879,44 @@ $OutputTransformations return $propertyParamBlock } - hidden [string] GetParameterAlias($param){ + hidden [string] GetParameterAlias($param) { return "[Alias('$param')]" } - hidden [string] GetParameterAttributes($param){ - $attributesString = "" + hidden [string] GetParameterAttributes($param) { + $attributesString = '' - foreach($attrib in $param.Attributes){ + foreach ($attrib in $param.Attributes) { $arrayAttrib = @() - + try { - if($attrib.ParameterSetName -ne "__AllParameterSets"){ + if ($attrib.ParameterSetName -ne '__AllParameterSets') { $arrayAttrib += "ParameterSetName = `"$($attrib.ParameterSetName)`"" } - } - catch {} - - try { - if($attrib.Mandatory){ + } catch {} + + try { + if ($attrib.Mandatory) { $arrayAttrib += "Mandatory = `$true" } - } - catch {} - - - try { - if($attrib.ValueFromPipeline){ + } catch {} + + + try { + if ($attrib.ValueFromPipeline) { $arrayAttrib += "ValueFromPipeline = `$true" } - } - catch {} - + } catch {} + try { - if($attrib.ValueFromPipelineByPropertyName){ + if ($attrib.ValueFromPipelineByPropertyName) { $arrayAttrib += "ValueFromPipelineByPropertyName = `$true" } - } - catch {} - + } catch {} + $strAttrib = $arrayAttrib -Join ', ' - if($strAttrib.Length -gt 0){ + if ($strAttrib.Length -gt 0) { $attributesString += "[Parameter($strAttrib)]`n " } } @@ -947,92 +925,87 @@ $OutputTransformations } hidden [string] GetParametersTransformations([PSCustomObject] $Command) { - $paramsList = "" + $paramsList = '' - foreach ($paramKey in $Command.Parameters.Keys) { + foreach ($paramKey in $Command.Parameters.Keys) { $param = $Command.Parameters[$paramKey] - $paramBlock = "" - - if([TransformationTypes]::None -eq $param.ConversionType){ + $paramBlock = '' + + if ([TransformationTypes]::None -eq $param.ConversionType) { $paramBlock = $this.GetParameterTransformationName($param.Name, $param.Name) - } - elseif([TransformationTypes]::Name -eq $param.ConversionType){ - if(($this.cmdtoSkipNameconverssion -notcontains $Command.Generate) -and ($param.Name -eq 'ObjectId' -or $param.Name -eq 'Id') -and $null -ne $param.TargetName){ + } elseif ([TransformationTypes]::Name -eq $param.ConversionType) { + if (($this.cmdToSkipNameConversion -notcontains $Command.Generate) -and ($param.Name -eq 'ObjectId' -or $param.Name -eq 'Id') -and $null -ne $param.TargetName) { $paramBlock = $this.GetParameterTransformationName($param.TargetName, $param.TargetName) - }else{ + } else { $paramBlock = $this.GetParameterTransformationName($param.Name, $param.TargetName) - } - } - elseif([TransformationTypes]::Bool2Switch -eq $param.ConversionType){ + } + } elseif ([TransformationTypes]::Bool2Switch -eq $param.ConversionType) { $paramBlock = $this.GetParameterTransformationBoolean2Switch($param.Name, $param.TargetName) - } - elseif([TransformationTypes]::SystemSwitch -eq $param.ConversionType){ + } elseif ([TransformationTypes]::SystemSwitch -eq $param.ConversionType) { $paramBlock = $this.GetParameterTransformationSystemSwitch($param.Name) - } - elseif([TransformationTypes]::ScriptBlock -eq $param.ConversionType){ + } elseif ([TransformationTypes]::ScriptBlock -eq $param.ConversionType) { $paramBlock = $this.GetParameterCustom($param) - } - elseif([TransformationTypes]::Remove -eq $param.ConversionType){ + } elseif ([TransformationTypes]::Remove -eq $param.ConversionType) { $paramBlock = $this.GetParameterException($param) } - - $paramsList += $paramBlock + + $paramsList += $paramBlock } - if("Get" -eq $Command.Verb){ - $paramsList += $this.GetCustomParameterTransformation("Property") + if ('Get' -eq $Command.Verb) { + $paramsList += $this.GetCustomParameterTransformation('Property') } - + return $paramsList } - hidden [string] GetKeyIdPair($Command){ + hidden [string] GetKeyIdPair($Command) { $keys = @() - foreach ($paramKey in $Command.Parameters.Keys) { + foreach ($paramKey in $Command.Parameters.Keys) { $param = $Command.Parameters[$paramKey] - if($param.NameChanged){ - if($param.Name -eq "ObjectId"){ + if ($param.NameChanged) { + if ($param.Name -eq 'ObjectId') { $keys += "$($param.Name) = `"Id`"" - } - elseif($param.Name -eq "Id"){ - } - else{ + } elseif ($param.Name -eq 'Id') { + } else { $keys += "$($param.Name) = `"$($param.TargetName)`"" } - } + } } - - return "`$keysChanged = @{$($keys -Join "; ")}" + + return "`$keysChanged = @{$($keys -Join '; ')}" } - hidden [string] GetParameterTransformationName([string] $OldName, [string] $NewName){ -# $paramBlock = @" -# if(`$null -ne `$PSBoundParameters["$($OldName)"]) -# { -# `$params["$($NewName)"] = `$PSBoundParameters["$($OldName)"] - -# } + hidden [string] GetParameterTransformationName([string] $OldName, [string] $NewName) { + # $paramBlock = @" + # if(`$null -ne `$PSBoundParameters["$($OldName)"]) + # { + # `$params["$($NewName)"] = `$PSBoundParameters["$($OldName)"] + + # } -# "@ - $paramBlock = if ($OldName -eq "Top") {@" + # "@ + $paramBlock = if ($OldName -eq 'Top') { + @" if (`$PSBoundParameters.ContainsKey(`"Top`")) { `$params["$($NewName)"] = `$PSBoundParameters["$($OldName)"] } "@ - } else {@" + } else { + @" if (`$null -ne `$PSBoundParameters["$($OldName)"]) { `$params["$($NewName)"] = `$PSBoundParameters["$($OldName)"] } "@ -} + } return $paramBlock } - hidden [string] GetParameterTransformationBoolean2Switch([string] $OldName, [string] $NewName){ + hidden [string] GetParameterTransformationBoolean2Switch([string] $OldName, [string] $NewName) { $paramBlock = @" if(`$null -ne `$PSBoundParameters["$($OldName)"]) { @@ -1046,7 +1019,7 @@ $OutputTransformations return $paramBlock } - hidden [string] GetParameterTransformationSystemSwitch([string] $Name){ + hidden [string] GetParameterTransformationSystemSwitch([string] $Name) { $paramBlock = @" if(`$PSBoundParameters.ContainsKey("$($Name)")) { @@ -1058,12 +1031,12 @@ $OutputTransformations } - hidden [string] GetParameterException([DataMap] $Param){ - $paramBlock = "" + hidden [string] GetParameterException([DataMap] $Param) { + $paramBlock = '' return $paramBlock } - hidden [string] GetParameterCustom([DataMap] $Param){ + hidden [string] GetParameterCustom([DataMap] $Param) { $paramBlock = @" if(`$null -ne `$PSBoundParameters["$($Param.Name)"]) { @@ -1076,7 +1049,7 @@ $OutputTransformations return $paramBlock } - hidden [string] GetCustomParameterTransformation([string] $ParameterName){ + hidden [string] GetCustomParameterTransformation([string] $ParameterName) { $paramBlock = @" if(`$null -ne `$PSBoundParameters["$($ParameterName)"]) { @@ -1086,43 +1059,39 @@ $OutputTransformations "@ return $paramBlock } - + hidden [string] GetOutputTransformations([PSCustomObject] $Command) { - $responseVerbs = @("Get","Add","New") - $output = "" - - if($this.CmdCustomizations.ContainsKey($Command.Old)) { - $cmd = $this.CmdCustomizations[$Command.Old] - if($null -ne $cmd.Outputs){ - foreach($key in $cmd.Outputs.GetEnumerator()) { - $customOutput = $cmd.Outputs[$key.Name] - if([TransformationTypes]::Name -eq $customOutput.ConversionType){ + $responseVerbs = @('Get', 'Add', 'New') + $output = '' + + if ($this.CmdCustomizations.ContainsKey($Command.Old)) { + $cmd = $this.CmdCustomizations[$Command.Old] + if ($null -ne $cmd.Outputs) { + foreach ($key in $cmd.Outputs.GetEnumerator()) { + $customOutput = $cmd.Outputs[$key.Name] + if ([TransformationTypes]::Name -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationName($customOutput.Name, $customOutput.TargetName) - } - elseif([TransformationTypes]::ScriptBlock -eq $customOutput.ConversionType){ + } elseif ([TransformationTypes]::ScriptBlock -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationCustom($customOutput) - } - elseif([TransformationTypes]::FlatObject -eq $customOutput.ConversionType){ + } elseif ([TransformationTypes]::FlatObject -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationFlatObject($customOutput) } } } } - - foreach($key in $this.GenericOutputTransformations.GetEnumerator()) { - $customOutput = $this.GenericOutputTransformations[$key.Name] - if(2 -eq $customOutput.ConversionType){ + + foreach ($key in $this.GenericOutputTransformations.GetEnumerator()) { + $customOutput = $this.GenericOutputTransformations[$key.Name] + if (2 -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationName($customOutput.Name, $customOutput.TargetName) - } - elseif([TransformationTypes]::ScriptBlock -eq $customOutput.ConversionType){ + } elseif ([TransformationTypes]::ScriptBlock -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationCustom($customOutput) - } - elseif([TransformationTypes]::FlatObject -eq $customOutput.ConversionType){ + } elseif ([TransformationTypes]::FlatObject -eq $customOutput.ConversionType) { $output += $this.GetOutputTransformationFlatObject($customOutput) } - } - - if("" -ne $output){ + } + + if ('' -ne $output) { $transform = @" `$response | ForEach-Object { if(`$null -ne `$_) { @@ -1132,19 +1101,19 @@ $($output) "@ return $transform } - return "" + return '' } - hidden [string] GetOutputTransformationName([string] $OldName, [string] $NewName){ - $outputBlock =@" + hidden [string] GetOutputTransformationName([string] $OldName, [string] $NewName) { + $outputBlock = @" Add-Member -InputObject `$_ -MemberType AliasProperty -Name $($NewName) -Value $($OldName) "@ return $outputBlock } - hidden [string] GetOutputTransformationCustom([DataMap] $Param){ - $outputBlock =@" + hidden [string] GetOutputTransformationCustom([DataMap] $Param) { + $outputBlock = @" $($Param.SpecialMapping) Add-Member -InputObject `$_ -MemberType ScriptProperty -Name $($Param.TargetName) -Value `$Value @@ -1152,218 +1121,209 @@ $($output) return $outputBlock } - hidden [string] GetOutputTransformationFlatObject([DataMap] $Param){ - $outputBlock =@" + hidden [string] GetOutputTransformationFlatObject([DataMap] $Param) { + $outputBlock = @" Add-Member -InputObject `$_ -NotePropertyMembers `$_.$($Param.Name) "@ return $outputBlock } - hidden [hashtable] GetModuleCommands([string[]] $ModuleNames, [string[]] $Prefix, [bool] $IgnoreEmptyNoun = $false){ - + hidden [hashtable] GetModuleCommands([string[]] $ModuleNames, [string[]] $Prefix, [bool] $IgnoreEmptyNoun = $false) { + $names = @() foreach ($moduleName in $ModuleNames) { $module = Get-Module -Name $moduleName $names += $module.ExportedCmdlets.Keys $names += $module.ExportedFunctions.Keys } - + $namesDic = @{} foreach ($name in $names) { $cmdComponents = $this.GetParsedCmd($name, $Prefix) - if(!$cmdComponents){ + if (!$cmdComponents) { $this.MissingCommandsToMap += $name continue } - if($IgnoreEmptyNoun -and !$cmdComponents.Noun) { + if ($IgnoreEmptyNoun -and !$cmdComponents.Noun) { continue } $namesDic.Add($name, $cmdComponents) } - + return $namesDic } - hidden [PSCustomObject] GetParsedCmd([string]$Name, [string[]]$Prefixs){ - foreach ($prefix in $Prefixs) { - $components = $name -split '-' + hidden [PSCustomObject] GetParsedCmd([string]$Name, [string[]]$Prefixes) { + foreach ($prefix in $Prefixes) { + $components = $name -split '-' $verb = $components[0] $prefixNoun = $components[1] $components = $prefixNoun -split $prefix - if($components.Length -eq 1) - { + if ($components.Length -eq 1) { continue } $noun = $prefixNoun.Substring($prefix.Length, $prefixNoun.Length - $prefix.Length) - + return [PSCustomObject] @{ - Verb = $verb - Noun = $noun + Verb = $verb + Noun = $noun Prefix = $prefix - } + } } return $null } - hidden [PSCustomObject] GetNewCmdTranslation($SourceCmdName, $SourceCmdlet, $TargetCmdlets, $NewPrefix){ + hidden [PSCustomObject] GetNewCmdTranslation($SourceCmdName, $SourceCmdlet, $TargetCmdlets, $NewPrefix) { $verbsEquivalence = @{ - 'Get' = @('Get') - 'New' = @('New','Add') - 'Add' = @('New','Add') - 'Remove' = @('Remove','Delete') - 'Delete' = @('Remove','Delete') - 'Set' = @('Set','Update') - 'Update' = @('Set','Update') + 'Get' = @('Get') + 'New' = @('New', 'Add') + 'Add' = @('New', 'Add') + 'Remove' = @('Remove', 'Delete') + 'Delete' = @('Remove', 'Delete') + 'Set' = @('Set', 'Update') + 'Update' = @('Set', 'Update') 'Confirm' = @('Confirm') - 'Enable' = @('New') + 'Enable' = @('New') } $targetCmd = $null - if($this.CmdCustomizations.ContainsKey($SourceCmdName)){ + if ($this.CmdCustomizations.ContainsKey($SourceCmdName)) { $targetCmd = $this.CmdCustomizations[$SourceCmdName].TargetName - } - else { - foreach ($prefix in $this.DestinationPrefixs){ - foreach ($verb in $verbsEquivalence[$SourceCmdlet.Verb]){ + } else { + foreach ($prefix in $this.DestinationPrefixes) { + foreach ($verb in $verbsEquivalence[$SourceCmdlet.Verb]) { $tmpCmd = "$($verb)-$($prefix)$($SourceCmdlet.Noun)" - if($TargetCmdlets.ContainsKey($tmpCmd)){ - $targetCmd = $tmpCmd; - break; + if ($TargetCmdlets.ContainsKey($tmpCmd)) { + $targetCmd = $tmpCmd + break } } } } - - if($null -ne $targetCmd){ - if($SourceCmdlet.Prefix.contains('MS')){ + + if ($null -ne $targetCmd) { + if ($SourceCmdlet.Prefix.contains('MS')) { $Prefix = $NewPrefix } else { $prefix = $NewPrefix } - $NewName = "" + $NewName = '' switch ($SourceCmdlet.Noun) { - "RoleDefinition" { $NewName = 'DirectoryRoleDefinition' } - "RoleAssignment" { $NewName = 'DirectoryRoleAssignment' } - "ServiceAppRoleAssignedTo" { $NewName = 'ServicePrincipalAppRoleAssignedTo' } - "ServiceAppRoleAssignment" { $NewName = 'ServicePrincipalAppRoleAssignment' } - "CustomSecurityAttributeDefinitionAllowedValues" { $NewName = 'CustomSecurityAttributeDefinitionAllowedValue' } - "AuditSignInLogs" { $NewName = 'AuditSignInLog' } - "AuditDirectoryLogs" { $NewName = 'AuditDirectoryLog' } + 'RoleDefinition' { $NewName = 'DirectoryRoleDefinition' } + 'RoleAssignment' { $NewName = 'DirectoryRoleAssignment' } + 'ServiceAppRoleAssignedTo' { $NewName = 'ServicePrincipalAppRoleAssignedTo' } + 'ServiceAppRoleAssignment' { $NewName = 'ServicePrincipalAppRoleAssignment' } + 'CustomSecurityAttributeDefinitionAllowedValues' { $NewName = 'CustomSecurityAttributeDefinitionAllowedValue' } + 'AuditSignInLogs' { $NewName = 'AuditSignInLog' } + 'AuditDirectoryLogs' { $NewName = 'AuditDirectoryLog' } default { $NewName = $SourceCmdlet.Noun } } $cmd = [PSCustomObject]@{ - Old = '{0}-{1}{2}' -f $SourceCmdlet.Verb, $SourceCmdlet.Prefix, $SourceCmdlet.Noun - New = $targetCmd - Generate = '{0}-{1}{2}' -f $SourceCmdlet.Verb, $Prefix, $NewName - Noun = $SourceCmdlet.Noun - Verb = $SourceCmdlet.Verb - Parameters = $null - DefaultParameterSet = "" - CustomScript = $null + Old = '{0}-{1}{2}' -f $SourceCmdlet.Verb, $SourceCmdlet.Prefix, $SourceCmdlet.Noun + New = $targetCmd + Generate = '{0}-{1}{2}' -f $SourceCmdlet.Verb, $Prefix, $NewName + Noun = $SourceCmdlet.Noun + Verb = $SourceCmdlet.Verb + Parameters = $null + DefaultParameterSet = '' + CustomScript = $null } - if('' -eq $targetCmd){ + if ('' -eq $targetCmd) { $cmd.CustomScript = $this.CmdCustomizations[$SourceCmdName].CustomScript } $cmd.Parameters = $this.GetCmdletParameters($cmd) - $defaulParam = $this.GetDefaultParameterSet($SourceCmdName) - $cmd.DefaultParameterSet = "DefaultParameterSetName = '$defaulParam'" + $defaultParam = $this.GetDefaultParameterSet($SourceCmdName) + $cmd.DefaultParameterSet = "DefaultParameterSetName = '$defaultParam'" return $cmd } return $null } - hidden [string] GetDefaultParameterSet($Cmdlet){ + hidden [string] GetDefaultParameterSet($Cmdlet) { $sourceCmd = Get-Command -Name $Cmdlet return $sourceCmd.DefaultParameterSet } - hidden [hashtable] GetCmdletParameters($Cmdlet){ - $Bool2Switch = @("All") - $SystemDebug = @("Verbose", "Debug") - $commonParameterNames = @("ErrorAction", "ErrorVariable", "WarningAction", "WarningVariable", "OutBuffer", "PipelineVariable", "OutVariable", "InformationAction", "InformationVariable") + hidden [hashtable] GetCmdletParameters($Cmdlet) { + $Bool2Switch = @('All') + $SystemDebug = @('Verbose', 'Debug') + $commonParameterNames = @('ErrorAction', 'ErrorVariable', 'WarningAction', 'WarningVariable', 'OutBuffer', 'PipelineVariable', 'OutVariable', 'InformationAction', 'InformationVariable') $sourceCmd = Get-Command -Name $Cmdlet.Old $targetCmd = $null - if('' -ne $Cmdlet.New){ - $targetCmd = Get-Command -Name $Cmdlet.New - } + if ('' -ne $Cmdlet.New) { + $targetCmd = Get-Command -Name $Cmdlet.New + } $paramsList = @{} foreach ($paramKey in $sourceCmd.Parameters.Keys) { $param = $sourceCmd.Parameters[$paramKey] $paramObj = [DataMap]::New($param.Name) - - if($this.CmdCustomizations.ContainsKey($Cmdlet.Old)) { + + if ($this.CmdCustomizations.ContainsKey($Cmdlet.Old)) { $custom = $this.CmdCustomizations[$Cmdlet.Old] - if(($null -ne $custom.Parameters) -and ($custom.Parameters.contains($param.Name))){ + if (($null -ne $custom.Parameters) -and ($custom.Parameters.contains($param.Name))) { $paramsList.Add($param.Name, $custom.Parameters[$param.Name]) continue } - if($custom.SpecialMapping) { - $paramObj.SetNone() + if ($custom.SpecialMapping) { + $paramObj.SetNone() $paramsList.Add($param.Name, $paramObj) continue } } - - if($this.GenericParametersTransformations.ContainsKey($param.Name)) { + + if ($this.GenericParametersTransformations.ContainsKey($param.Name)) { $genericParam = $this.GenericParametersTransformations[$param.Name] - if(5 -eq $genericParam.ConversionType){ + if (5 -eq $genericParam.ConversionType) { $tempName = "$($Cmdlet.Noun)$($genericParam.TargetName)" - if($targetCmd.Parameters.ContainsKey($tempName)){ + if ($targetCmd.Parameters.ContainsKey($tempName)) { $paramObj.SetTargetName($tempName) - } - elseif($targetCmd.Parameters.ContainsKey($genericParam.TargetName)){ + } elseif ($targetCmd.Parameters.ContainsKey($genericParam.TargetName)) { $paramObj.SetTargetName($genericParam.TargetName) - } - else - { + } else { foreach ($key in $targetCmd.Parameters.Keys) { - if($key.EndsWith($genericParam.TargetName)){ + if ($key.EndsWith($genericParam.TargetName)) { $paramObj.SetTargetName($key) break } } } - $paramsList.Add($paramObj.Name,$paramObj) - }else{ + $paramsList.Add($paramObj.Name, $paramObj) + } else { $paramsList.Add($genericParam.Name, $genericParam) - } + } continue } - - if($commonParameterNames.Contains($param.Name)) { + + if ($commonParameterNames.Contains($param.Name)) { $paramObj.SetNone() - } - elseif($Bool2Switch.Contains($param.Name)) { + } elseif ($Bool2Switch.Contains($param.Name)) { $paramObj.SetBool2Switch($param.Name) - } - elseif($SystemDebug.Contains($param.Name)) { + } elseif ($SystemDebug.Contains($param.Name)) { $paramObj.SetSystemSwitch($param.Name) - } - else - { - if($targetCmd.Parameters.ContainsKey($param.Name)){ - $paramObj.SetNone() + } else { + if ($targetCmd.Parameters.ContainsKey($param.Name)) { + $paramObj.SetNone() } } - - $paramsList.Add($paramObj.Name,$paramObj) + + $paramsList.Add($paramObj.Name, $paramObj) } - - return $paramsList + + return $paramsList } - hidden [string] GetFileHeader(){ - return @" + hidden [string] GetFileHeader() { + return @' # ------------------------------------------------------------------------------ # Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. # ------------------------------------------------------------------------------ Set-StrictMode -Version 5 -"@ +'@ } } diff --git a/src/EntraModuleBuilder.ps1 b/src/EntraModuleBuilder.ps1 new file mode 100644 index 0000000000..386056d572 --- /dev/null +++ b/src/EntraModuleBuilder.ps1 @@ -0,0 +1,616 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +# This class builds the submodules i.e. generate the .psm1 file, help-xml and .psd1 file +class EntraModuleBuilder { + [string]$headerText + [string]$OutputDirectory + [string]$TypeDefsDirectory + [string]$BaseDocsPath + + + EntraModuleBuilder() { + $this.headerText = @" +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +Set-StrictMode -Version 5 +"@ + + + $this.OutputDirectory = (Join-Path $PSScriptRoot '../bin/') + $this.TypeDefsDirectory=(Join-Path $PSScriptRoot "../build/TypeDefs.txt") + $this.BaseDocsPath=(Join-Path $PSScriptRoot '../module/docs/') + + } + + [string] ResolveStartDirectory([string]$directory) { + return Resolve-Path -Path $directory + } + + [bool] CheckTypedefsFile([string]$typedefsFilePath) { + if (-not (Test-Path -Path $typedefsFilePath)) { + Log-Message "[EntraModuleBuilder] Error: Typedefs.txt file not found at $typedefsFilePath" -Level 'ERROR' + return $false + } else { + Log-Message "[EntraModuleBuilder] Typedefs.txt found at $typedefsFilePath" -Level 'INFO' + return $true + } + } + + [void] EnsureDestinationDirectory([string]$destDirectory) { + if (-not (Test-Path -Path $destDirectory)) { + New-Item -ItemType Directory -Path $destDirectory | Out-Null + Log-Message "[EntraModuleBuilder] Created destination directory: $destDirectory" + } + } + + [string[]] RemoveHeader([string[]]$content) { + $inHeader = $false + $filteredContent = @() + + foreach ($line in $content) { + $trimmedLine = $line.Trim() + + if ($trimmedLine -eq '# ------------------------------------------------------------------------------') { + $inHeader = -not $inHeader + continue + } + + if (-not $inHeader) { + $filteredContent += $line + } + } + + return $filteredContent + } + + [void] ProcessSubDirectory([string]$currentDirPath, [string]$currentDirName, [string]$parentDirName, [string]$destDirectory, [string]$typedefsFilePath) { + Log-Message "[EntraModuleBuilder] Processing directory: $currentDirPath" + + $psm1FileName = "$parentDirName.$currentDirName.psm1" + $psm1FilePath = Join-Path -Path $destDirectory -ChildPath $psm1FileName + + Log-Message "[EntraModuleBuilder] Creating .psm1 file: $psm1FilePath" + + $psm1Content = $this.headerText + "`n" # Add a newline after the header + $ps1Files = Get-ChildItem -Path $currentDirPath -Filter "*.ps1" + + if ($ps1Files.Count -eq 0) { + Log-Message "[EntraModuleBuilder] Warning: No .ps1 files found in directory $currentDirPath" -Level 'ERROR' + } + + $enableEntraFiles = @() + $otherFiles = @() + + foreach ($ps1File in $ps1Files) { + if ($ps1File.Name -like "Enable-Entra*") { + $enableEntraFiles += $ps1File + } else { + $otherFiles += $ps1File + } + } + + foreach ($ps1File in $otherFiles) { + Log-Message "[EntraModuleBuilder] Appending content from file: $($ps1File.Name)" + $fileContent = Get-Content -Path $ps1File.FullName + $cleanedContent = $this.RemoveHeader($fileContent) + $psm1Content += $cleanedContent -join "`n" + } + + foreach ($ps1File in $enableEntraFiles) { + Log-Message "[EntraModuleBuilder] Appending content from file: $($ps1File.Name)" -ForegroundColor Cyan + $fileContent = Get-Content -Path $ps1File.FullName + $cleanedContent = $this.RemoveHeader($fileContent) + $psm1Content += $cleanedContent -join "`n" + } + + # Add the Export-ModuleMember line to export functions + $functionsToExport = ($otherFiles + $enableEntraFiles | ForEach-Object { $_.BaseName }) -join "', '" + $psm1Content += "`nExport-ModuleMember -Function @('$functionsToExport')`n" + + Log-Message "[EntraModuleBuilder] ProcessSubDirectory: Appending content from Typedefs.txt" -ForegroundColor Cyan + $typedefsContent = Get-Content -Path $typedefsFilePath -Raw + $psm1Content += "`n# Typedefs`n" + $typedefsContent + + Log-Message "[EntraModuleBuilder] Writing .psm1 file to disk: $psm1FilePath" + Set-Content -Path $psm1FilePath -Value $psm1Content + + Log-Message "[EntraModuleBuilder] Module file created: $psm1FilePath" -Level 'SUCCESS' +} + + + [void] CreateSubModuleFile([string]$Module, [string]$typedefsFilePath=$this.TypeDefsDirectory) { + # Determine the output path based on the module + $startDirectory = if ($Module -eq "Entra") { + (Join-Path $PSScriptRoot "..\module\Entra\Microsoft.Entra") + } else { + (Join-Path $PSScriptRoot "..\module\EntraBeta\Microsoft.Entra.Beta") + } + Log-Message "[EntraModuleBuilder] Starting CreateSubModuleFile script..." + + $resolvedStartDirectory = $this.ResolveStartDirectory($startDirectory) + + if (-not ($this.CheckTypedefsFile($typedefsFilePath))) { + Log-Message "[EntraModuleBuilder] $typedefsFilePath not found" -Level 'ERROR' + return + } + + if (-not (Test-Path -Path $resolvedStartDirectory)) { + Log-Message "[EntraModuleBuilder] Error: Start directory not found: $resolvedStartDirectory" -Level 'ERROR' + return + } else { + Log-Message "[EntraModuleBuilder] Processing directories inside: $resolvedStartDirectory" + } + + $subDirectories = Get-ChildItem -Path $resolvedStartDirectory -Directory + + $parentDirPath = Get-Item $resolvedStartDirectory + $parentDirName = $parentDirPath.Name + + $destDirectory = $this.OutputDirectory + $this.EnsureDestinationDirectory($destDirectory) + + foreach ($subDir in $subDirectories) { + # Skip the 'Migration' sub-directory + if ($subDir.Name -eq 'Migration' -or $subDir.Name -eq 'Invitations') { + Log-Message "[EntraModuleBuilder]: Skipping 'Migration' directory." -Level 'INFO' + continue + } + $this.ProcessSubDirectory($subDir.FullName, $subDir.Name, $parentDirName, $destDirectory, $typedefsFilePath) + } + + #Create the RootModule .psm1 file + #$this.CreateRootModule($Module) + + Log-Message "[EntraModuleBuilder] CreateSubModuleFile script completed." -Level 'SUCCESS' + } + [string[]] GetSubModuleFiles([string] $Module, [string]$DirectoryPath) { + # Check if the directory exists + # Define the pattern for matching submodule files + $pattern = if ($module -like "Microsoft.Entra.Beta.*") { + "Microsoft.Entra.Beta.*.psm1" + } else { + "Microsoft.Entra.*.psm1" + } + + if (-Not (Test-Path -Path $DirectoryPath)) { + Log-Message "[EntraModuleBuilder]: Directory does not exist: $directoryPath" -ForegroundColor Red + return $null # Return null if directory does not exist + } + + # Get all .psm1 files in the specified directory + $subModules = Get-ChildItem -Path $DirectoryPath -Filter $pattern -File + + # Check if any .psm1 files were found + if ($subModules.Count -eq 0) { + Log-Message "[EntraModuleBuilder]: No .psm1 files found in the directory: $directoryPath" -Level 'INFO' + return @() # Return an empty array if no files are found + } else { + # Return the names of the .psm1 files + return $subModules.Name + } + } + + [string[]] GetSubModuleFileNames([string] $Module, [string]$DirectoryPath) { + # Check if the directory exists + # Define the pattern for matching submodule files + $pattern = if ($module -like "Microsoft.Entra.Beta.*") { + "Microsoft.Entra.Beta.*.psd1" + } else { + "Microsoft.Entra.*.psd1" + } + + if (-Not (Test-Path -Path $DirectoryPath)) { + Log-Message "[EntraModuleBuilder]: Directory does not exist: $directoryPath" -ForegroundColor Red + return $null # Return null if directory does not exist + } + + # Get all .psm1 files in the specified directory + $subModules = Get-ChildItem -Path $DirectoryPath -Filter $pattern -File + + # Check if any .psm1 files were found + if ($subModules.Count -eq 0) { + Log-Message "[EntraModuleBuilder]: No .psd1 files found in the directory: $directoryPath" -Level 'INFO' + return @() # Return an empty array if no files are found + } else { + # Return the names of the .psd1 files + return $subModules | ForEach-Object { [System.IO.Path]::GetFileNameWithoutExtension($_.Name) } + } + } + + + +# Main function to create the root module +[void] CreateRootModule([string] $Module) { + # Determine the root module name based on the module type + $rootModuleName = if ($Module -eq 'Entra') { + 'Microsoft.Entra.psm1' + } else { + 'Microsoft.Entra.Beta.psm1' + } + + # Get the list of submodules and exclude the root module + $subModuleFiles = $this.GetSubModuleFiles($Module, $this.OutputDirectory) + $subModules = @() + + # Prevents the old root module from being added to avoid cyclic dependencies + foreach ($module in $subModuleFiles) { + if ($module -ne $rootModuleName) { + $subModules += $module + } + } + + # Build the code snippet using the GetCodeSnippet function + $codeSnippet = $this.GetCodeSnippet($subModules) + + # Combine the header text and the code snippet for the root module + $rootModuleContent = $this.headerText + "`n" + $codeSnippet + + # Define the file paths + $rootModulePath = Join-Path -Path $this.OutputDirectory -ChildPath $rootModuleName + + # Write the root module content (psm1) + $rootModuleContent | Out-File -FilePath $rootModulePath -Encoding utf8 + + Log-Message "[EntraModuleBuilder]: Root Module successfully created" -Level 'SUCCESS' +} + +[string] GetCodeSnippet([Array] $subModules) { + $codeSnippet = @" +# Set execution policy to ensure scripts can be executed +Set-ExecutionPolicy RemoteSigned -Scope Process -Force + +# Import all sub-modules dynamically +`$subModules = @( +"@ + + for ($i = 0; $i -lt $subModules.Count; $i++) { + $codeSnippet += " '$($subModules[$i])'" + if ($i -lt $subModules.Count - 1) { + $codeSnippet += ",`n" # Add a comma except for the last item + } else { + $codeSnippet += "`n" # Just a newline for the last item + } + } + + # Close the array and the loop + $codeSnippet += @" +) +`$moduleBasePath = Split-Path -Parent `$MyInvocation.MyCommand.Definition +foreach (`$subModule in `$subModules) { + `$subModulePath = Join-Path `$moduleBasePath -ChildPath `$subModule + Import-Module -Name `$subModulePath -Global +} +"@ + + return $codeSnippet +} + + [void] CreateRootModuleManifest([string] $Module) { + + # Update paths specific to this sub-directory + $rootPath=if ($Module -eq "Entra") { + (Join-Path $PSScriptRoot "../module/Entra") + } else { + (Join-Path $PSScriptRoot "../module/EntraBeta") + } + + $moduleName=if($Module -eq 'Entra'){ + 'Microsoft.Entra' + }else{ + 'Microsoft.Entra.Beta' + } + + $settingPath = Join-Path $rootPath -ChildPath "/config/ModuleMetadata.json" + + #We do not need to create a help file for the root module, since once the nested modules are loaded, their help will be available + $files = @("$($moduleName).psd1") + $content = Get-Content -Path $settingPath | ConvertFrom-Json + $PSData = @{ + Tags = $($content.tags) + LicenseUri = $($content.licenseUri) + ProjectUri = $($content.projectUri) + IconUri = $($content.iconUri) + ReleaseNotes = $($content.releaseNotes) + Prerelease = $null + } + $manifestPath = Join-Path $this.OutputDirectory -ChildPath "$($moduleName).psd1" + + $subModules=$this.GetSubModuleFileNames($Module,$this.OutputDirectory) + $requiredModules=@() + foreach($module in $subModules){ + if($module -ne $moduleName){ + Log-Message "Adding $module to Root Module Nested Modules" -Level 'INFO' + $requiredModules += @{ ModuleName = $module; RequiredVersion = $content.version } + } + } + $moduleSettings = @{ + Path = $manifestPath + GUID = $($content.guid) + ModuleVersion = "$($content.version)" + FunctionsToExport =@() + CmdletsToExport=@() + AliasesToExport=@() + Author = $($content.authors) + CompanyName = $($content.owners) + FileList = $files + Description = 'Microsoft Graph Entra PowerShell.' + DotNetFrameworkVersion = $([System.Version]::Parse('4.7.2')) + PowerShellVersion = $([System.Version]::Parse('5.1')) + CompatiblePSEditions = @('Desktop','Core') + NestedModules = @() + } + + if($null -ne $content.Prerelease){ + $PSData.Prerelease = $content.Prerelease + } + + Log-Message "[EntraModuleBuilder]: Starting Root Module Manifest generation" -Level 'INFO' + + New-ModuleManifest @moduleSettings + Update-ModuleManifest -Path $manifestPath -PrivateData $PSData + + # Construct the entries for the RequiredModules section + $requiredModulesEntries = $requiredModules | ForEach-Object { + " @{ ModuleName = '$($_.ModuleName)'; ModuleVersion = '$($_.RequiredVersion)' }" + } + +# Join the entries with commas and new lines for a properly formatted block +$requiredModulesText = @" +RequiredModules = @( +$($requiredModulesEntries -join ",`n") +) +"@.Trim() # Trim to remove any leading or trailing newlines + + # Read the existing manifest file content as an array of lines + $fileContent = Get-Content -Path $manifestPath + + # Find and update the `# RequiredModules` line + for ($i = 0; $i -lt $fileContent.Count; $i++) { + if ($fileContent[$i] -match '^#\s*RequiredModules') { + # Uncomment and replace the line with the new RequiredModules content + Log-Message "Found RequiredModule Section.." + $fileContent[$i] = $requiredModulesText + break + } + } + + # Write the updated content back to the manifest file + $fileContent | Set-Content -Path $manifestPath -Force + + Write-Host "Manifest file updated successfully." + + + Log-Message "[EntraModuleBuilder]: Root Module Manifest successfully created" -Level 'INFO' + } + + [void] CreateModuleManifest($module) { + # Update paths specific to this sub-directory + $rootPath=if ($Module -eq "Entra") { + (Join-Path $PSScriptRoot "../module/Entra") + } else { + (Join-Path $PSScriptRoot "../module/EntraBeta") + } + $moduleBasePath =if ($Module -eq "Entra") { + (Join-Path $rootPath "/Microsoft.Entra") + } else { + (Join-Path $rootPath "/Microsoft.Entra.Beta") + } + + $subDirectories = Get-ChildItem -Path $moduleBasePath -Directory + + + $settingPath = Join-Path $rootPath -ChildPath "/config/ModuleMetadata.json" + $dependencyMappingPath = Join-Path $rootPath -ChildPath "/config/dependencyMapping.json" + + # Load the module metadata + $content = Get-Content -Path $settingPath | ConvertFrom-Json + + # Create Manifest for each SubModule + + foreach ($subDir in $subDirectories) { + # Define module name based on sub-directory name + $moduleName = $subDir.Name + + $helpFileName = if ($Module -eq "Entra") { + "Microsoft.Entra.$moduleName-Help.xml" + } else { + "Microsoft.Entra.Beta.$moduleName-Help.xml" + } + + + $manifestFileName = if ($Module -eq "Entra") { + "Microsoft.Entra.$moduleName.psd1" + } else { + "Microsoft.Entra.Beta.$moduleName.psd1" + } + + $moduleFileName = if ($Module -eq "Entra") { + "Microsoft.Entra.$moduleName.psm1" + } else { + "Microsoft.Entra.Beta.$moduleName.psm1" + } + + # Log the start of processing for this module + Log-Message "[EntraModuleBuilder]: Processing module: $moduleFileName" + + # Define PSData block based on the contents of the ModuleMetadata.json file + $PSData = @{ + Tags = $($content.tags) + LicenseUri = $($content.licenseUri) + ProjectUri = $($content.projectUri) + IconUri = $($content.iconUri) + ReleaseNotes = $($content.releaseNotes) + Prerelease = $null + } + + # Set the manifest path and functions to export + $manifestPath = Join-Path $this.OutputDirectory "$manifestFileName" + + # Check if the specified directory exists + if (-Not (Test-Path -Path $subDir.FullName)) { + Log-Message "[EntraModuleBuilder]: The specified directory does not exist: $subDir" -Level 'ERROR' + exit + } + + # Get all files in the specified directory and its subdirectories, without extensions + $allFunctions = Get-ChildItem -Path $subDir.FullName -Recurse -File | ForEach-Object { $_.BaseName } + + $functions = $allFunctions + "Enable-EntraAzureADAlias" + "Get-EntraUnsupportedCommand" + + # Collect required modules from dependency mapping + $requiredModules = @() + if (Test-Path $dependencyMappingPath) { + $jsonContent = Get-Content -Path $dependencyMappingPath -Raw | ConvertFrom-Json + + $dependencyMapping = @{} + foreach ($key in $jsonContent.PSObject.Properties.Name) { + $dependencyMapping[$key] = $jsonContent.$key + } + + $keyModuleName= [System.IO.Path]::GetFileNameWithoutExtension($moduleFileName) + + if ($dependencyMapping.ContainsKey($keyModuleName)) { + foreach ($dependency in $dependencyMapping[$keyModuleName]) { + $requiredModules += @{ ModuleName = $dependency; RequiredVersion = $content.requiredModulesVersion } + } + } + } + + # Module manifest settings + $moduleSettings = @{ + Path = $manifestPath + GUID = $($content.guid) + ModuleVersion = "$($content.version)" + FunctionsToExport = $functions + CmdletsToExport = @() + AliasesToExport = @() + Author = $($content.authors) + CompanyName = $($content.owners) + FileList = @("$manifestFileName", "$moduleFileName", "$helpFileName") + RootModule = "$moduleFileName" + Description = $content.EntraDescription + DotNetFrameworkVersion = $([System.Version]::Parse($content.DotNetVersion)) + PowerShellVersion = $([System.Version]::Parse($content.PowershellVersion)) + CompatiblePSEditions = @('Desktop', 'Core') + RequiredModules = $requiredModules + NestedModules = @() + } + + + # Add prerelease info if it exists + if ($null -ne $content.Prerelease) { + $PSData.Prerelease = $content.Prerelease + } + + # Create and update the module manifest + Log-Message "[EntraModuleBuilder]: Creating manifest for $moduleName at $manifestPath" + try{ + New-ModuleManifest @moduleSettings + Update-ModuleManifest -Path $manifestPath -PrivateData $PSData + + # Validate the module manifest + $manifestValidationResult = Test-ModuleManifest -Path $manifestPath + + # Check if the validation was successful + if ($manifestValidationResult) { + Log-Message "$manifestFileName Module manifest is valid." -Level 'INFO' + } else { + Log-Message "$manifestFileName Module manifest is invalid." -Level 'ERROR' + } + + # Log completion for this module + Log-Message "[EntraModuleBuilder]: Manifest for $moduleName created successfully" -Level 'SUCCESS' + + }catch{ + Log-Message $_.Exception.Message -Level 'ERROR' + } + + } + + + #Create the Root Module Manifest + + # $this.CreateRootModuleManifest($module) +} + + +[void] CreateModuleHelp([string] $Module) { + + Log-Message "[EntraModuleBuilder] CreateModuleHelp: Starting the creation of Module help.." + + if (!(Test-Path $this.OutputDirectory)) { + New-Item -ItemType Directory -Path $this.OutputDirectory | Out-Null + } + + Log-Message "[EntraModuleBuilder] CreateModuleHelp: Output Directory $this.OutputDirectory verified..." + # Determine the base docs path based on the specified module + $docsPath = $this.BaseDocsPath + if ($Module -eq "Entra") { + $docsPath = Join-Path -Path $this.BaseDocsPath -ChildPath "entra-powershell-v1.0" + } + elseif ($Module -eq "EntraBeta") { + $docsPath = Join-Path -Path $this.BaseDocsPath -ChildPath "entra-powershell-beta" + } + else { + Log-Message "[EntraModuleBuilder] CreateModuleHelp:Invalid module specified: $Module" -Level 'ERROR' + return + } + + # Check if the base docs path exists + if (!(Test-Path $docsPath)) { + Log-Message "[EntraModuleBuilder] CreateModuleHelp: The specified base documentation path does not exist: $docsPath" -Level 'ERROR' + return + } + + Log-Message "[EntraModuleBuilder] CreateModuleHelp: Docs files directory &docsPath verified..." + + # Get all subdirectories within the base docs path + $subDirectories = Get-ChildItem -Path $docsPath -Directory + + foreach ($subDirectory in $subDirectories) { + # Skip the 'Migration' sub-directory + if ($subDirectory.Name -eq 'Migration' -or $subDirectory.Name -eq 'Invitations') { + Log-Message "[EntraModuleBuilder] CreateModuleHelp:Skipping 'Migration' directory." -Level 'INFO' + continue + } + + Log-Message "[EntraModuleBuilder] CreateModuleHelp:Creating help file for $subDirectory.." + + # Get all markdown files in the current subdirectory + $markDownFiles = Get-ChildItem -Path $subDirectory.FullName -Filter "*.md" + # Check if markdown files are found + if (-not($markDownFiles)) { + Log-Message "[EntraModuleBuilder] CreateModuleHelp:No markdown files found in $($subDirectory.FullName)." -Level 'ERROR' + continue + } + + $helpFileName = if ($Module -eq "Entra") { + "Microsoft.Entra.$($subDirectory.Name)-Help.xml" + } else { + "Microsoft.Entra.Beta.$($subDirectory.Name)-Help.xml" + } + + $helpOutputFilePath = Join-Path -Path $this.OutputDirectory -ChildPath $helpFileName + + $moduleDocsPath = $subDirectory.FullName + + try { + # Create the help file using PlatyPS + New-ExternalHelp -Path $moduleDocsPath -OutputPath $helpOutputFilePath -Force + + Log-Message "[EntraModuleBuilder] CreateModuleHelp help file generated: $helpOutputFilePath" -Level 'SUCCESS' + + } catch { + Log-Message "[EntraModuleBuilder] CreateModuleHelp: $_.Exception.Message" -Level 'ERROR' + } + } + + Log-Message "[EntraModuleBuilder] Help files generated successfully for module: $Module" -Level 'SUCCESS' +} + + +} \ No newline at end of file diff --git a/src/EntraModuleSplitter.ps1 b/src/EntraModuleSplitter.ps1 new file mode 100644 index 0000000000..1160728a89 --- /dev/null +++ b/src/EntraModuleSplitter.ps1 @@ -0,0 +1,397 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +. (Join-Path $PSScriptRoot "../build/common-functions.ps1") +# This class splits the larger Microsoft.Entra.psm1 or Microsoft.Entra.Beta.psm1 into separate files and also constructrs the submodule directories +class EntraModuleSplitter { + [string]$Header + + EntraModuleSplitter() { + $this.Header = @" +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. +# Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +"@ + } + + [void] CreateOutputDirectory([string]$directoryPath) { + if (-not (Test-Path -Path $directoryPath)) { + New-Item -ItemType Directory -Path $directoryPath | Out-Null + Log-Message "[EntraModuleSplitter] Created directory: $directoryPath" -Level 'SUCCESS' + } + } + + [string] GetModuleFilePath([string]$source) { + if ($source -eq 'Entra') { + return (Join-Path $PSScriptRoot "..\bin\Microsoft.Graph.Entra.psm1") + } else { + return (Join-Path $PSScriptRoot "..\bin\Microsoft.Graph.Entra.Beta.psm1") + } + } + + [string] GetOutputDirectory([string]$source) { + if ($source -eq 'Entra') { + return (Join-Path $PSScriptRoot "..\module\Entra\") + } else { + return (Join-Path $PSScriptRoot "..\module\EntraBeta\") + } + } + + [PSCustomObject] ReadJsonFile([string]$jsonFilePath) { + return Get-Content -Path $jsonFilePath | ConvertFrom-Json -AsHashTable + } + + [array] ExtractFunctions([string]$content) { + $functions = @() + $inFunction = $false + $depth = 0 + $currentFunction = "" + $currentFunctionName = "" + + foreach ($line in $content -split "`r?`n") { + if (-not $inFunction) { + if ($line -match "^function\s+([a-zA-Z0-9_-]+)") { + $inFunction = $true + $currentFunctionName = $matches[1] + $currentFunction = $line + "`n" + $depth = ($line -split "{").Count - ($line -split "}").Count + continue + } + } else { + $currentFunction += $line + "`n" + $depth += ($line -split "{").Count - ($line -split "}").Count + + if ($depth -eq 0) { + $functions += [pscustomobject]@{ Name = $currentFunctionName; Content = $currentFunction } + $inFunction = $false + $currentFunction = "" + $currentFunctionName = "" + } + } + } + + return $functions + } + + [void] ProcessFunction([pscustomobject]$function, [string]$specificFunctionName, [string]$moduleOutputDirectory, [PSCustomObject]$moduleMapping, [string]$header, [string]$unmappedDirectory) { + $functionName = $function.Name + $functionContent = $function.Content + + # Append the function contents to the header + $ps1Content = $header + "`n" + $functionContent+"`n" + + # Add the Enable-Entra*AzureADAlias function to the root of the module directory + if ($functionName -eq $specificFunctionName) { + $topLevelOutputPath = Join-Path -Path $moduleOutputDirectory -ChildPath "$specificFunctionName.ps1" + Set-Content -Path $topLevelOutputPath -Value $ps1Content + Log-Message "[EntraModuleSplitter] Created specific function file: $topLevelOutputPath" -Level 'INFO' + return + } + + # Function has been mapped to a directory + $isMapped = $false + + if($moduleMapping.ContainsKey($functionName) -and (-not($moduleMapping.$functionName -eq 'Migration' -or $moduleMapping.$functionName -eq 'Invitations'))){ + + $subModuleDirectoryName = $moduleMapping.$functionName + + # Create the subModule Directory + $subModuleDirectory = Join-Path $moduleOutputDirectory -ChildPath "$subModuleDirectoryName" + + + # Create the directory if it doesn't exist + $this.CreateOutputDirectory($subModuleDirectory) + + # Write the main function to the appropriate directory + $outputFilePath = Join-Path -Path $subModuleDirectory -ChildPath "$functionName.ps1" + Set-Content -Path $outputFilePath -Value $ps1Content + Log-Message "[EntraModuleSplitter] Created function file: $outputFilePath in $subModuleDirectory" -Level 'SUCCESS' + + $isMapped = $true + } + + # Account for unmapped files + if (-not $isMapped -and ($functionName -ne 'New-EntraCustomHeaders' -or $functionName -ne 'New-EntraBetaCustomHeaders')) { + $unmappedFilePath = Join-Path -Path $unmappedDirectory -ChildPath "$functionName.ps1" + Set-Content -Path $unmappedFilePath -Value $ps1Content + Log-Message "[EntraModuleSplitter] Created unmapped function file: $unmappedFilePath in UnMappedFiles" -Level 'ERROR' + } +} + + +[void] AddFunctionsToAllDirectories([string]$moduleOutputDirectory, [PSCustomObject[]]$functionContents, [string]$Module = 'Entra') { + # Validate the module parameter + if ($Module -notin @('Entra', 'EntraBeta')) { + Write-Error "Invalid module specified. Please provide either 'Entra' or 'EntraBeta'." + return + } + + # Get all directories under the module output directory + $subDirectories = Get-ChildItem -Path $moduleOutputDirectory -Directory + + foreach ($subDir in $subDirectories) { + foreach ($functionContent in $functionContents) { + # Construct the full path for the function file + $functionName = $functionContent.Name + $headerPs1Content = $this.Header + "`n" + $functionContent.Content + "`n" + "`n" + + # If the function is 'New-EntraCustomHeaders', modify the version line + if ($functionName -eq "New-EntraCustomHeaders") { + $currentSubDirName = $subDir.Name + + # Search for the line containing the version line + if ($Module -eq 'Entra') { + # For Entra module, look for 'Microsoft.Graph.Entra' in the version line + if ($headerPs1Content -match "Microsoft.Graph.Entra") { + # Replace 'Microsoft.Graph.Entra' with 'Microsoft.Entra.' + $headerPs1Content = $headerPs1Content -replace "Microsoft.Graph.Entra", "Microsoft.Entra.$currentSubDirName" + } + } + elseif ($Module -eq 'EntraBeta') { + # For EntraBeta module, look for 'Microsoft.Graph.Entra.Beta' in the version line + if ($headerPs1Content -match "Microsoft.Graph.Entra.Beta") { + # Replace 'Microsoft.Graph.Entra.Beta' with 'Microsoft.Entra.Beta.' + $headerPs1Content = $headerPs1Content -replace "Microsoft.Graph.Entra.Beta", "Microsoft.Entra.Beta.$currentSubDirName" + } + } + } + + # Construct the function file path + $functionFilePath = Join-Path -Path $subDir.FullName -ChildPath "$functionName.ps1" + + # Write the function to the specified file + Set-Content -Path $functionFilePath -Value $headerPs1Content + Log-Message "[EntraModuleSplitter] Added $functionName function to: $functionFilePath" + } + } +} + + +[string] GetModuleName([string] $Module="Entra"){ + if ($Module -eq 'Entra') { + return "Microsoft.Entra" + } else { + return "Microsoft.Entra.Beta" + } +} +[void] SplitEntraModule([string]$Module = 'Entra') { + + $JsonFilePath=if($Module -eq 'Entra'){ + (Join-Path $PSScriptRoot '../module/Entra/config/moduleMapping.json') + }else{ + (Join-Path $PSScriptRoot '../module/EntraBeta/config/moduleMapping.json') + } + # Determine file paths and output directories + $psm1FilePath = $this.GetModuleFilePath($Module) + $outputDirectory = $this.GetOutputDirectory($Module) + + $this.CreateOutputDirectory($outputDirectory) + $unmappedDirectory = Join-Path -Path $outputDirectory -ChildPath "UnMappedFiles" + $this.CreateOutputDirectory($unmappedDirectory) + + $jsonContent = $this.ReadJsonFile($JsonFilePath) + $moduleName = $this.GetModuleName($Module) + $moduleOutputDirectory = Join-Path -Path $outputDirectory -ChildPath $moduleName + + $this.CreateOutputDirectory($moduleOutputDirectory) + + Log-Message 'PSM1 Path $psm1FilePath' -Level 'WARNING' + $psm1Content = Get-Content -Path $psm1FilePath -Raw + $functions = $this.ExtractFunctions($psm1Content) + + # Get the function contents for both New-EntraCustomHeaders and Get-EntraUnsupportedCommand + + $functionNames =if($moduleName -eq 'Microsoft.Entra'){ + @("New-EntraCustomHeaders", "Get-EntraUnsupportedCommand") + }else{ + @("New-EntraBetaCustomHeaders","Get-EntraBetaUnsupportedCommand") + } + + $functionContents = $functions | Where-Object { $functionNames -contains $_.Name } + + # Initialize a variable to track if the specific function is processed + $specificFunctionName = if ($moduleName -eq "Microsoft.Entra") { "Enable-EntraAzureADAlias" } else { "Enable-EntraBetaAzureADAliases" } + + foreach ($function in $functions) { + $this.ProcessFunction($function, $specificFunctionName, $moduleOutputDirectory, $jsonContent, $this.Header, $unmappedDirectory) + } + + # Call the new method to add functions to all directories + $this.AddFunctionsToAllDirectories($moduleOutputDirectory, $functionContents,$Module) + + Log-Message "[EntraModuleSplitter] Splitting and organizing complete." -Level 'SUCCESS' + } + + + [void] ProcessEntraAzureADAliases([string]$Module = 'Entra') { + # Set the start directory and alias file path based on the Module parameter + $startDirectory, $aliasFilePath = $this.GetModuleDirectories($Module) + + + # Get all subdirectories + $directories = Get-ChildItem -Path $startDirectory -Directory + + # Store all mapped aliases across all directories + $allMappedAliases = @() + $mappedAliasesCount = 0 + + # Get total alias lines from the alias file (ignoring comments and empty lines) + $aliasFileContent = $this.GetFilteredAliasFileContent($aliasFilePath) + $totalAliases = if($aliasFileContent){ + $aliasFileContent.Count + }else{ + 0 + } + + foreach ($directory in $directories) { + # Skip the 'Migration' sub-directory + if ($directory.Name -eq 'Migration' -or $directory.Name -eq 'Invitations') { + Log-Message "Skipping $directory.Name directory." -Level 'INFO' + continue + } + # Get the full path of the directory + $directoryPath = $directory.FullName + + # Get .ps1 file names in the current directory + $ps1FileNames = $this.GetPs1FileNames($directoryPath) + + if ($ps1FileNames.Count -gt 0) { + # Filter alias lines based on the .ps1 file names + $result = $this.FilterAliasLines($aliasFilePath, $ps1FileNames) + + $filteredLines = $result.FilteredLines + $mappedAliases = $result.MappedAliases + $mappedAliasesCount += $mappedAliases.Count + + # Add mapped aliases to the collection + $allMappedAliases += $mappedAliases + + if ($filteredLines.Count -gt 0) { + # Create the target directory for this key if it doesn't exist + $targetSubDirectoryPath = Join-Path -Path $startDirectory -ChildPath $directory.Name + $this.CreateDirectory($targetSubDirectoryPath) + + # Create the output file path in the target directory + $outputFilePath = Join-Path -Path $targetSubDirectoryPath -ChildPath "Enable-EntraAzureADAliases.ps1" + + # Write the filtered lines to the output file in the target directory + $this.WriteFilteredLines($outputFilePath, $filteredLines, $this.Header) + } + } + } + + # Calculate unmapped aliases and write them to a file + $unMappedAliases = $this.WriteUnmappedAliases($aliasFileContent, $allMappedAliases, $startDirectory) + + # Display summary information + $this.DisplaySummary($totalAliases, $mappedAliasesCount, $unMappedAliases.Count) + + Log-Message "[EntraModuleSplitter] Processing complete." -Level 'SUCCESS' + } + + [string[]] GetModuleDirectories([string]$Module) { + $startDirectory = if ($Module -eq 'EntraBeta') { + (Join-Path $PSScriptRoot "..\module\EntraBeta\Microsoft.Entra.Beta\") + } else { + (Join-Path $PSScriptRoot "..\module\Entra\Microsoft.Entra\") + } + + $aliasFileName = if ($Module -eq 'EntraBeta') { + "Enable-EntraBetaAzureADAlias.ps1" + } else { + "Enable-EntraAzureADAlias.ps1" + } + + $aliasFilePath = Join-Path -Path $startDirectory -ChildPath $aliasFileName + + return $startDirectory, $aliasFilePath + } + + [string] GetHeader() { + return $this.Header + } + + [string[]] GetPs1FileNames([string]$directory) { + $files = Get-ChildItem -Path $directory -Filter "*.ps1" | ForEach-Object { + [System.IO.Path]::GetFileNameWithoutExtension($_.Name) + } + + # Return the array of file names, or an empty array if no files are found + return $files +} + + + [PSCustomObject] FilterAliasLines([string]$aliasFilePath, [string[]]$ps1FileNames) { + $aliasFileContent = $this.GetFilteredAliasFileContent($aliasFilePath) + + $filteredLines = @() + $mappedAliases = @() + + foreach ($line in $aliasFileContent) { + foreach ($fileName in $ps1FileNames) { + if ($line -like "*$fileName*") { + $filteredLines += $line + $mappedAliases += $line # Track mapped alias + break # Exit the inner loop if a match is found + } + } + } + + return @{FilteredLines = $filteredLines; MappedAliases = $mappedAliases} + } + + [string[]] GetFilteredAliasFileContent([string]$aliasFilePath) { + $fileContents= Get-Content -Path $aliasFilePath | Where-Object { + $_.Trim() -ne "" -and -not ($_.Trim().StartsWith("#")) + } + + return $fileContents + } + + [void] WriteFilteredLines([string]$outputFilePath, [string[]]$filteredLines, [string]$header) { + $functionWrapperStart = "`nfunction Enable-EntraAzureADAliases {" + "`n" + $functionWrapperEnd = "`n`n}" + + $fileContent = $header + $functionWrapperStart + ($filteredLines -join "`n") + $functionWrapperEnd + + Set-Content -Path $outputFilePath -Value $fileContent + Log-Message "[EntraModuleSplitter] Filtered lines have been written and wrapped inside Enable-EntraAzureADAliases function to $outputFilePath" -Level 'SUCCESS' + } + + [string[]] WriteUnmappedAliases([string[]]$aliasFileContent, [string[]]$allMappedAliases, [string]$targetDirectory) { + $allMappedAliases = $allMappedAliases | Sort-Object -Unique # Ensure uniqueness + $unMappedAliases = $aliasFileContent | Where-Object { $allMappedAliases -notcontains $_ } + + # Remove the first and last lines if applicable + if ($unMappedAliases -and $unMappedAliases.Count -gt 2) { + $unMappedAliases = $unMappedAliases[1..($unMappedAliases.Count - 2)] + } else { + $unMappedAliases = @() # Ensure it returns an empty array if fewer than 2 lines + } + + if ($unMappedAliases.Count -gt 0) { + $unmappedFilePath = Join-Path -Path $targetDirectory -ChildPath "UnMappedAliases.psd1" + Set-Content -Path $unmappedFilePath -Value $unMappedAliases + Log-Message "[EntraModuleSplitter] Unmapped aliases have been written to $unmappedFilePath" -Level 'INFO' + } else { + Log-Message "[EntraModuleSplitter] No unmapped aliases found." -Level 'INFO' + } + + return $unMappedAliases # Ensure this line returns the unmapped aliases + } + + [void] CreateDirectory([string]$path) { + if (-not (Test-Path -Path $path)) { + New-Item -Path $path -ItemType Directory | Out-Null + Log-Message "[EntraModuleSplitter] Created directory: $path" + } + } + + [void] DisplaySummary([int]$totalAliases, [int]$mappedAliasesCount, [int]$unMappedAliasesCount) { + Log-Message "[EntraModuleSplitter] Total Alias Lines (excluding comments and blanks): $totalAliases" + Log-Message "[EntraModuleSplitter] Mapped Aliases: $mappedAliasesCount" + Log-Message "[EntraModuleSplitter] UnMapped Aliases: $unMappedAliasesCount" -Level 'ERROR' + } +} \ No newline at end of file diff --git a/test/Common-Functions.ps1 b/test/Common-Functions.ps1 new file mode 100644 index 0000000000..d8b046f246 --- /dev/null +++ b/test/Common-Functions.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +$psVersion = $global:PSVersionTable.PSVersion + +# Entra + +if($null -ne (Get-Module -Name Microsoft.Entra)){ + $entraVersion = (Get-module Microsoft.Entra | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Applications)){ + $entraVersion = (Get-module Microsoft.Entra.Applications | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Authentication)){ + $entraVersion = (Get-module Microsoft.Entra.Authentication | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.DirectoryManagement)){ + $entraVersion = (Get-module Microsoft.Entra.DirectoryManagement | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Governance)){ + $entraVersion = (Get-module Microsoft.Entra.Governance | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Users)){ + $entraVersion = (Get-module Microsoft.Entra.Users | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Groups)){ + $entraVersion = (Get-module Microsoft.Entra.Groups | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Reports)){ + $entraVersion = (Get-module Microsoft.Entra.Reports | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.SignIns)){ + $entraVersion = (Get-module Microsoft.Entra.SignIns | select version).Version.ToString() +} + +#EntraBeta + +if($null -ne (Get-Module -Name Microsoft.Entra.Beta)){ + $entraVersion = (Get-module Microsoft.Entra.Beta | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Applications)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Applications | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Authentication)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Authentication | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.DirectoryManagement | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Governance)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Governance | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Users)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Users | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Groups)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Groups | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.Reports)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.Reports | select version).Version.ToString() +} +if($null -ne (Get-Module -Name Microsoft.Entra.Beta.SignIns)){ + $entraVersion = (Get-module Microsoft.Entra.Beta.SignIns | select version).Version.ToString() +} + + +function Get-Parameters{ + param( + $data + ) + + PROCESS{ + $params = @{} + for ($i = 0; $i -lt $data.Length; $i += 2) { + $key = $data[$i] -replace '-', '' -replace ':', '' + $value = $data[$i + 1] + $params[$key] = $value + } + + $params + } +} \ No newline at end of file diff --git a/test/Entra/Applications/Add-EntraApplicationOwner.Tests.ps1 b/test/Entra/Applications/Add-EntraApplicationOwner.Tests.ps1 new file mode 100644 index 0000000000..5735c7b14a --- /dev/null +++ b/test/Entra/Applications/Add-EntraApplicationOwner.Tests.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgApplicationOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Add-EntraApplicationOwner" { + Context "Test for Add-EntraApplicationOwner" { + It "Should return empty object"{ + $result = Add-EntraApplicationOwner -ApplicationId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgApplicationOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when parameters are empty" { + { Add-EntraApplicationOwner -ApplicationId "" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName New-MgApplicationOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Add-EntraApplicationOwner -ApplicationId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraApplicationOwner" + Add-EntraApplicationOwner -ApplicationId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraApplicationOwner" + Should -Invoke -CommandName New-MgApplicationOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraApplicationOwner -ApplicationId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test/Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 new file mode 100644 index 0000000000..a7000518ca --- /dev/null +++ b/test/Entra/Applications/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking New-MgServicePrincipalDelegatedPermissionClassification with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "Classification" = "low" + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "PermissionId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "PermissionName" = "access_microsoftstream_embed" + "ServicePrincipalId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgServicePrincipalDelegatedPermissionClassification -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "Add-EntraServicePrincipalDelegatedPermissionClassification"{ + Context "Test for Add-EntraServicePrincipalDelegatedPermissionClassification" { + It "Should Add a classification for a delegated permission."{ + $result = Add-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PermissionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Classification "low" -PermissionName "access_microsoftstream_embed" + $result | Should -Not -BeNullOrEmpty + $result.ServicePrincipalId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.PermissionId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.Classification | should -Be "low" + $result.PermissionName | should -Be "access_microsoftstream_embed" + + Should -Invoke -CommandName New-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ObjectId" { + $result = Add-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PermissionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Classification "low" -PermissionName "access_microsoftstream_embed" + $result.ObjectId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraServicePrincipalDelegatedPermissionClassification" + + $result = Add-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PermissionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Classification "low" -PermissionName "access_microsoftstream_embed" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraServicePrincipalDelegatedPermissionClassification" + + Should -Invoke -CommandName New-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PermissionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Classification "low" -PermissionName "access_microsoftstream_embed" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Add-EntraServicePrincipalOwner.Tests.ps1 b/test/Entra/Applications/Add-EntraServicePrincipalOwner.Tests.ps1 new file mode 100644 index 0000000000..f4c7422524 --- /dev/null +++ b/test/Entra/Applications/Add-EntraServicePrincipalOwner.Tests.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgServicePrincipalOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Add-EntraServicePrincipalOwner" { + Context "Test for Add-EntraServicePrincipalOwner" { + It "Should return empty object" { + $result = Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Add-EntraServicePrincipalOwner -ObjectId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Add-EntraServicePrincipalOwner -ServicePrincipalId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Add-EntraServicePrincipalOwner -ServicePrincipalId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + Mock -CommandName New-MgServicePrincipalOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + } + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $value = @{"@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbbbbb-1111-2222-3333-cccccccccccc"} + Should -Invoke -CommandName New-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraServicePrincipalOwner" + + Add-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraServicePrincipalOwner" + + Should -Invoke -CommandName New-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraServicePrincipalOwner -ServicePrincipalId "0008861a-d455-4671-bd24-ce9b3bfce288" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } + +} + diff --git a/test/Entra/Applications/Get-EntraApplication.Tests.ps1 b/test/Entra/Applications/Get-EntraApplication.Tests.ps1 new file mode 100644 index 0000000000..6b8662807a --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplication.Tests.ps1 @@ -0,0 +1,154 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Applications) -eq $null) { + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1" ) -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppId" = "aaaaaaaa-1111-2222-3333-cccccccccccc" + "DeletedDateTime" = $null + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "DisplayName" = "Mock-App" + "Info" = @{LogoUrl = ""; MarketingUrl = ""; PrivacyStatementUrl = ""; SupportUrl = ""; TermsOfServiceUrl = "" } + "IsDeviceOnlyAuthSupported" = $True + "IsFallbackPublicClient" = $true + "KeyCredentials" = @{CustomKeyIdentifier = @(211, 174, 247); DisplayName = ""; Key = ""; KeyId = "pppppppp-1111-2222-3333-cccccccccccc"; Type = "Symmetric"; Usage = "Sign" } + "OptionalClaims" = @{AccessToken = ""; IdToken = ""; Saml2Token = "" } + "ParentalControlSettings" = @{CountriesBlockedForMinors = $null; LegalAgeGroupRule = "Allow" } + "PasswordCredentials" = @{} + "PublicClient" = @{RedirectUris = $null } + "PublisherDomain" = "aaaabbbbbcccc.onmicrosoft.com" + "SignInAudience" = "AzureADandPersonalMicrosoftAccount" + "Web" = @{HomePageUrl = "https://localhost/demoapp"; ImplicitGrantSettings = ""; LogoutUrl = ""; } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraApplication" { + Context "Test for Get-EntraApplication" { + It "Should return specific application" { + $result = Get-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is invalid" { + { Get-EntraApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ApplicationId is empty" { + { Get-EntraApplication -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should return all applications" { + $result = Get-EntraApplication -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraApplication -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should fail when searchstring is empty" { + { Get-EntraApplication -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should fail when filter is empty" { + { Get-EntraApplication -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraApplication -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraApplication -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific application by searchstring" { + $result = Get-EntraApplication -SearchString 'Mock-App' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return specific application by filter" { + $result = Get-EntraApplication -Filter "DisplayName -eq 'Mock-App'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return top application" { + $result = @(Get-EntraApplication -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ApplicationId" { + $result = Get-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = Get-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraApplication -SearchString 'Mock-App' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-App" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplication" + + $result = Get-EntraApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplication" + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Property parameter should work" { + $result = Get-EntraApplication -Top 1 -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplication -Top 1 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should execute successfully with Alias" { + $result = Get-EntraApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + Write-Verbose "Result : {$result}" -Verbose + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + } +} + diff --git a/test/Entra/Applications/Get-EntraApplicationExtensionProperty.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationExtensionProperty.Tests.ps1 new file mode 100644 index 0000000000..1db8146725 --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationExtensionProperty.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraApplicationExtensionProperty with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-ccccccccccc" + "Name" = "extension_222_324_NewAttribute" + "TargetObjects" = {} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgApplicationExtensionProperty -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications + } + + Describe "Get-EntraApplicationExtensionProperty" { + Context "Test for Get-EntraApplicationExtensionProperty" { + It "Should not return empty" { + $result = Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraApplicationExtensionProperty -ObjectId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Get-EntraApplicationExtensionProperty -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Result should Contain ApplicationId" { + $result = Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result.ObjectId | should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Property Name + $result | Should -Not -BeNullOrEmpty + $result.Name | Should -Be 'extension_222_324_NewAttribute' + + Should -Invoke -CommandName Get-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should fail when Property is empty" { + { Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationExtensionProperty" + $result = Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationExtensionProperty" + Should -Invoke -CommandName Get-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraApplicationKeyCredential.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationKeyCredential.Tests.ps1 new file mode 100644 index 0000000000..d447c60e69 --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationKeyCredential.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "KeyCredentials" = @( + @{ + "CustomKeyIdentifier" = "" + "EndDate" = "10/23/2024 11:36:56 AM" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDate" = "11/22/2023 11:35:16 AM" + "Type" = "Symmetric" + "Usage" = "Sign" + "Value" = "" + "Parameters" = $args + } + ) + } + } + + Mock -CommandName Get-MgApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications + } + + Describe "Get-EntraApplicationKeyCredential" { + Context "Test for Get-EntraApplicationKeyCredential" { + It "Should not return empty" { + $result = Get-EntraApplicationKeyCredential -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ObjectId is empty" { + { Get-EntraApplicationKeyCredential -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationKeyCredential" + $result = Get-EntraApplicationKeyCredential -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationKeyCredential" + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationKeyCredential -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } + } + diff --git a/test/Entra/Applications/Get-EntraApplicationLogo.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationLogo.Tests.ps1 new file mode 100644 index 0000000000..920de28784 --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationLogo.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "Info" = @( + @{ + "logoUrl" = "" + "Parameters" = $args + }) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraApplicationLogo" { + It "Should return empty" { + $result = Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FilePath "D:\image.jpg" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return empty" { + $result = Get-EntraApplicationLogo -ObjectId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FilePath "D:\image.jpg" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return empty when passed ileName parameter" { + $result = Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FileName "image" + $result | Should -BeNullOrEmpty + } + It "Should fail when FileName is empty" { + { Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FileName } | Should -Throw "Missing an argument for parameter 'FileName'*" + } + It "Should return empty when passed ileName parameter" { + $result = Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -View $true + $result | Should -BeNullOrEmpty + } + It "Should fail when View is invalid" { + { Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -View "cc" } | Should -Throw "Cannot process argument transformation on parameter 'View'*" + } + It "Should fail when View is empty" { + { Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -View } | Should -Throw "Missing an argument for parameter 'View'*" + } + It "Should fail when ApplicationId is empty" { + { Get-EntraApplicationLogo -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Get-EntraApplicationLogo -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationLogo" + Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FilePath "D:\image.jpg" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationLogo" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationLogo -ApplicationId "aaaaaaaa-1111-2222-3333-ccccccccccc" -FilePath "D:\image.jpg" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Get-EntraApplicationModule.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationModule.Tests.ps1 new file mode 100644 index 0000000000..1b0172f746 --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationModule.Tests.ps1 @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Get-EntraApplication" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + } + + It "Should support minimum set of parameter sets" { + $GetAzureADApplication = Get-Command Get-EntraApplication + $GetAzureADApplication.ParameterSets.Name | Should -BeIn @("GetQuery", "GetVague", "GetById") + $GetAzureADApplication.Visibility | Should -Be "Public" + $GetAzureADApplication.CommandType | Should -Be "Function" + } + + It "Should return a list of applications by default" { + $GetAzureADApplication = Get-Command Get-EntraApplication + $GetAzureADApplication.ModuleName | Should -Be "Microsoft.Entra.Applications" + $GetAzureADApplication.DefaultParameterSet | Should -Be "GetQuery" + } + + It 'Should have List parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraApplication + $ListParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetQuery" + $ListParameterSet.Parameters.Name | Should -Contain All + $ListParameterSet.Parameters.Name | Should -Contain Filter + $ListParameterSet.Parameters.Name | Should -Contain Top + } + + It 'Should have Get parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraApplication + $GetParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetById" + $GetParameterSet.Parameters.Name | Should -Contain ApplicationId + } + + It 'Should have GetViaIdentity parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraApplication + $GetViaIdentityParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetVague" + $GetViaIdentityParameterSet.Parameters.Name | Should -Contain SearchString + $GetViaIdentityParameterSet.Parameters.Name | Should -Contain All + } +} \ No newline at end of file diff --git a/test/Entra/Applications/Get-EntraApplicationOwner.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationOwner.Tests.ps1 new file mode 100644 index 0000000000..9975177366 --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationOwner.Tests.ps1 @@ -0,0 +1,87 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $mockResponse = { + return @{ + value = @( + @{ + Id = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + ageGroup = $null + onPremisesLastSyncDateTime = $null + creationType = $null + preferredLanguage = $null + mail = "admin@contonso.com" + securityIdentifier = "S-1-12-1-1093396945-1080104032-2731339150-364051459" + consentProvidedForMinor = $null + onPremisesUserPrincipalName = $null + Parameters = $args + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $mockResponse -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraApplicationOwner"{ + Context "Test for Get-EntraApplicationOwner"{ + It "Should return application owner" { + $result = Get-EntraApplicationOwner -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + Write-Host $result + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb') + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Get-EntraApplicationOwner -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ApplicationId is null" { + { Get-EntraApplicationOwner -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when All has an argument" { + { Get-EntraApplicationOwner -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should fail when Top is empty" { + { Get-EntraApplicationOwner -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraApplicationOwner -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraApplicationOwner -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationOwner" + $result = Get-EntraApplicationOwner -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationOwner" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationOwner -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraApplicationPasswordCredential.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..ff932bf47f --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationPasswordCredential.Tests.ps1 @@ -0,0 +1,80 @@ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "PasswordCredentials" = @( + @{ + "CustomKeyIdentifier" = {116, 101, 115, 116} + "DisplayName" = "Test" + "EndDateTime" = "10/23/2024 11:36:56 AM" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDateTime" = "11/22/2023 11:35:16 AM" + "Hint" = "123" + "SecretText" = "" + "Parameters" = $args + } + ) + } + } + + Mock -CommandName Get-MgApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications + } + + Describe "Get-EntraApplicationPasswordCredential" { + Context "Test for Get-EntraApplicationPasswordCredential" { + It "Should not return empty" { + $result = Get-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Get-EntraApplicationPasswordCredential -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Get-EntraApplicationPasswordCredential -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraApplicationPasswordCredential -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'*" + } + It "Property parameter should work" { + $result = Get-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Test" + + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationPasswordCredential" + $result = Get-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraApplicationPasswordCredential" + Should -Invoke -CommandName Get-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } + } + diff --git a/test/Entra/Applications/Get-EntraApplicationTemplate.Tests.ps1 b/test/Entra/Applications/Get-EntraApplicationTemplate.Tests.ps1 new file mode 100644 index 0000000000..3b8e9fefca --- /dev/null +++ b/test/Entra/Applications/Get-EntraApplicationTemplate.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.Applications) -eq $null) { + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $response = @{ + "id" = "aaaaaaaa-1111-2222-3333-cccccccccccc" + "supportedSingleSignOnModes" = @{} + "publisher" = "test publisher" + "displayName" = "test name" + "homePageUrl" = "samplehomePageUrl" + "logoUrl" = "samplelogourl" + "categories" = @{} + "description" = "" + "supportedProvisioningTypes" = @{} + } + + Mock -CommandName Invoke-GraphRequest -MockWith { $response } -ModuleName Microsoft.Entra.Applications +} +Describe "Get-EntraApplicationTemplate tests"{ + It "Should return specific application" { + $result = Get-EntraApplicationTemplate -Id "aaaaaaaa-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('aaaaaaaa-1111-2222-3333-cccccccccccc') + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraApplicationTemplate -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { Get-EntraApplicationTemplate -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraApplicationTemplate -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should return all application templates" { + $result = Get-EntraApplicationTemplate + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraApplicationTemplate -Id "aaaaaaaa-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should return top ApplicationTemplate" { + $result = Get-EntraApplicationTemplate -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Top is invalid" { + { Get-EntraApplicationTemplate -Id "aaaaaaaa-1111-2222-3333-cccccccccccc" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all templates" { + $result = Get-EntraApplicationTemplate -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraApplicationTemplate -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should contain property when passed property to it" { + $result = Get-EntraApplicationTemplate -Property DisplayName + $result.displayName | Should -Not -BeNullOrEmpty + } + It "Should fail when Property is empty" { + { Get-EntraApplicationTemplate -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + It "Should return specific template by filter" { + $result = Get-EntraApplicationTemplate -Filter "DisplayName eq 'test name'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'test name' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } +} + diff --git a/test/Entra/Applications/Get-EntraDeletedApplication.Tests.ps1 b/test/Entra/Applications/Get-EntraDeletedApplication.Tests.ps1 new file mode 100644 index 0000000000..8f2aa96e66 --- /dev/null +++ b/test/Entra/Applications/Get-EntraDeletedApplication.Tests.ps1 @@ -0,0 +1,132 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AddIns" = {} + "AppRoles" = {} + "GroupMembershipClaims" = {} + "IdentifierUris" = {} + "Info" = @{ + LogoUrl=""; + } + "IsDeviceOnlyAuthSupported" = $null + "KeyCredentials" = {} + "OptionalClaims" = {} + "ParentalControlSettings" = @{ + CountriesBlockedForMinors=@{}; + LegalAgeGroupRule="Allow"; + } + "PasswordCredentials" = {} + "Api" = @{ + KnownClientApplications=@{}; + PreAuthorizedApplications=@{}; + } + "PublicClient" = @{ + RedirectUris=@{}; + } + "PublisherDomain" = "contoso.com" + "Web" = @{ + HomePageUrl=""; + LogoutUrl=""; + RedirectUris=@{}; + Oauth2AllowImplicitFlow="" + } + "RequiredResourceAccess" = $null + "DisplayName" = "Mock-test-App" + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "Logo" = $null + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDirectoryDeletedItemAsApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraDeletedApplication" { + Context "Test for Get-EntraDeletedApplication" { + It "Should return all applications" { + $result = Get-EntraDeletedApplication | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All is empty" { + { Get-EntraDeletedApplication -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraDeletedApplication -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'*" + } + It "Should return specific application by searchstring" { + $result = Get-EntraDeletedApplication -SearchString 'Mock-test-App' | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-test-App' + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return specific application by filter" { + $result = Get-EntraDeletedApplication -Filter "DisplayName -eq 'Mock-test-App'" | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-test-App' + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return top application" { + $result = Get-EntraDeletedApplication -Top 1 | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ObjectId" { + $result = Get-EntraDeletedApplication -Filter "DisplayName -eq 'Mock-test-App'" | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraDeletedApplication -SearchString 'Mock-test-App' | ConvertTo-Json -Depth 5| ConvertFrom-Json + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-test-App" + } + It "Property parameter should work" { + $result = Get-EntraDeletedApplication -Property "DisplayName" | ConvertTo-Json | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock-test-App" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraDeletedApplication -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedApplication" + $result = Get-EntraDeletedApplication -Filter "DisplayName -eq 'Mock-test-App'" | ConvertTo-Json -Depth 5 | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedApplication" + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDeletedApplication -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipal.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..c9cd10c9df --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipal.Tests.ps1 @@ -0,0 +1,215 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DisplayName" = "Windows Update for Business Deployment Service" + "AccountEnabled" = $true + "AddIns" = @{} + "AlternativeNames" = @{} + "AppDescription" = "" + "AppDisplayName" = "Windows Update for Business Deployment Service" + "AppId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AppManagementPolicies" = "" + "AppOwnerOrganizationId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "AppRoleAssignedTo" = "" + "AppRoleAssignmentRequired" = $false + "AppRoleAssignments" = @() + "AppRoles" = @("22223333-cccc-4444-dddd-5555eeee6666", "33334444-dddd-5555-eeee-6666ffff7777", "44445555-eeee-6666-ffff-7777aaaa8888", "55556666-ffff-7777-aaaa-8888bbbb9999") + "ApplicationTemplateId" = "" + "ClaimsMappingPolicies" = "" + "CreatedObjects" = "" + "CustomSecurityAttributes" = "" + "DelegatedPermissionClassifications"= "" + "Description" = "" + "DisabledByMicrosoftStatus" = "" + "Endpoints" = "" + "FederatedIdentityCredentials" = "" + "HomeRealmDiscoveryPolicies" = "" + "Homepage" = "" + "Info" = "" + "KeyCredentials" = @{} + "LoginUrl" = "" + "LogoutUrl" = "https://deploymentscheduler.microsoft.com" + "MemberOf" = "" + "Notes" = "" + "NotificationEmailAddresses" = @{} + "Oauth2PermissionGrants" = "" + "Oauth2PermissionScopes" = @("22223333-cccc-4444-dddd-5555eeee6666", "33334444-dddd-5555-eeee-6666ffff7777", "44445555-eeee-6666-ffff-7777aaaa8888", "55556666-ffff-7777-aaaa-8888bbbb9999") + "OwnedObjects" = "" + "Owners" = "" + "PasswordCredentials" = @{} + "PreferredSingleSignOnMode" = "" + "PreferredTokenSigningKeyThumbprint"= "" + "RemoteDesktopSecurityConfiguration"= "" + "ReplyUrls" = @{} + "ResourceSpecificApplicationPermissions"= @{} + "SamlSingleSignOnSettings" = "" + "ServicePrincipalNames" = @("61ae9cd9-7bca-458c-affc-861e2f24ba3b") + "ServicePrincipalType" = "Application" + "SignInAudience" = "AzureADMultipleOrgs" + "Synchronization" = "" + "Tags" = @{} + "TokenEncryptionKeyId" = "" + "TokenIssuancePolicies" = "" + "TokenLifetimePolicies" = "" + "TransitiveMemberOf" = "" + "VerifiedPublisher" = "" + "AdditionalProperties" = @{ + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#servicePrincipals/$entity" + "createdDateTime" = "2023-07-07T14:07:33Z" + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgServicePrincipal -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipal" { + Context "Test for Get-EntraServicePrincipal" { + It "Should return specific service" { + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Get-EntraServicePrincipal -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipal -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + + It "Should fail when ServicePrincipalId is invalid" { + { Get-EntraServicePrincipal -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + + It "Should return all service" { + $result = Get-EntraServicePrincipal -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraServicePrincipal -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top service" { + $result = Get-EntraServicePrincipal -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraServicePrincipal -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraServicePrincipal -Top XY} | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should return specific service by searchstring" { + $result = Get-EntraServicePrincipal -SearchString 'Windows Update for Business Deployment Service' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Windows Update for Business Deployment Service' + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when searchstring is empty" { + { Get-EntraServicePrincipal -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + + It "Should return specific service by filter" { + $result = Get-EntraServicePrincipal -Filter "DisplayName -eq 'Windows Update for Business Deployment Service'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Windows Update for Business Deployment Service' + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when filter is empty" { + { Get-EntraServicePrincipal -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraServicePrincipal -SearchString 'Windows Update for Business Deployment Service' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Windows Update for Business Deployment Service" + } + + It "Property parameter should work" { + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Windows Update for Business Deployment Service" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipal" + + $result = Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipal" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipal -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 new file mode 100644 index 0000000000..93b71d7567 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraServicePrincipalAppRoleAssignedTo with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "AppRoleId" = "bdd80a03-d9bc-451d-b7c4-ce7c63fe3c8f" + "Id" = "I8uPTcetR02TKCQg6xB170ZWgaqJluBEqPHHxTxJ9Hs" + "PrincipalDisplayName" = "Entra-App-Testing" + "PrincipalType" = "ServicePrincipal" + "ResourceDisplayName" = "Microsoft Graph" + "PrincipalId" = "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + "ResourceId" = "7af1d6f7-755a-4803-a078-a4f5a431ad51" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalAppRoleAssignedTo -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipalAppRoleAssignedTo" { + Context "Test for Get-EntraServicePrincipalAppRoleAssignedTo" { + It "Should return app role assignments" { + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | should -Be '4d8fcb23-adc7-4d47-9328-2420eb1075ef' + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignedTo -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ObjectId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | should -Be '4d8fcb23-adc7-4d47-9328-2420eb1075ef' + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignedTo -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + {Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should return all app role assignments" { + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignedTo -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return top app role assignments " { + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" -top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignedTo -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + $result.ObjectID | should -Be "I8uPTcetR02TKCQg6xB170ZWgaqJluBEqPHHxTxJ9Hs" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + Mock -CommandName Get-MgServicePrincipalAppRoleAssignedTo -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalAppRoleAssignedTo" + $result= Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalAppRoleAssignedTo" + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignedTo -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalAppRoleAssignedTo -ServicePrincipalId "4d8fcb23-adc7-4d47-9328-2420eb1075ef" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..301e7ce04c --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraServicePrincipalAppRoleAssignment with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "AppRoleId" = "00000000-0000-0000-0000-000000000000" + "Id" = "qjltmaz9l02qPcgftHNirITXiOnmHR5GmW_oEXl_ZL8" + "PrincipalDisplayName" = "MOD Administrator" + "PrincipalType" = "User" + "ResourceDisplayName" = "ProvisioningPowerBi" + "PrincipalId" = "996d39aa-fdac-4d97-aa3d-c81fb47362ac" + "ResourceId" = "021510b7-e753-40aa-b668-29753295ca34" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServiceAppRoleAssigned" { + Context "Test for Get-EntraServiceAppRoleAssigned" { + It "Should return service principal application role assignment." { + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" + $result | Should -Not -BeNullOrEmpty + $result.ResourceId | should -Be '021510b7-e753-40aa-b668-29753295ca34' + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraServicePrincipalAppRoleAssignment -ObjectId "021510b7-e753-40aa-b668-29753295ca34" + $result | Should -Not -BeNullOrEmpty + $result.ResourceId | should -Be '021510b7-e753-40aa-b668-29753295ca34' + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should return all service principal application role assignment." { + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should return top service principal application role assignment." { + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" -top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" + $result.ObjectId | should -Be "qjltmaz9l02qPcgftHNirITXiOnmHR5GmW_oEXl_ZL8" + } + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + Mock -CommandName Get-MgServicePrincipalAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "021510b7-e753-40aa-b668-29753295ca34" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalAppRoleAssignment" + $result = Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalAppRoleAssignment" + Should -Invoke -CommandName Get-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "021510b7-e753-40aa-b668-29753295ca34" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 new file mode 100644 index 0000000000..dc300cdd89 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Applications) -eq $null) { + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "T2qU_E28O0GgkLLIYRPsTwE" + "Classification" = "low" + "PermissionId" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "PermissionName" = "LicenseManager.AccessAsUser" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipalDelegatedPermissionClassification" { + Context "Test for Get-EntraServicePrincipalDelegatedPermissionClassification" { + It "Should return specific ServicePrincipalDelegatedPermissionClassification" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is invalid" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should return specific ServicePrincipalDelegatedPermissionClassification when Id passed to it" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id 'T2qU_E28O0GgkLLIYRPsTwE' + $params = Get-Parameters -data $result.Parameters + $params.DelegatedPermissionClassificationId | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + } + It "Should fail when Id is invalid" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Id is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should return specific ServicePrincipalDelegatedPermissionClassification when applied filter to it" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Filter "PermissionName eq 'LicenseManager.AccessAsUser'" + $result.PermissionName | should -Be "LicenseManager.AccessAsUser" + $result.ObjectId | should -Be "T2qU_E28O0GgkLLIYRPsTwE" + } + It "Should fail when Filter is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Filter } | Should -Throw "Missing an argument for parameter 'Filter'.*" + } + It "Property parameter should work" { + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property PermissionName + $result | Should -Not -BeNullOrEmpty + $result.PermissionName | Should -Be 'LicenseManager.AccessAsUser' + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalDelegatedPermissionClassification" + + $result = Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalDelegatedPermissionClassification" + + Should -Invoke -CommandName Get-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalKeyCredential.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalKeyCredential.Tests.ps1 new file mode 100644 index 0000000000..db87531e35 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalKeyCredential.Tests.ps1 @@ -0,0 +1,95 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "KeyCredentials" = @{ + "CustomKeyIdentifier" = "" + "DisplayName" = "" + "EndDateTime" = "08-Feb-25 9:57:08 AM" + "Key" = "" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDateTime" = "08-Feb-24 9:57:08 AM" + "Type" = "Symmetric" + "Usage" = "Sign" + "AdditionalProperties" = @{} + "Parameters" = $args + } + } + ) + } + Mock -CommandName Get-MgServicePrincipal -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipalKeyCredential" { + Context "Test for Get-EntraServicePrincipalKeyCredential" { + It "Should return specific principal key credential" { + $objectId = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result = Get-EntraServicePrincipalKeyCredential -ServicePrincipalId $objectId + $result | Should -Not -BeNullOrEmpty + $result.KeyId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should update the parameter with Alias" { + $objectId = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result = Get-EntraServicePrincipalKeyCredential -ObjectId $objectId + $result | Should -Not -BeNullOrEmpty + $result.KeyId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + $errorActionPreference = "Stop" + { Get-EntraServicePrincipalKeyCredential -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + + It "Should fail when ServicePrincipalId is invalid" { + $errorActionPreference = "Stop" + { Get-EntraServicePrincipalKeyCredential -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalKeyCredential -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $servicePrincipalKeyCredential = $result | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $params = Get-Parameters -data $servicePrincipalKeyCredential.Parameters + $params.ServicePrincipalId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalKeyCredential" + + $result = Get-EntraServicePrincipalKeyCredential -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalKeyCredential" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalKeyCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalMembership.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalMembership.Tests.ps1 new file mode 100644 index 0000000000..0b6bb416a2 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalMembership.Tests.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "AdditionalProperties" = @{DeletedDateTime = $null} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalTransitiveMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "Get-EntraServicePrincipalMembership"{ + It "Result should not be empty" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Get-EntraServicePrincipalMembership -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalMembership -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + It "Should return all applications" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should return top application" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalMembership" + $result = Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalMembership" + Should -Invoke -CommandName Get-MgServicePrincipalTransitiveMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalMembership -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..97679db6a0 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalOAuth2PermissionGrant.Tests.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "ClientId" = "4773e0f6-b400-40b3-8508-340de8ee0893" + "ConsentType" = "AllPrincipals" + "PrincipalId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "ResourceId" = "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + "Scope" = "openid" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalOauth2PermissionGrant -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "Get-EntraServicePrincipalOAuth2PermissionGrant"{ + It "Result should not be empty" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + It "Should return all applications" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should return top application" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'aaaaaaaa-0b0b-1c1c-2d2d-333333333333' + + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOAuth2PermissionGrant" + $result = Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOAuth2PermissionGrant" + Should -Invoke -CommandName Get-MgServicePrincipalOauth2PermissionGrant -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalOAuth2PermissionGrant -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalOwnedObject.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalOwnedObject.Tests.ps1 new file mode 100644 index 0000000000..845c9c9d17 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalOwnedObject.Tests.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "111cc9b5-fce9-485e-9566-c68debafac5f" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + accountEnabled = $true; + appDisplayName = "ToGraph_443democc3c" + servicePrincipalType = "Application" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalOwnedObject -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipalOwnedObject" { + Context "Test for Get-EntraServicePrincipalOwnedObject" { + It "Should return specific Owned Object" { + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('111cc9b5-fce9-485e-9566-c68debafac5f') + Should -Invoke -CommandName Get-MgServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return specific ServicePrincipalOwnedObject with Alias" { + $result = Get-EntraServicePrincipalOwnedObject -ObjectId "2d028fff-7e65-4340-80ca-89be16dae0b3" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('111cc9b5-fce9-485e-9566-c68debafac5f') + Should -Invoke -CommandName Get-MgServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId'*" + } + It "Should fail when ServicePrincipalId is null" { + { Get-EntraServicePrincipalOwnedObject -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + It "Should return all Owned Objects" { + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should return top Owned Object" { + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" + $result.ObjectId | should -Be "111cc9b5-fce9-485e-9566-c68debafac5f" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "2d028fff-7e65-4340-80ca-89be16dae0b3" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOwnedObject" + $result = Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOwnedObject" + Should -Invoke -CommandName Get-MgServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalOwnedObject -ServicePrincipalId "2d028fff-7e65-4340-80ca-89be16dae0b3" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalOwner.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalOwner.Tests.ps1 new file mode 100644 index 0000000000..947b9b2ec1 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalOwner.Tests.ps1 @@ -0,0 +1,116 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DisplayName" = "Adams Smith" + "UserPrincipalName" = "Adams@contoso.com" + "UserType" = "Member" + "appRoles" = @{ + allowedMemberTypes=$null; + description="msiam_access"; + displayName="msiam_access"; + id="d0d7e4e4-96be-41c9-805a-08e0526868ad"; + isEnabled=$True; + origin="Application" + } + "oauth2PermissionScopes" = @{ + adminConsentDescription="Allow the application to access from tmplate test 3 on behalf of the signed-in user."; + adminConsentDisplayName="Access from tmplate test 3"; + id="64c2cef3-e118-4795-a580-a32bdbd7ba88"; + isEnabled=$True; + type="User"; + userConsentDescription="Allow the application to access from tmplate test 3 on your behalf."; + userConsentDisplayName="Access from tmplate test 3"; + value="user_impersonation" + } + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.servicePrincipal"; + accountEnabled = $true + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalOwner -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "Get-EntraServicePrincipalOwner"{ + It "Result should not be empty" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Get-EntraServicePrincipalOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraServicePrincipalOwner -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + It "Should return all applications" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should return top application" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Result should Contain ServicePrincipalId" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Adams Smith' + + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOwner" + $result = Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalOwner" + Should -Invoke -CommandName Get-MgServicePrincipalOwner -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Get-EntraServicePrincipalOwner -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test/Entra/Applications/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..3b87e32a67 --- /dev/null +++ b/test/Entra/Applications/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "PasswordCredentials" = @{ + "StartDate" = "17-Apr-24 7:32:41 AM" + "EndDate" = "17-Apr-25 7:32:41 AM" + "CustomKeyIdentifier" = "" + "DisplayName" = "" + "EndDateTime" = "17-Apr-25 7:32:41 AM" + "Key" = "" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDateTime" = "17-Apr-24 7:32:41 AM" + "Hint" = "gjW" + "SecretText" = "" + "AdditionalProperties" = @{} + "Parameters" = $args + } + } + ) + } + Mock -CommandName Get-MgServicePrincipal -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Get-EntraServicePrincipalPasswordCredential" { + Context "Test for Get-EntraServicePrincipalPasswordCredential" { + It "Should return specific principal password credential" { + $ServicePrincipalId = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result = Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId $ServicePrincipalId + $result | Should -Not -BeNullOrEmpty + $result.KeyId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should update the parameter with Alias" { + $ServicePrincipalId = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result = Get-EntraServicePrincipalPasswordCredential -ObjectId $ServicePrincipalId + $result | Should -Not -BeNullOrEmpty + $result.KeyId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when ServicePrincipalId is empty" { + $errorActionPreference = "Stop" + { Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + + It "Should fail when ServicePrincipalId is invalid" { + $errorActionPreference = "Stop" + { Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + $result = Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $servicePrincipalPasswordCredential = $result | ConvertTo-Json -Depth 10 | ConvertFrom-Json + $params = Get-Parameters -data $servicePrincipalPasswordCredential.Parameters + $params.ServicePrincipalId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalPasswordCredential" + + $result = Get-EntraServicePrincipalPasswordCredential -ServicePrincipalId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraServicePrincipalPasswordCredential" + + Should -Invoke -CommandName Get-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraServicePrincipalPasswordCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Invalid.Tests.ps1 b/test/Entra/Applications/Invalid.Tests.ps1 new file mode 100644 index 0000000000..d737d81334 --- /dev/null +++ b/test/Entra/Applications/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Applications)){ + Import-Module Microsoft.Entra.Applications +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Applications + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/Applications/Module.Tests.ps1 b/test/Entra/Applications/Module.Tests.ps1 new file mode 100644 index 0000000000..ad2aa26b52 --- /dev/null +++ b/test/Entra/Applications/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Applications Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Applications + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Applications + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Applications + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Applications.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Applications + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Applications -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/Applications/New-EntraApplication.Tests.ps1 b/test/Entra/Applications/New-EntraApplication.Tests.ps1 new file mode 100644 index 0000000000..d26b450404 --- /dev/null +++ b/test/Entra/Applications/New-EntraApplication.Tests.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppId" = "aaaaaaaa-1111-2222-3333-cccccccccccc" + "DeletedDateTime" = $null + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "DisplayName" = "Mock-App" + "Info" = @{LogoUrl = ""; MarketingUrl = ""; PrivacyStatementUrl = ""; SupportUrl = ""; TermsOfServiceUrl = "" } + "IsDeviceOnlyAuthSupported" = $True + "IsFallbackPublicClient" = $true + "KeyCredentials" = @{CustomKeyIdentifier = @(211, 174, 247); DisplayName = ""; Key = ""; KeyId = "d903c7a3-75ea-4772-8935-5c0cf82068a7"; Type = "Symmetric"; Usage = "Sign" } + "OptionalClaims" = @{AccessToken = ""; IdToken = ""; Saml2Token = "" } + "ParentalControlSettings" = @{CountriesBlockedForMinors = $null; LegalAgeGroupRule = "Allow" } + "PasswordCredentials" = @{} + "PublicClient" = @{RedirectUris = $null } + "PublisherDomain" = "aaaabbbbbccccc.contoso.com" + "SignInAudience" = "AzureADandPersonalMicrosoftAccount" + "Web" = @{HomePageUrl = "https://localhost/demoapp"; ImplicitGrantSettings = ""; LogoutUrl = ""; } + "AdditionalProperties" = @{CountriesBlockedForMinors = $null; LegalAgeGroupRule = "Allow" } + } + ) + } + + Mock -CommandName New-MgApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "New-EntraApplication"{ + Context "Test for New-EntraApplication" { + It "Should return created Application"{ + $result = New-EntraApplication -DisplayName "Mock-App" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "Mock-App" + $result.IsDeviceOnlyAuthSupported | should -Be "True" + $result.IsFallbackPublicClient | should -Be "True" + $result.SignInAudience | should -Be "AzureADandPersonalMicrosoftAccount" + + Should -Invoke -CommandName New-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when DisplayName is empty" { + { New-EntraApplication -DisplayName "" } | Should -Throw "Cannot bind argument to parameter 'DisplayName' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplication" + $result = New-EntraApplication -DisplayName "Mock-App" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplication" + Should -Invoke -CommandName New-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraApplication -DisplayName "Mock-App" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/New-EntraApplicationExtensionProperty.Tests.ps1 b/test/Entra/Applications/New-EntraApplicationExtensionProperty.Tests.ps1 new file mode 100644 index 0000000000..6e5decd1fb --- /dev/null +++ b/test/Entra/Applications/New-EntraApplicationExtensionProperty.Tests.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "AppDisplayName" = "Mock-App" + "DataType" = "MockType" + "DeletedDateTime" = $null + "IsMultiValued" = $False + "IsSyncedFromOnPremises" = $False + "Name" = "Mock-App" + "TargetObjects" = "Application" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/`$metadata#applications('aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb')/extensionProperties/`$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgApplicationExtensionProperty -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "New-EntraApplicationExtensionProperty" { +Context "Test for New-EntraApplicationExtensionProperty" { + It "Should return created MS application extension property" { + $result = New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.Name | Should -Be "Mock-App" + $result.TargetObjects | Should -Be "Application" + $result.DataType | Should -Be "MockType" + + Should -Invoke -CommandName New-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return created MS application extension property with alias" { + $result = New-EntraApplicationExtensionProperty -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.Name | Should -Be "Mock-App" + $result.TargetObjects | Should -Be "Application" + $result.DataType | Should -Be "MockType" + + Should -Invoke -CommandName New-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { New-EntraApplicationExtensionProperty -ApplicationId -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is invalid" { + { New-EntraApplicationExtensionProperty -ApplicationId "" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when DataType is empty" { + { New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType -Name "Mock-App" -TargetObjects "Application" } | Should -Throw "Missing an argument for parameter 'DataType'*" + } + It "Should fail when Name is empty" { + { New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name -TargetObjects "Application" } | Should -Throw "Missing an argument for parameter 'Name'*" + } + It "Should fail when TargetObjects is empty" { + { New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects } | Should -Throw "Missing an argument for parameter 'TargetObjects'*" + } + It "Result should Contain ObjectId" { + $result = New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" + $result.ObjectId | should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationExtensionProperty" + $result = New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationExtensionProperty" + Should -Invoke -CommandName New-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DataType "MockType" -Name "Mock-App" -TargetObjects "Application" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Applications/New-EntraApplicationFromApplicationTemplate.Tests.ps1 b/test/Entra/Applications/New-EntraApplicationFromApplicationTemplate.Tests.ps1 new file mode 100644 index 0000000000..2314bcaee6 --- /dev/null +++ b/test/Entra/Applications/New-EntraApplicationFromApplicationTemplate.Tests.ps1 @@ -0,0 +1,147 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.Applications) -eq $null) { + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $response = @{ + "@odata.context" = 'https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.applicationServicePrincipal' + "servicePrincipal" = @{ + "oauth2PermissionScopes" = $null + "servicePrincipalType" = "Application" + "displayName" = "test app" + "passwordCredentials" = $null + "deletedDateTime" = $null + "alternativeNames" = $null + "homepage" = "https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z" + "applicationTemplateId" = "aaaaaaaa-1111-1111-1111-cccccccccccc" + "appRoleAssignmentRequired" = $true + "servicePrincipalNames" = $null + "keyCredentials" = $null + "appOwnerOrganizationId" = "aaaaaaaa-1111-2222-1111-cccccccccccc" + "loginUrl" = $null + "verifiedPublisher" = @{ + "verifiedPublisherId" = $null + "displayName" = $null + "addedDateTime" = $null + } + "logoutUrl" = $null + "preferredSingleSignOnMode" = $null + "appRoles" = $null + "tokenEncryptionKeyId" = $null + "samlSingleSignOnSettings" = $null + "appDisplayName" = "test app" + "id" = "aaaaaaaa-1111-3333-1111-cccccccccccc" + "tags" = $null + "addIns" = $null + "accountEnabled" = $true + "notificationEmailAddresses" = $null + "replyUrls" = $null + "info" = @{ + "marketingUrl" = $null + "privacyStatementUrl" = $null + "termsOfServiceUrl" = $null + "logoUrl" = $null + "supportUrl" = $null + } + "appId" = "aaaaaaaa-1111-4444-1111-cccccccccccc" + "preferredTokenSigningKeyThumbprint" = $null + } + "application" = @{ + "passwordCredentials" = $null + "defaultRedirectUri" = $null + "parentalControlSettings" = @{ + "legalAgeGroupRule" = "Allow" + "countriesBlockedForMinors" = "" + } + "verifiedPublisher" = @{ + "verifiedPublisherId" = $null + "displayName" = $null + "addedDateTime" = $null + } + "info" = @{ + "marketingUrl" = $null + "privacyStatementUrl" = $null + "termsOfServiceUrl" = $null + "logoUrl" = $null + "supportUrl" = $null + } + "createdDateTime" = $null + "keyCredentials" = $null + "identifierUris" = $null + "displayName" = "test app" + "applicationTemplateId" = "aaaaaaaa-1111-1111-1111-cccccccccccc" + "samlMetadataUrl" = $null + "addIns" = $null + "publicClient" = @{ + "redirectUris" = "" + } + "groupMembershipClaims" = $null + "requiredResourceAccess" = $null + "deletedDateTime" = $null + "tokenEncryptionKeyId" = $null + "optionalClaims" = $null + "web" = @{ + "homePageUrl" = "https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z" + "redirectUris" = "https://*.signin.e-days.co.uk/* https://*.signin.e-days.com/* https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx" + "logoutUrl" = $null + } + "id" = "aaaaaaaa-2222-1111-1111-cccccccccccc" + "tags" = $null + "isFallbackPublicClient" = $false + "api" = @{ + "knownClientApplications" = "" + "requestedAccessTokenVersion" = $null + "preAuthorizedApplications" = "" + "oauth2PermissionScopes" = $null + "acceptMappedClaims" = $null + } + "appRoles" = $null + "description" = $null + "signInAudience" = "AzureADMyOrg" + "appId" = "aaaaaaaa-3333-1111-1111-cccccccccccc" + } + } + + Mock -CommandName Invoke-MgGraphRequest -MockWith { $response } -ModuleName Microsoft.Entra.Applications +} +Describe "New-EntraApplicationFromApplicationTemplateFromApplicationTemplate tests"{ + It "Should return created Application with service principal"{ + $result = New-EntraApplicationFromApplicationTemplate -Id "aaaaaaaa-1111-1111-1111-cccccccccccc" -DisplayName "test app" + $result | Should -Not -BeNullOrEmpty + $result.application.applicationTemplateId | Should -Be "aaaaaaaa-1111-1111-1111-cccccccccccc" + $result.servicePrincipal.applicationTemplateId | Should -Be "aaaaaaaa-1111-1111-1111-cccccccccccc" + Should -Invoke -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when Id is empty" { + { New-EntraApplicationFromApplicationTemplate -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { New-EntraApplicationFromApplicationTemplate -Id } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when DisplayName is empty" { + { New-EntraApplicationFromApplicationTemplate -DisplayName "" } | Should -Throw "Cannot bind argument to parameter 'DisplayName'*" + } + It "Should fail when DisplayName is null" { + { New-EntraApplicationFromApplicationTemplate -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraApplicationFromApplicationTemplate -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraApplicationFromApplicationTemplate -Id "aaaaaaaa-1111-1111-1111-cccccccccccc" -DisplayName "test app" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} diff --git a/test/Entra/Applications/New-EntraApplicationPassword.Tests.ps1 b/test/Entra/Applications/New-EntraApplicationPassword.Tests.ps1 new file mode 100644 index 0000000000..4675117edc --- /dev/null +++ b/test/Entra/Applications/New-EntraApplicationPassword.Tests.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "CustomKeyIdentifier" = $null + "DisplayName" = "mypassword" + "EndDateTime" = "10/23/2024 11:36:56 AM" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDateTime" = "11/22/2023 11:35:16 AM" + "Hint" = "123" + "SecretText" = "wbBNW8kCuiPjNRg9NX98W_EaU6cqG" + "Parameters" = $args + } + ) + } + + Mock -CommandName Add-MgApplicationPassword -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "New-EntraApplicationPassword"{ + It "Should return created password credential"{ + $result = New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ displayname = "mypassword" } | ConvertTo-Json | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $result.KeyId | should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.SecretText | Should -Be "wbBNW8kCuiPjNRg9NX98W_EaU6cqG" + Should -Invoke -CommandName Add-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { New-EntraApplicationPassword -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { New-EntraApplicationPassword -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when PasswordCredential is null" { + { New-EntraApplicationPassword -PasswordCredential } | Should -Throw "Missing an argument for parameter 'PasswordCredential'*" + } + It "Should fail when StartDate is empty" { + { New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ StartDateTime = "" } } | Should -Throw "Cannot process argument transformation on parameter 'PasswordCredential'*" + } + It "Should fail when EndDate is empty" { + { New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ EndDateTime = "" } } | Should -Throw "Cannot process argument transformation on parameter 'PasswordCredential'*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraApplicationPassword -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'." + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ displayname = "mypassword" } + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "should contain password credential parameters in body parameter when passed PasswordCredential to it"{ + $result = New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ DisplayName = "mypassword"; Hint = "123"; StartDateTime=(get-date).AddYears(0); EndDateTime=(get-date).AddYears(2) } + $params = Get-Parameters -data $result.Parameters + $a = $params.PasswordCredential | ConvertTo-json | ConvertFrom-Json + $a.DisplayName | Should -Be "mypassword" + $a.Hint | Should -Be "123" + $a.StartDateTime | Should -Not -BeNullOrEmpty + $a.EndDateTime | Should -Not -BeNullOrEmpty + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationPassword" + $result = New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ displayname = "mypassword" } | ConvertTo-Json | ConvertFrom-Json + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationPassword" + Should -Invoke -CommandName Add-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraApplicationPassword -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PasswordCredential @{ displayname = "mypassword" } | ConvertTo-Json | ConvertFrom-Json -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/New-EntraApplicationPasswordCredential.Tests.ps1 b/test/Entra/Applications/New-EntraApplicationPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..9553ed89c6 --- /dev/null +++ b/test/Entra/Applications/New-EntraApplicationPasswordCredential.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "CustomKeyIdentifier" = $null + "DisplayName" = "" + "EndDateTime" = "10/23/2024 11:36:56 AM" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "StartDateTime" = "11/22/2023 11:35:16 AM" + "Hint" = "123" + "SecretText" = "wbBNW8kCuiPjNRg9NX98W_EaU6cqG" + "Parameters" = $args + } + ) + } + + Mock -CommandName Add-MgApplicationPassword -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "New-EntraApplicationPasswordCredential"{ + It "Should return created password credential"{ + $result = New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.KeyId | should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.SecretText | Should -Be "wbBNW8kCuiPjNRg9NX98W_EaU6cqG" + Should -Invoke -CommandName Add-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { New-EntraApplicationPasswordCredential -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { New-EntraApplicationPasswordCredential -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when StartDate is empty" { + { New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -StartDate "" } | Should -Throw "Cannot process argument transformation on parameter 'StartDate'*" + } + It "Should fail when StartDate is null" { + { New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -StartDate } | Should -Throw "Missing an argument for parameter 'StartDate'*" + } + It "Should fail when EndDate is empty" { + { New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -EndDate "" } | Should -Throw "Cannot process argument transformation on parameter 'EndDate'*" + } + It "Should fail when EndDate is null" { + { New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -EndDate } | Should -Throw "Missing an argument for parameter 'EndDate'*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraApplicationPasswordCredential -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'." + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "should contain startDateTime in body parameter when passed StartDate to it"{ + $result = New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -StartDate (get-date).AddYears(0) + $params = Get-Parameters -data $result.Parameters + $a = $params.PasswordCredential | ConvertTo-json | ConvertFrom-Json + $a.startDateTime | Should -Not -BeNullOrEmpty + } + It "should contain endDateTime in body parameter when passed EndDate to it"{ + $result = New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -EndDate (get-date).AddYears(0) + $params = Get-Parameters -data $result.Parameters + $a = $params.PasswordCredential | ConvertTo-json | ConvertFrom-Json + $a.endDateTime | Should -Not -BeNullOrEmpty + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationPasswordCredential" + $result = New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraApplicationPasswordCredential" + Should -Invoke -CommandName Add-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/New-EntraServicePrincipal.Tests.ps1 b/test/Entra/Applications/New-EntraServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..624e8ad89f --- /dev/null +++ b/test/Entra/Applications/New-EntraServicePrincipal.Tests.ps1 @@ -0,0 +1,122 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking New-MgServicePrincipal with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "AppId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AccountEnabled" = $True + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "AppDisplayName" = "ToGraph_443DEM" + "ServicePrincipalType" = "Application" + "SignInAudience" = "AzureADMyOrg" + "AppRoleAssignmentRequired" = $true + "AlternativeNames" = "unitalternative" + "Homepage" = "http://localhost/home" + "DisplayName" = "ToGraph_443DEM" + "LogoutUrl" = "htpp://localhost/logout" + "ReplyUrls" = "http://localhost/redirect" + "Tags" = "{WindowsAzureActiveDirectoryIntegratedApp}" + "ServicePrincipalNames" = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + "AppOwnerOrganizationId" = "44445555-eeee-6666-ffff-7777aaaa8888" + "KeyCredentials" = @{CustomKeyIdentifier = @(84, 101, 115, 116);DisplayName =""; Key="";KeyId="bf620d66-bd18-4348-94e4-7431d7ad20a6";Type="Symmetric";Usage="Sign"} + "PasswordCredentials" = @{} + } + ) + } + + Mock -CommandName New-MgServicePrincipal -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "New-EntraServicePrincipal"{ + Context "Test for New-EntraServicePrincipal" { + It "Should return created service principal"{ + $result = New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -Homepage 'http://localhost/home' -LogoutUrl 'htpp://localhost/logout' -ReplyUrls 'http://localhost/redirect' -AccountEnabled $true -DisplayName "ToGraph_443DEM" -AlternativeNames "unitalternative" -Tags {WindowsAzureActiveDirectoryIntegratedApp} -AppRoleAssignmentRequired $true -ServicePrincipalType "Application" -ServicePrincipalNames "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result | Should -Not -Be NullOrEmpty + $result.DisplayName | should -Be "ToGraph_443DEM" + $result.AccountEnabled | should -Be "True" + $result.AppId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.Homepage | should -Be "http://localhost/home" + $result.LogoutUrl | should -Be "htpp://localhost/logout" + $result.AlternativeNames | should -Be "unitalternative" + $result.Tags | should -Be "{WindowsAzureActiveDirectoryIntegratedApp}" + $result.AppRoleAssignmentRequired | should -Be "True" + $result.ReplyUrls | should -Be "http://localhost/redirect" + $result.ServicePrincipalType | should -Be "Application" + $result.ServicePrincipalNames | should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + + Should -Invoke -CommandName New-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when AppID is empty" { + { New-EntraServicePrincipal -AppId } | Should -Throw "Missing an argument for parameter 'AppId'.*" + } + It "Should fail when AppID is Invalid" { + { New-EntraServicePrincipal -AppId "" } | Should -Throw "Cannot bind argument to parameter 'AppId' because it is an empty string.*" + } + It "Should fail when non-mandatory is empty" { + { New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -Tags -ReplyUrls -AccountEnabled -AlternativeNames } | Should -Throw "Missing an argument for parameter*" + } + It "Should create service principal with KeyCredentials parameter"{ + $creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential + $creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes("Test") + $startdate = Get-Date -Year 2023 -Month 10 -Day 23 + $creds.StartDate = $startdate + $creds.Type = "Symmetric" + $creds.Usage = 'Sign' + $creds.Value = [System.Text.Encoding]::UTF8.GetBytes("123") + $creds.EndDate = Get-Date -Year 2024 -Month 10 -Day 23 + $result= New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -KeyCredentials $creds + $result | Should -Not -Be NullOrEmpty + $result.AppId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $keycredentials = @{CustomKeyIdentifier = @(84, 101, 115, 116);DisplayName =""; Key="";KeyId="bf620d66-bd18-4348-94e4-7431d7ad20a6";Type="Symmetric";Usage="Sign"} | ConvertTo-json + ($result.KeyCredentials | ConvertTo-json ) | should -Be $keycredentials + } + It "Should fail when KeyCredentials is empty" { + { New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -KeyCredentials } | Should -Throw "Missing an argument for parameter 'KeyCredentials'.*" + } + It "Should fail when KeyCredentials is Invalid" { + { New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -KeyCredentials "xyz" } | Should -Throw "Cannot process argument transformation on parameter 'KeyCredentials'.*" + } + It "Result should Contain ObjectId and AppOwnerTenantId" { + $result = New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.AppOwnerTenantId | should -Be "44445555-eeee-6666-ffff-7777aaaa8888" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipal" + + $result = New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipal" + + Should -Invoke -CommandName New-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraServicePrincipal -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -Homepage 'http://localhost/home' -LogoutUrl 'htpp://localhost/logout' -AccountEnabled $true -DisplayName "ToGraph_443DEM" -AlternativeNames "unitalternative" -Tags {WindowsAzureActiveDirectoryIntegratedApp} -AppRoleAssignmentRequired $true -ReplyUrls 'http://localhost/redirect' -ServicePrincipalType "Application" -ServicePrincipalNames "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test/Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..9a1af8e20e --- /dev/null +++ b/test/Entra/Applications/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking New-MgServicePrincipalAppRoleAssignment with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DeletedDateTime" = $null + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "PrincipalDisplayName" = "Mock-App" + "AppRoleId" = "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" + "CreatedDateTime" = "3/12/2024 11:05:29 AM" + "PrincipalId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgServicePrincipalAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "New-EntraServicePrincipalAppRoleAssignment"{ + Context "Test for New-EntraServicePrincipalAppRoleAssignment" { + It "Should return New-EntraServicePrincipalAppRoleAssignment"{ + $result = New-EntraServicePrincipalAppRoleAssignment -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Id "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalDisplayName | should -Be "Mock-App" + $result.PrincipalId | should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + + Should -Invoke -CommandName New-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ObjectId is empty" { + { New-EntraServicePrincipalAppRoleAssignment -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId'*" + } + It "Should fail when ObjectId is null" { + { New-EntraServicePrincipalAppRoleAssignment -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should fail when ResourceId is empty" { + { New-EntraServicePrincipalAppRoleAssignment -ResourceId "" } | Should -Throw "Cannot bind argument to parameter 'ResourceId'*" + } + It "Should fail when ResourceId is null" { + { New-EntraServicePrincipalAppRoleAssignment -ResourceId } | Should -Throw "Missing an argument for parameter 'ResourceId'*" + } + It "Should fail when Id is empty" { + { New-EntraServicePrincipalAppRoleAssignment -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { New-EntraServicePrincipalAppRoleAssignment -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when PrincipalId is empty" { + { New-EntraServicePrincipalAppRoleAssignment -PrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'PrincipalId'*" + } + It "Should fail when PrincipalId is null" { + { New-EntraServicePrincipalAppRoleAssignment -PrincipalId } | Should -Throw "Missing an argument for parameter 'PrincipalId'*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraServicePrincipalAppRoleAssignment -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'." + } + It "Should contain AppRoleId in parameters when passed Id to it" { + $result = New-EntraServicePrincipalAppRoleAssignment -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Id "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $params = Get-Parameters -data $result.Parameters + $params.AppRoleId | Should -Be "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" + } + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + $result = New-EntraServicePrincipalAppRoleAssignment -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Id "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipalAppRoleAssignment" + $result = New-EntraServicePrincipalAppRoleAssignment -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Id "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipalAppRoleAssignment" + Should -Invoke -CommandName New-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraServicePrincipalAppRoleAssignment -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Id "bbbb1b1b-cc2c-dd3d-ee4e-ffffff5f5f5f" -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Applications/New-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test/Entra/Applications/New-EntraServicePrincipalPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..eab2ffe3cd --- /dev/null +++ b/test/Entra/Applications/New-EntraServicePrincipalPasswordCredential.Tests.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Add-MgServicePrincipalPassword with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "CustomKeyIdentifier" = $null + "DisplayName" = $null + "EndDateTime" = "16/12/2024 13:14:14" + "Hint" = "YWE" + "KeyId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "SecretText" = "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + "StartDateTime" = "16/09/2024 14:14:14" + + } + ) + } + + Mock -CommandName Add-MgServicePrincipalPassword -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "New-EntraServicePrincipalPasswordCredential"{ + Context "Test for New-EntraServicePrincipalPasswordCredential" { + It "Should return created password credential for a service principal."{ + $result = New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "2024-09-16T14:14:14Z" -EndDate "2024-12-16T13:14:14Z" + $result | Should -Not -Be NullOrEmpty + $result.StartDate | should -Be "16/09/2024 14:14:14" + $result.EndDate | should -Be "16/12/2024 13:14:14" + + Should -Invoke -CommandName Add-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = New-EntraServicePrincipalPasswordCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "2024-09-16T14:14:14Z" -EndDate "2024-12-16T13:14:14Z" + $result | Should -Not -Be NullOrEmpty + + Should -Invoke -CommandName Add-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + {New-EntraServicePrincipalPasswordCredential -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is Invalid" { + { New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when StartDate is empty" { + { New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate } | Should -Throw "Missing an argument for parameter 'StartDate'.*" + } + It "Should fail when StartDate is invalid" { + { New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "xyz" } | Should -Throw "Cannot process argument transformation on parameter 'StartDate'. Cannot convert value*" + } + It "Should fail when EndDate is empty" { + { New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -EndDate } | Should -Throw "Missing an argument for parameter 'EndDate'.*" + } + It "Should fail when EndDate is invalid" { + { New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -EndDate "xyz" } | Should -Throw "Cannot process argument transformation on parameter 'EndDate'. Cannot convert value*" + } + It "Result should Contain StartDate and EndDate" { + $result = New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "2024-09-16T14:14:14Z" -EndDate "2024-12-16T13:14:14Z" + $result.StartDate | should -Be "16/09/2024 14:14:14" + $result.EndDate | should -Be "16/12/2024 13:14:14" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipalPasswordCredential" + + $result = New-EntraServicePrincipalPasswordCredential -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "2024-09-16T14:14:14Z" -EndDate "2024-12-16T13:14:14Z" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraServicePrincipalPasswordCredential" + + Should -Invoke -CommandName Add-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraServicePrincipalPasswordCredential -ObjectID "bbbbbbbb-1111-2222-3333-cccccccccccc" -StartDate "2024-09-16T14:14:14Z" -EndDate "2024-12-16T13:14:14Z" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraApplication.Tests.ps1 b/test/Entra/Applications/Remove-EntraApplication.Tests.ps1 new file mode 100644 index 0000000000..4dcc94e0b2 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraApplication.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgApplication -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraApplication" { + Context "Test for Remove-EntraApplication" { + It "Should return empty object" { + $result = Remove-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is invalid" { + { Remove-EntraApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraApplication -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Remove-MgApplication -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplication" + + Remove-EntraApplication -ApplicationId bbbbbbbb-1111-2222-3333-cccccccccccc + Should -Invoke -CommandName Remove-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraApplicationExtensionProperty.Tests.ps1 b/test/Entra/Applications/Remove-EntraApplicationExtensionProperty.Tests.ps1 new file mode 100644 index 0000000000..30a31fe683 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraApplicationExtensionProperty.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraApplicationExtensionProperty" { + Context "Test for Remove-EntraApplicationExtensionProperty" { + It "Should return empty object" { + $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraApplicationExtensionProperty -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraApplicationExtensionProperty -ApplicationId -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444"} | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is invalid" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ExtensionPropertyId is empty" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId } | Should -Throw "Missing an argument for parameter 'ExtensionPropertyId'*" + } + It "Should fail when ExtensionPropertyId is invalid" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "" } | Should -Throw "Cannot bind argument to parameter 'ExtensionPropertyId' because it is an empty string." + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" + + Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/Applications/Remove-EntraApplicationOwner.Tests.ps1 b/test/Entra/Applications/Remove-EntraApplicationOwner.Tests.ps1 new file mode 100644 index 0000000000..91737f6d45 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraApplicationOwner.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgApplicationOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraApplicationOwner"{ + It "Should return empty object" { + $result = Remove-EntraApplicationOwner -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgApplicationOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return empty object" { + $result = Remove-EntraApplicationOwner -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgApplicationOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraApplicationOwner -ApplicationId "" } + } + It "Should fail when OwnerId is empty" { + { Remove-EntraApplicationOwner -OwnerId "" } + } + It "Should contain ApplicationId in parameters" { + Mock -CommandName Remove-MgApplicationOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + $result = Remove-EntraApplicationOwner -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + It "Should contain DirectoryObjectId in parameters" { + Mock -CommandName Remove-MgApplicationOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + $result = Remove-EntraApplicationOwner -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-cccc-dddd-2222-333333333333" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationOwner" + $result = Remove-EntraApplicationOwner -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationOwner" + Should -Invoke -CommandName Remove-MgApplicationOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraApplicationOwner -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -OwnerId "bbbbbbbb-cccc-dddd-2222-333333333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraApplicationPassword.Tests.ps1 b/test/Entra/Applications/Remove-EntraApplicationPassword.Tests.ps1 new file mode 100644 index 0000000000..2d6bbd7890 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraApplicationPassword.Tests.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgApplicationPassword -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraApplicationPassword"{ + It "Should return empty object" { + $result = Remove-EntraApplicationPassword -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ObjectId is empty" { + { Remove-EntraApplicationPassword -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId'*" + } + It "Should fail when ObjectId is null" { + { Remove-EntraApplicationPassword -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should fail when KeyId is null" { + { Remove-EntraApplicationPassword -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId } | Should -Throw "Missing an argument for parameter 'KeyId'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraApplicationPassword -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'." + } + It "Should contain ApplicationId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgApplicationPassword -MockWith {$args} -ModuleName Microsoft.Entra.Applications + $result = Remove-EntraApplicationPassword -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationPassword" + $result = Remove-EntraApplicationPassword -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationPassword" + Should -Invoke -CommandName Remove-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraApplicationPassword -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraApplicationPasswordCredential.Tests.ps1 b/test/Entra/Applications/Remove-EntraApplicationPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..b991fab1b6 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraApplicationPasswordCredential.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgApplicationPassword -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraApplicationPasswordCredential"{ + It "Should return empty object" { + $result = Remove-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraApplicationPasswordCredential -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraApplicationPasswordCredential -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Remove-EntraApplicationPasswordCredential -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when KeyId is empty" { + { Remove-EntraApplicationPasswordCredential -KeyId "" } | Should -Throw "Cannot bind argument to parameter 'KeyId'*" + } + It "Should fail when KeyId is null" { + { Remove-EntraApplicationPasswordCredential -KeyId } | Should -Throw "Missing an argument for parameter 'KeyId'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraApplicationPasswordCredential -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'." + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Remove-MgApplicationPassword -MockWith {$args} -ModuleName Microsoft.Entra.Applications + $result = Remove-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "bbbbbbbb-cccc-dddd-2222-333333333333" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationPasswordCredential" + $result = Remove-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "bbbbbbbb-cccc-dddd-2222-333333333333" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationPasswordCredential" + Should -Invoke -CommandName Remove-MgApplicationPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraApplicationPasswordCredential -ApplicationId "aaaaaaaa-bbbb-cccc-1111-222222222222" -KeyId "bbbbbbbb-cccc-dddd-2222-333333333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraDeletedApplication.Tests.ps1 b/test/Entra/Applications/Remove-EntraDeletedApplication.Tests.ps1 new file mode 100644 index 0000000000..e8b235d46b --- /dev/null +++ b/test/Entra/Applications/Remove-EntraDeletedApplication.Tests.ps1 @@ -0,0 +1,62 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDirectoryDeletedItem -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraDeletedApplication" { + Context "Test for Remove-EntraDeletedApplication" { + It "Should remove deleted application object" { + $result = Remove-EntraDeletedApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when ObjectId is empty" { + { Remove-EntraDeletedApplication -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is invalid" { + { Remove-EntraDeletedApplication -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should contain DirectoryObjectId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgDirectoryDeletedItem -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraDeletedApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeletedApplication" + Remove-EntraDeletedApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeletedApplication" + Should -Invoke -CommandName Remove-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeletedApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraDeletedDirectoryObject.Tests.ps1 b/test/Entra/Applications/Remove-EntraDeletedDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..7612a86e4e --- /dev/null +++ b/test/Entra/Applications/Remove-EntraDeletedDirectoryObject.Tests.ps1 @@ -0,0 +1,64 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraDeletedDirectoryObject" { + Context "Test for Remove-EntraDeletedDirectoryObject" { + It "Should delete a previously deleted directory object" { + $result = Remove-EntraDeletedDirectoryObject -DirectoryObjectId "11112222-bbbb-3333-cccc-4444dddd5555" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Remove-EntraDeletedDirectoryObject -Id "11112222-bbbb-3333-cccc-4444dddd5555" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when DirectoryObjectId is empty" { + { Remove-EntraDeletedDirectoryObject -DirectoryObjectId } | Should -Throw "Missing an argument for parameter 'DirectoryObjectId'*" + } + + It "Should fail when DirectoryObjectId is invalid" { + { Remove-EntraDeletedDirectoryObject -DirectoryObjectId "" } | Should -Throw "Cannot bind argument to parameter 'DirectoryObjectId' because it is an empty string." + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeletedDirectoryObject" + + Remove-EntraDeletedDirectoryObject -DirectoryObjectId "11112222-bbbb-3333-cccc-4444dddd5555" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeletedDirectoryObject" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeletedDirectoryObject -DirectoryObjectId "11112222-bbbb-3333-cccc-4444dddd5555" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraServicePrincipal.Tests.ps1 b/test/Entra/Applications/Remove-EntraServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..4c6ef33f18 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraServicePrincipal.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgServicePrincipal -MockWith {} -ModuleName Microsoft.Entra.Applications +} +Describe "Remove-EntraServicePrincipal" { + Context "Test for Remove-EntraServicePrincipal" { + It "Should return empty object" { + $result = Remove-EntraServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Remove-EntraServicePrincipal -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Remove-EntraServicePrincipal -ServicePrincipalId }| Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Remove-EntraServicePrincipal -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + Mock -CommandName Remove-MgServicePrincipal -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipal" + + Remove-EntraServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipal" + + Should -Invoke -CommandName Remove-MgServicePrincipal -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test/Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..260e5d8c26 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgServicePrincipalAppRoleAssignment -MockWith {} -ModuleName Microsoft.Entra.Applications +} +Describe "Remove-EntraServicePrincipalAppRoleAssignment" { + Context "Test for Remove-EntraServicePrincipalAppRoleAssignment" { + It "Should return empty ServicePrincipalId" { + $result = Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraServicePrincipalAppRoleAssignment -ObjectId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when ServicePrincipalId is empty" { + { Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww"}| Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId }| Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'.*" + } + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string.*" + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + Mock -CommandName Remove-MgServicePrincipalAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "cc7fcc82-ac1b-4785-af47-2ca3b7052886" + + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalAppRoleAssignment" + Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" + Should -Invoke -CommandName Remove-MgServicePrincipalAppRoleAssignment -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraServicePrincipalAppRoleAssignment -ServicePrincipalId "cc7fcc82-ac1b-4785-af47-2ca3b7052886" -AppRoleAssignmentId "gsx_zBushUevRyyjtwUohm_RMYjcGsJIjXwKOVMr3ww" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test/Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 new file mode 100644 index 0000000000..d9363d0e26 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgServicePrincipalDelegatedPermissionClassification -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraServicePrincipalDelegatedPermissionClassification" { + Context "Test for Remove-EntraServicePrincipalDelegatedPermissionClassification" { + It "Should return empty object" { + $result = Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId -Id "00001111-aaaa-2222-bbbb-3333cccc4444" } | should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "" -Id "00001111-aaaa-2222-bbbb-3333cccc4444" } | should -Throw "Cannot bind argument to parameter 'ServicePrincipalId'*" + } + It "Should fail when Id is empty" { + { Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id } | should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when Id is invalid" { + { Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "" } | should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should contain DelegatedPermissionClassificationId in parameters when passed Id to it" { + Mock -CommandName Remove-MgServicePrincipalDelegatedPermissionClassification -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.DelegatedPermissionClassificationId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalDelegatedPermissionClassification" + + Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalDelegatedPermissionClassification" + + Should -Invoke -CommandName Remove-MgServicePrincipalDelegatedPermissionClassification -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraServicePrincipalDelegatedPermissionClassification -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraServicePrincipalOwner.Tests.ps1 b/test/Entra/Applications/Remove-EntraServicePrincipalOwner.Tests.ps1 new file mode 100644 index 0000000000..776f7bd05f --- /dev/null +++ b/test/Entra/Applications/Remove-EntraServicePrincipalOwner.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgServicePrincipalOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraServicePrincipalOwner" { + Context "Test for Remove-EntraServicePrincipalOwner" { + It "Should return empty object" { + $result = Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Remove-EntraServicePrincipalOwner -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Remove-EntraServicePrincipalOwner -ServicePrincipalId -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" }| Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + { Remove-EntraServicePrincipalOwner -ServicePrincipalId "" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333"} | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when OwnerId is empty" { + { Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId } | Should -Throw "Missing an argument for parameter 'OwnerId'.*" + } + It "Should fail when OwnerId is invalid" { + { Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId ""} | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string." + } + It "Should contain ServicePrincipalId in parameters when passed ServicePrincipalId to it" { + Mock -CommandName Remove-MgServicePrincipalOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgServicePrincipalOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalOwner" + + Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalOwner" + + Should -Invoke -CommandName Remove-MgServicePrincipalOwnerByRef -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraServicePrincipalOwner -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccccc" -OwnerId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test/Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..07ebfbcea6 --- /dev/null +++ b/test/Entra/Applications/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgServicePrincipalPassword -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Remove-EntraServicePrincipalPasswordCredential" { + Context "Test for Remove-EntraServicePrincipalPasswordCredential" { + It "Should return empty object" { + $result = Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result = Remove-EntraServicePrincipalPasswordCredential -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" } | should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is invalid" { + {Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" } | should -Throw "Cannot bind argument to parameter 'ServicePrincipalId'*" + } + It "Should fail when KeyId is empty" { + {Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId } | should -Throw "Missing an argument for parameter 'KeyId'.*" + } + It "Should fail when KeyId is invalid" { + { Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId ""} | should -Throw "Cannot bind argument to parameter 'KeyId'*" + } + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgServicePrincipalPassword -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalPasswordCredential" + + Remove-EntraServicePrincipalPasswordCredential -ServicePrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraServicePrincipalPasswordCredential" + + Should -Invoke -CommandName Remove-MgServicePrincipalPassword -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraServicePrincipalPasswordCredential -ObjectID "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -KeyId "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Restore-EntraDeletedApplication.Tests.ps1 b/test/Entra/Applications/Restore-EntraDeletedApplication.Tests.ps1 new file mode 100644 index 0000000000..d0eb6de27d --- /dev/null +++ b/test/Entra/Applications/Restore-EntraDeletedApplication.Tests.ps1 @@ -0,0 +1,110 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.device" + "@odata.Context" = "https://graph.microsoft.com/v1.0/$metadata#directoryObjects/$entity" + "appId" = "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + "displayName" = "Mock-App" + "identifierUris" = @{} + "publisherDomain" = "M365x99297270.onmicrosoft.com" + "signInAudience" = "AzureADandPersonalMicrosoftAccount" + "addIns" = @{} + "appRoles" = @{} + "keyCredentials" = @{} + "requiredResourceAccess" = @{} + "verifiedPublisher" = @{} + "passwordCredentials" = @{} + "publicClient" = @{"redirectUris"=""} + "api" = @{"knownClientApplications" = ""; "oauth2PermissionScopes" = "" ; "preAuthorizedApplications" = ""} + "info" = @{"logoUrl"= "https://aadcdn.msftauthimages.net/1033/bannerlogo?ts=638490971995424035"} + "parentalControlSettings"= @{"legalAgeGroupRule" = "Allow"} + "web" = @{"homePageUrl" = "https://localhost/demoapp" ;"redirectUris" = ""; "implicitGrantSettings" = ""; "redirectUriSettings" = ""} + + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Restore-MgDirectoryDeletedItem -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} +Describe "Restore-EntraDeletedApplication" { +Context "Restore-EntraDeletedApplication" { + It "Should return specific deleted application" { + $result = Restore-EntraDeletedApplication -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + Should -Invoke -CommandName Restore-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ObjectId is empty" { + { Restore-EntraDeletedApplication -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should fail when ObjectId is invalid" { + { Restore-EntraDeletedApplication -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + It "Result Should contain Alias properties" { + $result = Restore-EntraDeletedApplication -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.Homepage | Should -Be "https://localhost/demoapp" + $result.DisplayName | Should -Be "Mock-App" + $result.PublisherDomain | Should -Be "M365x99297270.onmicrosoft.com" + $result.ObjectType | Should -Be "#microsoft.graph.device" + $result.SignInAudience | Should -Be "AzureADandPersonalMicrosoftAccount" + $result.ReplyUrls | Should -BeNullOrEmpty + $result.ParentalControlSettings | Should -Not -BeNullOrEmpty + $result.PasswordCredentials | Should -BeNullOrEmpty + $result.KeyCredentials | Should -BeNullOrEmpty + $result.AddIns | Should -BeNullOrEmpty + $result.AppRoles | Should -BeNullOrEmpty + $result.IdentifierUris | Should -BeNullOrEmpty + $result.KnownClientApplications | Should -BeNullOrEmpty + $result.Oauth2Permissions | Should -BeNullOrEmpty + $result.PreAuthorizedApplications | Should -BeNullOrEmpty + $result.PublicClient | Should -Not -BeNullOrEmpty + $result.RequiredResourceAccess | Should -BeNullOrEmpty + $result.DeletionTimestamp | Should -BeNullOrEmpty + } + It "Should contain DirectoryObjectId in parameters when passed ObjectId to it" { + $result = Restore-EntraDeletedApplication -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.DirectoryObjectId| Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Restore-EntraDeletedApplication" + $result = Restore-EntraDeletedApplication -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Restore-EntraDeletedApplication" + Should -Invoke -CommandName Restore-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Restore-EntraDeletedApplication -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 b/test/Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 new file mode 100644 index 0000000000..5704db60c2 --- /dev/null +++ b/test/Entra/Applications/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgServicePrincipalMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.Applications +} + +Describe "Select-EntraGroupIdsServicePrincipalIsMemberOf" { + Context "Test for Select-EntraGroupIdsServicePrincipalIsMemberOf" { + It "Should Selects the groups in which a service principal is a member." { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa","33dd33dd-ee44-ff55-aa66-77bb77bb77bb","44ee44ee-ff55-aa66-bb77-88cc88cc88cc") + $SPId = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result = Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $SPId -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgServicePrincipalMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ObjectID parameter is empty" { + { Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId -GroupIdsForMembershipCheck "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" } | Should -Throw "Missing an argument for parameter*" + } + It "Should fail when ObjectID parameter is invalid" { + { Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId "" -GroupIdsForMembershipCheck "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when GroupIdsForMembershipCheck parameter is empty" { + {Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $SPId -GroupIdsForMembershipCheck } | Should -Throw "Missing an argument for parameter 'GroupIdsForMembershipCheck'.*" + } + It "Should fail when GroupIdsForMembershipCheck parameter is invalid" { + {Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -GroupIdsForMembershipCheck "" } | Should -Throw "Cannot process argument transformation on parameter 'GroupIdsForMembershipCheck'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsServicePrincipalIsMemberOf" + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa","33dd33dd-ee44-ff55-aa66-77bb77bb77bb","44ee44ee-ff55-aa66-bb77-88cc88cc88cc") + $SPId = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result = Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $SPId -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsServicePrincipalIsMemberOf" + + Should -Invoke -CommandName Get-MgServicePrincipalMemberOf -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa","33dd33dd-ee44-ff55-aa66-77bb77bb77bb","44ee44ee-ff55-aa66-bb77-88cc88cc88cc") + $SPId = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Select-EntraGroupIdsServicePrincipalIsMemberOf -ObjectId $SPId -GroupIdsForMembershipCheck $Groups -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Set-EntraApplication.Tests.ps1 b/test/Entra/Applications/Set-EntraApplication.Tests.ps1 new file mode 100644 index 0000000000..37f9259c7e --- /dev/null +++ b/test/Entra/Applications/Set-EntraApplication.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgApplication -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Set-EntraApplication"{ + Context "Test for Set-EntraApplication" { + It "Should return empty object"{ + $result = Set-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraApplication -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ApplicationId is invalid" { + { Set-EntraApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ApplicationId is empty" { + { Set-EntraApplication -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Update-MgApplication -MockWith {$args} -ModuleName Microsoft.Entra.Applications + + $result = Set-EntraApplication -ApplicationId bbbbbbbb-1111-2222-3333-cccccccccccc + $result = Set-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraApplication" + + Set-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraApplication" + + Should -Invoke -CommandName Update-MgApplication -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraApplication -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Set-EntraApplicationLogo.Tests.ps1 b/test/Entra/Applications/Set-EntraApplicationLogo.Tests.ps1 new file mode 100644 index 0000000000..1888c7ec47 --- /dev/null +++ b/test/Entra/Applications/Set-EntraApplicationLogo.Tests.ps1 @@ -0,0 +1,62 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Set-EntraApplicationLogo"{ + Context "Test for Set-EntraApplicationLogo" { + It "Should return empty object"{ + $result = Set-EntraApplicationLogo -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" -FilePath "https://th.bing.com/th?q=Application+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should return empty object with alias"{ + $result = Set-EntraApplicationLogo -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -FilePath "https://th.bing.com/th?q=Application+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + + It "Should fail when ApplicationId is empty" { + { Set-EntraApplicationLogo -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Set-EntraApplicationLogo -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when filepath invalid"{ + { Set-EntraApplicationLogo -ApplicationId f82a3f32-6bb6-404b-843c-5512fb3b35b8 -FilePath "sdd" } | Should -Throw "FilePath is invalid" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraApplicationLogo" + + Set-EntraApplicationLogo -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" -FilePath "https://th.bing.com/th?q=Application+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraApplicationLogo" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraApplicationLogo -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" -FilePath "https://th.bing.com/th?q=Application+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Set-EntraServicePrincipal.Tests.ps1 b/test/Entra/Applications/Set-EntraServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..564be35281 --- /dev/null +++ b/test/Entra/Applications/Set-EntraServicePrincipal.Tests.ps1 @@ -0,0 +1,90 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Applications) -eq $null){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Applications +} + +Describe "Set-EntraServicePrincipal"{ + Context "Test for Set-EntraServicePrincipal" { + It "Should update the parameter" { + $tags = @("Environment=Production", "Department=Finance", "Project=MNO") + $result= Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -AccountEnabled $false -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -AppRoleAssignmentRequired $true -DisplayName "test11" -ServicePrincipalNames "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Tags $tags + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the parameter with Alias" { + $result= Set-EntraServicePrincipal -ObjectId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -AccountEnabled $false -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -AppRoleAssignmentRequired $true -DisplayName "test11" -ServicePrincipalNames "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the LogoutUrl and ServicePrincipalType parameter" { + $result= Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -LogoutUrl 'https://securescore.office.com/SignOut' -ServicePrincipalType "Application" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the Homepage, ReplyUrls and AlternativeNames parameter" { + $result= Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Homepage 'https://HomePageurlss.com' -ReplyUrls 'https://admin.microsoft1.com' -AlternativeNames "updatetest" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should update the KeyCredentials parameter" { + $creds = New-Object Microsoft.Open.AzureAD.Model.KeyCredential + $creds.CustomKeyIdentifier = [System.Text.Encoding]::UTF8.GetBytes("Test") + $startdate = Get-Date -Year 2024 -Month 10 -Day 10 + $creds.StartDate = $startdate + $creds.Type = "Symmetric" + $creds.Usage = 'Sign' + $creds.Value = [System.Text.Encoding]::UTF8.GetBytes("A") + $creds.EndDate = Get-Date -Year 2025 -Month 12 -Day 20 + $result= Set-EntraServicePrincipal -ServicePrincipalId 6aa187e3-bbbb-4748-a708-fc380aa9eb17 -KeyCredentials $creds + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is empty" { + { Set-EntraServicePrincipal -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'.*" + } + It "Should fail when ServicePrincipalId is Invalid" { + { Set-EntraServicePrincipal -ServicePrincipalId ""} | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string.*" + } + It "Should fail when non-mandatory is empty" { + { Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -AppId -Tags -ReplyUrls -AccountEnabled -AlternativeNames -KeyCredentials -Homepage} | Should -Throw "Missing an argument for parameter*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraServicePrincipal" + + Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -LogoutUrl 'https://securescore.office.com/SignOut' -ServicePrincipalType "Application" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraServicePrincipal" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $tags = @("Environment=Production", "Department=Finance", "Project=MNO") + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraServicePrincipal -ServicePrincipalId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -AccountEnabled $false -AppId "00001111-aaaa-2222-bbbb-3333cccc4444" -AppRoleAssignmentRequired $true -DisplayName "test11" -ServicePrincipalNames "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Tags $tags -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Applications/Valid.Tests.ps1 b/test/Entra/Applications/Valid.Tests.ps1 new file mode 100644 index 0000000000..cdc0871dfd --- /dev/null +++ b/test/Entra/Applications/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Applications)){ + Import-Module Microsoft.Entra.Applications + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Applications +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Applications + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Applications + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Applications -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Applications + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Applications -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Applications + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Applications -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/Entra/Authentication/Connect-Entra.Tests.ps1 b/test/Entra/Authentication/Connect-Entra.Tests.ps1 new file mode 100644 index 0000000000..a199e1aabc --- /dev/null +++ b/test/Entra/Authentication/Connect-Entra.Tests.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Authentication)){ + Import-Module Microsoft.Entra.Authentication + } + + Mock -CommandName Connect-MgGraph -MockWith {} -ModuleName Microsoft.Entra.Authentication + + $ConnectEntraCommand = Get-Command Connect-Entra +} + +Describe "Connect-Entra Mock"{ + It "should return empty object"{ + $result = Connect-Entra -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -ApplicationId "00001111-aaaa-2222-bbbb-3333cccc4444" -CertificateThumbprint "0a0a0a0a-1111-bbbb-2222-3c3c3c3c3c3c" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Connect-MgGraph -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should connect to specified environment"{ + $result = Connect-Entra -Environment Global + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Connect-MgGraph -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should connect to an environment as a different identity"{ + $result = Connect-Entra -ContextScope "Process" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Connect-MgGraph -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should allow for authentication using environment variables"{ + $result = Connect-Entra -EnvironmentVariable + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Connect-MgGraph -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should return error when TenantId is null"{ + { Connect-Entra -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should return error when Environment is null"{ + { Connect-Entra -Environment } | Should -Throw "Missing an argument for parameter 'Environment'*" + } + It "Should return error when invalid parameter is provided"{ + { Connect-Entra -DisplayName } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'*" + } +} + +Describe "Connect-Entra ParameterSets"{ + It 'Should have six ParameterSets' { + $ConnectEntraCommand | Should -Not -BeNullOrEmpty + $ConnectEntraCommand.ParameterSets | Should -HaveCount 6 + } + It 'Should have UserParameterSet' { + $UserParameterSet = $ConnectEntraCommand.ParameterSets | Where-Object Name -eq 'UserParameterSet' + $UserParameterSet | Should -Not -BeNull + $UserParameterSet.IsDefault | Should -BeTrue + $UserParameterSet.Parameters | Where-Object IsMandatory | Should -HaveCount 0 + @('ClientId', 'TenantId', 'ContextScope', 'Environment', 'ClientTimeout') | Should -BeIn $UserParameterSet.Parameters.Name + } + It 'Should have AppCertificateParameterSet' { + $AppCertificateParameterSet = $ConnectEntraCommand.ParameterSets | Where-Object Name -eq 'AppCertificateParameterSet' + $AppCertificateParameterSet | Should -Not -BeNull + @('ClientId', 'TenantId', 'CertificateSubjectName', 'CertificateThumbprint', 'ContextScope', 'Environment', 'ClientTimeout') | Should -BeIn $AppCertificateParameterSet.Parameters.Name + } + + It 'Should have AppSecretCredentialParameterSet' { + $AppSecretCredentialParameterSet = $ConnectEntraCommand.ParameterSets | Where-Object Name -eq 'AppSecretCredentialParameterSet' + $AppSecretCredentialParameterSet | Should -Not -BeNull + @('ClientSecretCredential', 'TenantId', 'ContextScope', 'Environment', 'ClientTimeout') | Should -BeIn $AppSecretCredentialParameterSet.Parameters.Name + $MandatoryParameters = $AppSecretCredentialParameterSet.Parameters | Where-Object IsMandatory + $MandatoryParameters | Should -HaveCount 0 + } + + It 'Should have EnvironmentVariableParameterSet' { + $EnvironmentVariableParameterSet = $ConnectEntraCommand.ParameterSets | Where-Object Name -eq 'EnvironmentVariableParameterSet' + $EnvironmentVariableParameterSet | Should -Not -BeNull + @('EnvironmentVariable', 'ContextScope', 'Environment', 'ClientTimeout') | Should -BeIn $EnvironmentVariableParameterSet.Parameters.Name + $MandatoryParameters = $EnvironmentVariableParameterSet.Parameters | Where-Object IsMandatory + $MandatoryParameters | Should -HaveCount 0 + } + + It 'Should Have AccessTokenParameterSet' { + $AccessTokenParameterSet = $ConnectEntraCommand.ParameterSets | Where-Object Name -eq 'AccessTokenParameterSet' + $AccessTokenParameterSet | Should -Not -BeNull + @('AccessToken', 'Environment', 'ClientTimeout') | Should -BeIn $AccessTokenParameterSet.Parameters.Name + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Connect-Entra -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -ApplicationId "00001111-aaaa-2222-bbbb-3333cccc4444" -CertificateThumbprint "0a0a0a0a-1111-bbbb-2222-3c3c3c3c3c3c" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} diff --git a/test/Entra/Authentication/Disconnect-Entra.Tests.ps1 b/test/Entra/Authentication/Disconnect-Entra.Tests.ps1 new file mode 100644 index 0000000000..3d1da23bf3 --- /dev/null +++ b/test/Entra/Authentication/Disconnect-Entra.Tests.ps1 @@ -0,0 +1,36 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Authentication)){ + Import-Module Microsoft.Entra.Authentication + } + + Mock -CommandName Disconnect-MgGraph -MockWith {} -ModuleName Microsoft.Entra.Authentication + + $command = Get-Command Disconnect-Entra +} + +Describe "Disconnect-Entra Mock"{ + It "should return empty object"{ + $result = Disconnect-Entra + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Disconnect-MgGraph -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should return error when invalid parameter is provided"{ + { Disconnect-MgGraph -DisplayName } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'*" + } +} + +Describe "Disconnect-Entra ParameterSets"{ + It 'Should have one ParameterSets' { + $command | Should -Not -BeNullOrEmpty + $command.ParameterSets | Should -HaveCount 1 + } + It 'Should have GetQuery' { + $UserParameterSet = $command.ParameterSets | Where-Object Name -eq 'GetQuery' + $UserParameterSet | Should -Not -BeNull + $UserParameterSet.IsDefault | Should -BeTrue + } +} diff --git a/test/Entra/Authentication/Invalid.Tests.ps1 b/test/Entra/Authentication/Invalid.Tests.ps1 new file mode 100644 index 0000000000..b6717b4b93 --- /dev/null +++ b/test/Entra/Authentication/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Authentication)){ + Import-Module Microsoft.Entra.Authentication +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Authentication + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/Authentication/Module.Tests.ps1 b/test/Entra/Authentication/Module.Tests.ps1 new file mode 100644 index 0000000000..75f0f844b1 --- /dev/null +++ b/test/Entra/Authentication/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Authentication Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Authentication) -eq $null){ + Import-Module Microsoft.Entra.Authentication + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Authentication + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Authentication + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Authentication + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Authentication.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Authentication + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Authentication -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 b/test/Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 new file mode 100644 index 0000000000..2a2d8d3dc1 --- /dev/null +++ b/test/Entra/Authentication/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Authentication) -eq $null){ + Import-Module Microsoft.Entra.Authentication + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.passwordAuthenticationMethod"; + createdDateTime= "2023-11-21T12:43:51Z"; + } + } + ) + } + Mock -CommandName Get-MgUserAuthenticationMethod -MockWith {} -ModuleName Microsoft.Entra.Authentication +} + +Describe "Reset-EntraStrongAuthenticationMethodByUpn" { + Context "Test for Reset-EntraStrongAuthenticationMethodByUpn" { + It "Should Resets the strong authentication method" { + $result = Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserAuthenticationMethod -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should fail when UserPrincipalName is empty" { + { Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName } | Should -Throw "Missing an argument for parameter 'UserPrincipalName'*" + } + + It "Should fail when Id is invalid" { + { Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName "" } | Should -Throw "Cannot bind argument to parameter 'UserPrincipalName' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Reset-EntraStrongAuthenticationMethodByUpn" + + Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' | Out-Null + Should -Invoke -CommandName Get-MgUserAuthenticationMethod -ModuleName Microsoft.Entra.Authentication -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should contain 'User-Agent' header" { + Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' | Out-Null + Should -Invoke -CommandName Get-MgUserAuthenticationMethod -ModuleName Microsoft.Entra.Authentication -Times 1 -ParameterFilter { + $userId | Should -Be 'Test_contoso@M365x99297270.onmicrosoft.com' + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Reset-EntraStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} +} diff --git a/test/Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 b/test/Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 new file mode 100644 index 0000000000..e423c9cf2b --- /dev/null +++ b/test/Entra/Authentication/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Authentication) -eq $null){ + Import-Module Microsoft.Entra.Authentication + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $mockResponse = { + return @{ + "value" = @{ + "Value" = $true + "Parameters" = $args + } + } + } + Mock -CommandName Invoke-GraphRequest -MockWith $mockResponse -ModuleName Microsoft.Entra.Authentication +} + +Describe "Revoke-EntraSignedInUserAllRefreshToken" { + Context "Test for Revoke-EntraSignedInUserAllRefreshToken" { + It "Should revoke refresh tokens for the current user" { + $result = Revoke-EntraSignedInUserAllRefreshToken + $result | Should -Not -BeNullOrEmpty + $result | Should -Be $true + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Authentication -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Revoke-EntraSignedInUserAllRefreshToken" + + Revoke-EntraSignedInUserAllRefreshToken + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Revoke-EntraSignedInUserAllRefreshToken" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Authentication -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Revoke-EntraSignedInUserAllRefreshToken -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Authentication/Revoke-EntraUserAllRefreshToken.Tests.ps1 b/test/Entra/Authentication/Revoke-EntraUserAllRefreshToken.Tests.ps1 new file mode 100644 index 0000000000..cd7291e422 --- /dev/null +++ b/test/Entra/Authentication/Revoke-EntraUserAllRefreshToken.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Authentication) -eq $null) { + Import-Module Microsoft.Entra.Authentication + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Revoke-MgUserSignInSession -MockWith {} -ModuleName Microsoft.Entra.Authentication +} + +Describe "Revoke-EntraUserAllRefreshToken" { + Context "Test for Revoke-EntraUserAllRefreshToken" { + It "Should return empty object" { + $result = Revoke-EntraUserAllRefreshToken -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Revoke-MgUserSignInSession -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should return empty object with alias" { + $result = Revoke-EntraUserAllRefreshToken -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Revoke-MgUserSignInSession -ModuleName Microsoft.Entra.Authentication -Times 1 + } + It "Should fail when UserId is empty string" { + { Revoke-EntraUserAllRefreshToken -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should fail when UserId is empty" { + { Revoke-EntraUserAllRefreshToken -UserId } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain Id in parameters when passed UserId to it" { + Mock -CommandName Revoke-MgUserSignInSession -MockWith { $args } -ModuleName Microsoft.Entra.Authentication + + $result = Revoke-EntraUserAllRefreshToken -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.userId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Revoke-EntraUserAllRefreshToken" + + + Revoke-EntraUserAllRefreshToken -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Revoke-EntraUserAllRefreshToken" + + Should -Invoke -CommandName Revoke-MgUserSignInSession -ModuleName Microsoft.Entra.Authentication -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Revoke-EntraUserAllRefreshToken -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Authentication/Valid.Tests.ps1 b/test/Entra/Authentication/Valid.Tests.ps1 new file mode 100644 index 0000000000..63fcb38bc0 --- /dev/null +++ b/test/Entra/Authentication/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Authentication)){ + Import-Module Microsoft.Entra.Authentication + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Authentication +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Authentication + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Authentication -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Authentication + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Authentication -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Authentication + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Authentication -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Authentication + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Authentication -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..d6deb8022a --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,62 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Add-EntraAdministrativeUnitMember tests"{ + It "Should return empty object"{ + $result = Add-EntraAdministrativeUnitMember -AdministrativeUnitId "f306a126-cf2e-439d-b20f-95ce4bcb7ffa" -RefObjectId "d6873b36-81d6-4c5e-bec0-9e3ca2c86846" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object with ObjectId"{ + $result = Add-EntraAdministrativeUnitMember -ObjectId "f306a126-cf2e-439d-b20f-95ce4bcb7ffa" -RefObjectId "d6873b36-81d6-4c5e-bec0-9e3ca2c86846" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty"{ + { Add-EntraAdministrativeUnitMember -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null"{ + { Add-EntraAdministrativeUnitMember -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when RefObjectId is empty"{ + { Add-EntraAdministrativeUnitMember -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId'*" + } + It "Should fail when RefObjectId is null"{ + { Add-EntraAdministrativeUnitMember -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'*" + } + It "Should fail when invalid paramter is passed"{ + { Add-EntraAdministrativeUnitMember -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraAdministrativeUnitMember" + Add-EntraAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraAdministrativeUnitMember" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraAdministrativeUnitMember -AdministrativeUnitId "f306a126-cf2e-439d-b20f-95ce4bcb7ffa" -RefObjectId "d6873b36-81d6-4c5e-bec0-9e3ca2c86846" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..8780eb27cf --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { return @( + [PSCustomObject]@{ + Id = "Apline" + IsActive = $true + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Add-EntraCustomSecurityAttributeDefinitionAllowedValue" { + Context "Test for Add-EntraCustomSecurityAttributeDefinitionAllowedValue" { + It "Should add specific Allowed Values" { + $result = Add-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' -IsActive $true + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "Apline" + $result.IsActive | should -Be $true + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when CustomSecurityAttributeDefinitionId is empty" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'.*" + } + It "Should fail when CustomSecurityAttributeDefinitionId is invalid" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId'*" + } + It "Should fail when Id is empty" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -Id } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when Id is invalid" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when IsActive is empty" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -IsActive } | Should -Throw "Missing an argument for parameter 'IsActive'.*" + } + It "Should fail when IsActive is invalid" { + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -IsActive a } | Should -Throw "Cannot process argument transformation on parameter 'IsActive'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraCustomSecurityAttributeDefinitionAllowedValue" + Add-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' -IsActive $true + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraCustomSecurityAttributeDefinitionAllowedValue" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' -IsActive $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..ea96da6cac --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Add-EntraDeviceRegisteredOwner" { + Context "Test for Add-EntraDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Add-EntraDeviceRegisteredOwner -DeviceId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DeviceId'.*" + } + It "Should fail when DeviceId is invalid" { + { Add-EntraDeviceRegisteredOwner -DeviceId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain DeviceId in parameters when passed ObjectId to it" { + Mock -CommandName New-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "412be9d1-1460-4061-8eed-cca203fcb215" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $value = @{ + "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbbbbb-1111-2222-3333-cccccccccccc"} + Should -Invoke -CommandName New-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDeviceRegisteredOwner" + + Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDeviceRegisteredOwner" + + Should -Invoke -CommandName New-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Add-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..d45bf2b545 --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Add-EntraDeviceRegisteredUser" { + Context "Test for Add-EntraDeviceRegisteredUser" { + It "Should return empty object" { + $result = Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Add-EntraDeviceRegisteredUser -DeviceId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DeviceId'.*" + } + It "Should fail when DeviceId is invalid" { + { Add-EntraDeviceRegisteredUser -DeviceId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should execute successfully with Alias" { + $result = Add-EntraDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain DeviceId in parameters when passed DeviceId to it" { + Mock -CommandName New-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $value = @{ + "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbbbbb-1111-2222-3333-cccccccccccc"} + Should -Invoke -CommandName New-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDeviceRegisteredUser" + + Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDeviceRegisteredUser" + + Should -Invoke -CommandName New-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } + +} + diff --git a/test/Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.Tests.ps1 new file mode 100644 index 0000000000..58b5b01502 --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraDirectoryRoleMember.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgDirectoryRoleMemberByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Add-EntraDirectoryRoleMember" { + Context "Test for Add-EntraDirectoryRoleMember" { + It "Should return empty object" { + $result = Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object with alias" { + $result = Add-EntraDirectoryRoleMember -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DirectoryRoleId is empty" { + { Add-EntraDirectoryRoleMember -DirectoryRoleId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DirectoryRoleId'.*" + } + It "Should fail when DirectoryRoleId is invalid" { + { Add-EntraDirectoryRoleMember -DirectoryRoleId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DirectoryRoleId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain DirectoryRoleId in parameters when passed ObjectId to it" { + Mock -CommandName New-MgDirectoryRoleMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryRoleId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain OdataId in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgDirectoryRoleMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $value="https://graph.microsoft.com/v1.0/directoryObjects/" + $params.OdataId | Should -Be $value"bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDirectoryRoleMember" + + Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraDirectoryRoleMember" + + Should -Invoke -CommandName New-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Add-EntraScopedRoleMembership.Tests.ps1 b/test/Entra/DirectoryManagement/Add-EntraScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..3bf04ca2c3 --- /dev/null +++ b/test/Entra/DirectoryManagement/Add-EntraScopedRoleMembership.Tests.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $userObjId = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $roleObjId = "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $unitObjId = "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = $userObjId + + $scriptblock = { + @{ + "administrativeUnitId" = $unitObjId + "roleId" = $roleObjId + "roleMemberInfo" = @( + @{ + "id" = $userObjId + "userPrincipalName" = "Dummy" + "displayName" = "Dummy" + } + ) + "id" = "NewDummyId" + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Tests for Add-EntraScopedRoleMembership"{ + It "Result should not be empty"{ + $result = Add-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -RoleObjectId $roleObjId -RoleMemberInfo $RoleMember + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('NewDummyId') + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should not be empty with ObjectId"{ + $result = Add-EntraScopedRoleMembership -ObjectId $unitObjId -RoleObjectId $roleObjId -RoleMemberInfo $RoleMember + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('NewDummyId') + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is invalid" { + { Add-EntraScopedRoleMembership -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is empty" { + { Add-EntraScopedRoleMembership -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when RoleMemberInfo is invalid" { + { Add-EntraScopedRoleMembership -RoleMemberInfo "" } | Should -Throw "Cannot process argument transformation on parameter 'RoleMemberInfo'*" + } + It "Should fail when RoleMemberInfo is empty" { + { Add-EntraScopedRoleMembership -RoleMemberInfo } | Should -Throw "Missing an argument for parameter 'RoleMemberInfo'*" + } + It "Should fail when invalid parameter is passed" { + { Add-EntraScopedRoleMembership -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraScopedRoleMembership" + $result = Add-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -RoleObjectId $roleObjId -RoleMemberInfo $RoleMember + $params = Get-Parameters -data $result.Parameters + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.headers.'User-Agent' | Should -Be $userAgentHeaderValue + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -RoleObjectId $roleObjId -RoleMemberInfo $RoleMember -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Enable-EntraDirectoryRole.Tests.ps1 b/test/Entra/DirectoryManagement/Enable-EntraDirectoryRole.Tests.ps1 new file mode 100644 index 0000000000..1c8f22ec7e --- /dev/null +++ b/test/Entra/DirectoryManagement/Enable-EntraDirectoryRole.Tests.ps1 @@ -0,0 +1,49 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgDirectoryRole -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Enable-EntraDirectoryRole" { + Context "Test for Enable-EntraDirectoryRole" { + It "Should return empty object" { + $result = Enable-EntraDirectoryRole -RoleTemplateId 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when RoleTemplateId is empty" { + { Enable-EntraDirectoryRole -RoleTemplateId } | Should -Throw "Missing an argument for parameter 'RoleTemplateId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Enable-EntraDirectoryRole" + Enable-EntraDirectoryRole -RoleTemplateId 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Enable-EntraDirectoryRole" + Should -Invoke -CommandName New-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Enable-EntraDirectoryRole -RoleTemplateId 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraAccountSku.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraAccountSku.Tests.ps1 new file mode 100644 index 0000000000..e264bdf4e5 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraAccountSku.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "PrepaidUnits" = @{Enabled=20;LockedOut= 0; Suspended= 0;Warning =0} + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + "ConsumedUnits" = "20" + "AccountName" = "M365x99297270" + "CapabilityStatus" = "Enabled" + "AccountId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AppliesTo" = "User" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgSubscribedSku -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraAccountSku" { + Context "Test for Get-EntraAccountSku" { + It "Returns all the SKUs for a company." { + $result = Get-EntraAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + $result.ConsumedUnits | should -Be "20" + $result.AccountName | should -Be "M365x99297270" + $result.CapabilityStatus | should -Be "Enabled" + $result.AccountId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AppliesTo | should -Be "User" + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraAccountSku -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Get-EntraAccountSku -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAccountSku" + + $result = Get-EntraAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAccountSku" + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnit.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..5a1e1d15cc --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnit.Tests.ps1 @@ -0,0 +1,94 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "description" = "test111" + "membershipRule" = $null + "membershipRuleProcessingState" = $null + "id" = "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + "deletedDateTime" = $null + "visibility" = $null + "displayName" = "test111" + "membershipType" = $null + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Tests for Get-EntraAdministrativeUnit"{ + It "Result should not be empty"{ + $result = Get-EntraAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should not be empty objectid"{ + $result = Get-EntraAdministrativeUnit -ObjectId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraAdministrativeUnit -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Get-EntraAdministrativeUnit -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when All has an argument" { + { Get-EntraAdministrativeUnit -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should fail when filter is empty" { + { Get-EntraAdministrativeUnit -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraAdministrativeUnit -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraAdministrativeUnit -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraAdministrativeUnit -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should return specific AdministrativeUnit by filter" { + $result = Get-EntraAdministrativeUnit -Filter "displayName -eq 'test111'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'test111' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return top AdministrativeUnit" { + $result = @(Get-EntraAdministrativeUnit -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAdministrativeUnit" + $result = Get-EntraAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAdministrativeUnit" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAdministrativeUnit -Top 1 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..e9898ffd2c --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "description" = "test111" + "membershipRule" = $null + "membershipRuleProcessingState" = $null + "id" = "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + "deletedDateTime" = $null + "visibility" = $null + "displayName" = "test111" + "membershipType" = $null + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Tests for Get-EntraAdministrativeUnitMember"{ + It "Result should not be empty"{ + $result = Get-EntraAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should not be empty objectId"{ + $result = Get-EntraAdministrativeUnitMember -ObjectId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraAdministrativeUnitMember -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Get-EntraAdministrativeUnitMember -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when All has an argument" { + { Get-EntraAdministrativeUnitMember -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should fail when Top is empty" { + { Get-EntraAdministrativeUnitMember -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraAdministrativeUnitMember -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraAdministrativeUnitMember -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should return top AdministrativeUnit" { + $result = @(Get-EntraAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAdministrativeUnitMember" + $result = Get-EntraAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAdministrativeUnitMember" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top 1 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraAttributeSet.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..24531a1c1d --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraAttributeSet.Tests.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet]@{ + "Description" = "NewCustomAttributeSet" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "MaxAttributesPerSet" = "125" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraAttributeSet" { + Context "Test for Get-EntraAttributeSet" { + It "Should return AttributeSets with any parameter" { + $result = Get-EntraAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific AttributeSet" { + $result = Get-EntraAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific AttributeSet with alias" { + $result = Get-EntraAttributeSet -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AttributeSetId is invalid" { + { Get-EntraAttributeSet -AttributeSetId "" } | Should -Throw "Cannot bind argument to parameter 'AttributeSetId' because it is an empty string." + } + It "Should fail when AttributeSetId is empty" { + { Get-EntraAttributeSet -AttributeSetId } | Should -Throw "Missing an argument for parameter 'AttributeSetId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAttributeSet" + + Get-EntraAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Get-EntraAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/Get-EntraContact.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraContact.Tests.ps1 new file mode 100644 index 0000000000..71d98a1577 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraContact.Tests.ps1 @@ -0,0 +1,174 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DeletedDateTime" = $null + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "Department" = $null + "GivenName" = $null + "DisplayName" = "Bob Kelly (TAILSPIN)" + "JobTitle" = $null + "OnPremisesLastSyncDateTime" = $null + "MailNickname" = "BobKTAILSPIN" + "Mail" = "bobk@tailspintoys.com" + "Phones" = $null + "ServiceProvisioningErrors" = @{} + "ProxyAddresses" = @{"SMTP"="bobk@tailspintoys.com"} + "Surname" = $null + "Addresses" = @{ "City"= "" + "CountryOrRegion" = "" + "OfficeLocation"= "" + "PostalCode"= "" + "State"= "" + "Street"= "" + } + "AdditionalProperties" = @{ + imAddresses = "" + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#contacts/$entity" + } + "Manager" = $null + "OnPremisesSyncEnabled" = @{} + "Parameters" = $args + } + ) + + } + + Mock -CommandName Get-MgContact -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraContact" { + Context "Test for Get-EntraContact" { + It "Should return specific Contact" { + $result = Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.OnPremisesSyncEnabled | Should -BeNullOrEmpty + $result.OnPremisesLastSyncDateTime | Should -BeNullOrEmpty + $result.Phones | Should -BeNullOrEmpty + $result.ServiceProvisioningErrors | Should -BeNullOrEmpty + $result.Mobile | Should -BeNullOrEmpty + $result.TelephoneNumber | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should return specific Contact alias" { + $result = Get-EntraContact -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.OnPremisesSyncEnabled | Should -BeNullOrEmpty + $result.OnPremisesLastSyncDateTime | Should -BeNullOrEmpty + $result.Phones | Should -BeNullOrEmpty + $result.ServiceProvisioningErrors | Should -BeNullOrEmpty + $result.Mobile | Should -BeNullOrEmpty + $result.TelephoneNumber | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + + It "Should fail when OrgContactId is empty" { + { Get-EntraContact -OrgContactId } | Should -Throw "Missing an argument for parameter 'OrgContactId'*" + } + + It "Should fail when OrgContactId is invalid" { + { Get-EntraContact -OrgContactId "" } | Should -Throw "Cannot bind argument to parameter 'OrgContactId' because it is an empty string." + } + + It "Should return all contact" { + $result = Get-EntraContact -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraContact -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + + It "Should return specific group by filter" { + $result = Get-EntraContact -Filter "DisplayName -eq 'Bob Kelly (TAILSPIN)'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Bob Kelly (TAILSPIN)' + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when filter is empty" { + { Get-EntraContact -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should return top contact" { + $result = Get-EntraContact -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraContact -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraContact -Top xy } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain OrgContactId" { + $result = Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain OrgContactId in parameters when passed OrgContactId to it" { + $result = Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.OrgContactId | Should -Match "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Property parameter should work" { + $result = Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Bob Kelly (TAILSPIN)' + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraContact" + + $result = Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraContact" + + Should -Invoke -CommandName Get-MgContact -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraContact -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraContactMembership.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraContactMembership.Tests.ps1 new file mode 100644 index 0000000000..2dea60acfc --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraContactMembership.Tests.ps1 @@ -0,0 +1,134 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DeletedDateTime" = $null + "AdditionalProperties" = @{"@odata.type" ="#microsoft.graph.group" + "DisplayName" = "All Employees" + "MailNickname" = "Employees" + "Mail" = "Employees@M365x99297270.OnMicrosoft.com" + "onPremisesProvisioningErrors" = @{} + "ProxyAddresses" = @{SMTP="Employees@M365x99297270.OnMicrosoft.com"} + "SecurityEnabled" = "False" + } + "Parameters" = $args + } + ) + + } + + Mock -CommandName Get-MgContactMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraContactMembership" { + Context "Test for Get-EntraContactMembership" { + It "Should return specific Contact Membership" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.DeletedDateTime | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should return specific Contact Membership with alias" { + $result = Get-EntraContactMembership -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.DeletedDateTime | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when OrgContactId is invalid" { + { Get-EntraContactMembership -OrgContactId "" } | Should -Throw "Cannot bind argument to parameter 'OrgContactId' because it is an empty string." + } + + It "Should return all Contact Membership" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + + It "Should return top Contact Membership" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Top DF } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain OrgContactId in parameters when passed OrgContactId to it" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.OrgContactId | Should -Match "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Property parameter should work" { + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraContactMembership" + + $result = Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraContactMembership" + + Should -Invoke -CommandName Get-MgContactMemberOf -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraContactMembership -OrgContactId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..04ca60587e --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "attributeSet" = "Engineering" + "usePreDefinedValuesOnly" = $True + "isCollection" = $False + "status" = "Available" + "isSearchable" = $True + "@odata.context" = 'https://graph.microsoft.com/v1.0/$metadata#directory/customSecurityAttributeDefinitions/$entity' + "name" = "Project" + "id" = "Engineering_Project" + "description" = "Target completion date (YYYY/MM/DD)" + "type" = "String" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraCustomSecurityAttributeDefinition" { + Context "Test for Get-EntraCustomSecurityAttributeDefinition" { + It "Should return specific group" { + $result = Get-EntraCustomSecurityAttributeDefinition -Id 'Engineering_Project' + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'Engineering_Project' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when ObjectId is empty" { + { Get-EntraCustomSecurityAttributeDefinition -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when ObjectId is invalid" { + { Get-EntraCustomSecurityAttributeDefinition -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + Get-EntraCustomSecurityAttributeDefinition -Id Engineering_Project | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Uri | Should -Match 'Engineering_Project' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraCustomSecurityAttributeDefinition" + $result = Get-EntraCustomSecurityAttributeDefinition -Id 'Engineering_Project' + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraCustomSecurityAttributeDefinition" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraCustomSecurityAttributeDefinition -Id 'Engineering_Project' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..a937f8bb27 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { return @( + [PSCustomObject]@{ + Id = "Apline" + IsActive = $true + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraCustomSecurityAttributeDefinitionAllowedValue" { + Context "Test for Get-EntraCustomSecurityAttributeDefinitionAllowedValue" { + It "Should return specific Allowed Value" { + $result = Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'Apline' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when CustomSecurityAttributeDefinitionId is invalid" { + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId' because it is an empty string." + } + It "Should fail when CustomSecurityAttributeDefinitionId is empty" { + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'*" + } + It "Should fail when Id is invalid" { + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Filter is empty" { + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return specific Allowed Value by filter" { + $result = Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Filter "id eq 'Alpine'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'Apline' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain params" { + Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Uri | Should -Match 'Engineering_Project' + $Uri | Should -Match 'Apline' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraCustomSecurityAttributeDefinitionAllowedValue" + $result = Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraCustomSecurityAttributeDefinitionAllowedValue" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId 'Engineering_Project' -Id 'Apline' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..b23e4bdf3d --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDeletedDirectoryObject.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "AdditionalProperties" = @{DisplayName="Test-App";} + "DeletedDateTime" = "2/2/2024 5:33:56 AM" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDirectoryDeletedItem -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDeletedDirectoryObject"{ + It "Result should return DeletedDirectoryObject using alias" { + $result = Get-EntraDeletedDirectoryObject -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should fail when DirectoryObjectId is empty" { + { Get-EntraDeletedDirectoryObject -DirectoryObjectId "" } | Should -Throw "Cannot bind argument to parameter 'DirectoryObjectId'*" + } + It "Should fail when DirectoryObjectId is null" { + { Get-EntraDeletedDirectoryObject -DirectoryObjectId } | Should -Throw "Missing an argument for parameter 'DirectoryObjectId'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraDeletedDirectoryObject -DisplayName "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'DisplayName'*" + } + It "Result should Contain ObjectId" { + $result = Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed Id to it" { + $result = Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.DirectoryObjectId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + {Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedDirectoryObject" + $result = Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedDirectoryObject" + Should -Invoke -CommandName Get-MgDirectoryDeletedItem -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDeletedDirectoryObject -DirectoryObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDevice.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDevice.Tests.ps1 new file mode 100644 index 0000000000..65ee4b84d2 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDevice.Tests.ps1 @@ -0,0 +1,158 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-MgDevice with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "ComplianceExpirationDateTime" = $null + "AccountEnabled" = $true + "ApproximateLastSignInDateTime" = $null + "DeletedDateTime" = $null + "DeviceCategory" = $null + "DeviceId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DeviceMetadata" = "MetaData" + "DeviceOwnership" = $null + "DeviceVersion" = 2 + "DisplayName" = "Mock-Device" + "EnrollmentProfileName" = $null + "Extensions" = $null + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "IsCompliant" = $False + "IsManaged" = $True + "MdmAppId" = $null + "MemberOf" = $null + "OnPremisesLastSyncDateTime" = $null + "OnPremisesSecurityIdentifier" = $null + "OnPremisesSyncEnabled" = $false + "OperatingSystem" = "WINDOWS" + "OperatingSystemVersion" = "10.0.22621.1700" + "ProfileType" = $null + "RegisteredOwners" = $null + "RegisteredUsers" = $null + "RegistrationDateTime" = $null + "TransitiveMemberOf" = $null + "TrustType" = $null + "PhysicalIds" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDevice" { + Context "Test for Get-EntraDevice" { + It "Should return specific device" { + $result = Get-EntraDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb') + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific device with Alias" { + $result = Get-EntraDevice -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is invalid" { + { Get-EntraDevice -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when DeviceId is empty" { + { Get-EntraDevice -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when searchstring is empty" { + { Get-EntraDevice -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should fail when filter is empty" { + { Get-EntraDevice -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraDevice -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraDevice -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all devices" { + $result = Get-EntraDevice -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraDevice -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should return specific device by searchstring" { + $result = Get-EntraDevice -SearchString 'Mock-Device' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific device by filter" { + $result = Get-EntraDevice -Filter "DisplayName -eq 'Mock-Device'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return top device" { + $result = Get-EntraDevice -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraDevice -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDevice -Property DisplayName -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Result should Contain ObjectId" { + $result = Get-EntraDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DeviceId in parameters when passed ObjectId to it" { + $result = Get-EntraDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.DeviceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDevice" + $result = Get-EntraDevice -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDevice" + Should -Invoke -CommandName Get-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDevice -SearchString 'Mock-Device' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..624b824374 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,146 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "onPremisesImmutableId" = $null + "deletedDateTime" = $null + "onPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "onPremisesProvisioningErrors" = @{} + "mobilePhone" = "425-555-0100" + "BusinessPhones" = @("425-555-0100") + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "Parameters" = $args + } + ) + } + } + + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + + + +Describe "Get-EntraDeviceRegisteredOwner" { + Context "Test for Get-EntraDeviceRegisteredOwner" { + It "Should return specific device registered owner" { + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific device registered owner with alias" { + $result = Get-EntraDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Get-EntraDeviceRegisteredOwner -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when DeviceId is invalid" { + { Get-EntraDeviceRegisteredOwner -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" + } + It "Should return all device registered owner" { + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when All is invalid" { + { Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top device registered owner" { + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when top is empty" { + { Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when top is invalid" { + { Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should contain Alias property" { + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.DeletionTimestamp | should -Be $null + $result.DirSyncEnabled | should -Be $null + $result.ImmutableId | should -Be $null + $result.LastDirSyncTime | should -Be $null + $result.Mobile | should -Be "425-555-0100" + $result.ProvisioningErrors | Should -BeNullOrEmpty + $result.TelephoneNumber | should -Be "425-555-0100" + $result.UserState | should -Be $null + $result.UserStateChangedOn | should -Be $null + + } + It "Should contain DeviceId in parameters when passed Name to it" { + + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $para= $params | ConvertTo-json | ConvertFrom-Json + $para.URI | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeviceRegisteredOwner" + + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeviceRegisteredOwner" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property mobilePhone + $result | Should -Not -BeNullOrEmpty + $result.mobilePhone | Should -Be '425-555-0100' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } + +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..572b0d902c --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,146 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "onPremisesImmutableId" = $null + "deletedDateTime" = $null + "onPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "onPremisesProvisioningErrors" = @{} + "mobilePhone" = "425-555-0100" + "BusinessPhones" = @("425-555-0100") + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "Parameters" = $args + } + ) + } + } + + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + + + +Describe "Get-EntraDeviceRegisteredUser" { + Context "Test for Get-EntraDeviceRegisteredUser" { + It "Should return specific device registered User" { + $result = Get-EntraDeviceRegisteredUser -DeviceId "8542ebd1-3d49-4073-9dce-30f197c67755" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific device registered User with alias" { + $result = Get-EntraDeviceRegisteredUser -ObjectId "8542ebd1-3d49-4073-9dce-30f197c67755" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Get-EntraDeviceRegisteredUser -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when DeviceId is invalid" { + { Get-EntraDeviceRegisteredUser -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" + } + It "Should return all device registered owner" { + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should return top device registered owner" { + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when top is empty" { + { Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when top is invalid" { + { Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should contain Alias property" { + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.DeletionTimestamp | should -Be $null + $result.DirSyncEnabled | should -Be $null + $result.ImmutableId | should -Be $null + $result.LastDirSyncTime | should -Be $null + $result.Mobile | should -Be "425-555-0100" + $result.ProvisioningErrors | Should -BeNullOrEmpty + $result.TelephoneNumber | should -Be "425-555-0100" + $result.UserState | should -Be $null + $result.UserStateChangedOn | should -Be $null + + } + It "Should contain DeviceId in parameters when passed Name to it" { + + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $Para= $params | ConvertTo-json | ConvertFrom-Json + $para.URI | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeviceRegisteredUser" + + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.headers.'User-Agent' | Should -Be $userAgentHeaderValue + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeviceRegisteredUser" + + $result = Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeviceRegisteredUser" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when Property is empty" { + { Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + + } + +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.Tests.ps1 new file mode 100644 index 0000000000..cac8651ff9 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirSyncConfiguration.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @{ + configuration = [PSCustomObject]@{ + AccidentalDeletionPrevention = [PSCustomObject]@{ + AlertThreshold = 50 + SynchronizationPreventionType = @{SynchronizationPreventionType="Threshold";"Parameters" = $args} + } + } + } + } + Mock -CommandName Get-MgDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Get-EntraDirSyncConfiguration" { + Context "Test for Get-EntraDirSyncConfiguration" { + It "Get irectory synchronization settings" { + $result = Get-EntraDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraDirSyncConfiguration -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + + It "Should fail when TenantId is invalid" { + { Get-EntraDirSyncConfiguration -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should contain in OnPremisesDirectorySynchronizationId parameters when passed TenantId to it" { + $result = Get-EntraDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result.DeletionPreventionType.parameters + $params.OnPremisesDirectorySynchronizationId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirSyncConfiguration" + + $result = Get-EntraDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirSyncConfiguration" + + Should -Invoke -CommandName Get-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDirSyncFeature.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirSyncFeature.Tests.ps1 new file mode 100644 index 0000000000..acf492e1c6 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirSyncFeature.Tests.ps1 @@ -0,0 +1,85 @@ +# # ------------------------------------------------------------------------------ +# # Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# # ------------------------------------------------------------------------------ +# BeforeAll { +# if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ +# Import-Module Microsoft.Entra.DirectoryManagement +# } +# Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +# $scriptblock = { +# return @( +# [PSCustomObject]@{ +# "Features" = @{ +# "BlockCloudObjectTakeoverThroughHardMatchEnabled" = $false; +# "BlockSoftMatchEnabled" = $false; +# "BypassDirSyncOverridesEnabled" = $false; +# "CloudPasswordPolicyForPasswordSyncedUsersEnabled" = $false; +# "ConcurrentCredentialUpdateEnabled" = $false; +# "ConcurrentOrgIdProvisioningEnabled" = $true; +# "DeviceWritebackEnabled" = $false; +# "DirectoryExtensionsEnabled" = $false; +# "FopeConflictResolutionEnabled" = $false; +# "GroupWriteBackEnabled" = $true; +# "PasswordSyncEnabled" = $false; +# "PasswordWritebackEnabled" = $false; +# "QuarantineUponProxyAddressesConflictEnabled" = $true; +# "QuarantineUponUpnConflictEnabled" = $true; +# "SoftMatchOnUpnEnabled" = $true; +# "SynchronizeUpnForManagedUsersEnabled" = $true; +# "UnifiedGroupWritebackEnabled" = $true; +# "UserForcePasswordChangeOnLogonEnabled" = $false; +# "UserWritebackEnabled" = $false; +# } +# } +# ) +# } +# Mock -CommandName Get-MgDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +# } + +# Describe "Get-EntraDirSyncFeature" { +# Context "Test for Get-EntraDirSyncFeature" { +# It "Returns all the sync features" { +# $result = Get-EntraDirSyncFeature +# $result | Should -Not -BeNullOrEmpty +# Should -Invoke -CommandName Get-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 +# } +# It "Returns specific sync feature" { +# $result = Get-EntraDirSyncFeature -Feature PasswordSync +# $result | Should -Not -BeNullOrEmpty +# Should -Invoke -CommandName Get-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 +# } +# It "Should fail when TenantId is null" { +# { Get-EntraDirSyncFeature -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" +# } +# It "Should fail when TenantId is empty" { +# { Get-EntraDirSyncFeature -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'*" +# } +# It "Should fail when invalid paramter is passed"{ +# { Get-EntraDirSyncFeature -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" +# } +# It "Should contain 'User-Agent' header" { +# $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirSyncFeature" +# $result = Get-EntraDirSyncFeature -Feature PasswordSync +# $result | Should -Not -BeNullOrEmpty +# $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirSyncFeature" +# Should -Invoke -CommandName Get-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { +# $Headers.'User-Agent' | Should -Be $userAgentHeaderValue +# $true +# } +# } +# It "Should execute successfully without throwing an error " { +# # Disable confirmation prompts +# $originalDebugPreference = $DebugPreference +# $DebugPreference = 'Continue' + +# try { +# # Act & Assert: Ensure the function doesn't throw an exception +# { Get-EntraDirSyncFeature -Feature PasswordSync -Debug } | Should -Not -Throw +# } finally { +# # Restore original confirmation preference +# $DebugPreference = $originalDebugPreference +# } +# } +# } +# } diff --git a/test/Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 new file mode 100644 index 0000000000..dc870a49c6 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 @@ -0,0 +1,57 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDirectoryObjectOnPremisesProvisioningError" { + Context "Test for Get-EntraDirectoryObjectOnPremisesProvisioningError" { + It "Should return empty object" { + $result = Get-EntraDirectoryObjectOnPremisesProvisioningError + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object when TenantId is passed" { + $result = Get-EntraDirectoryObjectOnPremisesProvisioningError -TenantId "0000aaaa-11bb-cccc-dd22-eeeeee333333" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is null" { + { Get-EntraDirectoryObjectOnPremisesProvisioningError -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is empty" { + { Get-EntraDirectoryObjectOnPremisesProvisioningError -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should fail when invalid paramter is passed"{ + { Get-EntraDirectoryObjectOnPremisesProvisioningError -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryObjectOnPremisesProvisioningError" + Get-EntraDirectoryObjectOnPremisesProvisioningError + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryObjectOnPremisesProvisioningError" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryObjectOnPremisesProvisioningError -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/Get-EntraDirectoryRole.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirectoryRole.Tests.ps1 new file mode 100644 index 0000000000..39502fc722 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirectoryRole.Tests.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraDirectoryRole with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DeletedDateTime" = $null + "Description" = "Read custom security attribute keys and values for supported Microsoft Entra objects." + "DisplayName" = "Attribute Assignment Reader" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "RoleTemplateId" = "aaaaaaaa-1111-2222-3333-cccccccccccc" + "Members" = $null + "ScopedMembers" = $null + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDirectoryRole -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + } + + Describe "Get-EntraDirectoryRole" { + Context "Test for Get-EntraDirectoryRole" { + It "Should return specific role" { + $result = Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraDirectoryRole -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DirectoryRoleId is empty" { + { Get-EntraDirectoryRole -DirectoryRoleId "" } | Should -Throw "Cannot bind argument to parameter 'DirectoryRoleId' because it is an empty string." + } + It "Should return specific role by filter" { + $result = Get-EntraDirectoryRole -Filter "DisplayName -eq 'Attribute Assignment Reader'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Attribute Assignment Reader' + + Should -Invoke -CommandName Get-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should Contain DirectoryRoleId" { + $result = Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain DirectoryRoleId in parameters when passed DirectoryRoleId to it" { + $result = Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.DirectoryRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Attribute Assignment Reader' + + Should -Invoke -CommandName Get-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRole" + $result = Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRole" + Should -Invoke -CommandName Get-MgDirectoryRole -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryRole -DirectoryRoleId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } + } + diff --git a/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.Tests.ps1 new file mode 100644 index 0000000000..236049ce1e --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleMember.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "OnPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "mobilePhone" = "425-555-0101" + "onPremisesProvisioningErrors" = @{} + "businessPhones" = @("425-555-0100") + "Parameters" = $args + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + +} + +Describe "EntraDirectoryRoleMember" { + Context "Test for EntraDirectoryRoleMember" { + It "Should return specific directory rolemember" { + $result = (Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb") | ConvertTo-json | ConvertFrom-json + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific directory rolemember with alias" { + $result = (Get-EntraDirectoryRoleMember -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb") | ConvertTo-json | ConvertFrom-json + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DirectoryRoleId is empty" { + { Get-EntraDirectoryRoleMember -DirectoryRoleId } | Should -Throw "Missing an argument for parameter 'DirectoryRoleId'*" + } + It "Should fail when DirectoryRoleId is invalid" { + { Get-EntraDirectoryRoleMember -DirectoryRoleId "" } | Should -Throw "Cannot bind argument to parameter 'DirectoryRoleId' because it is an empty string.*" + } + It "Result should Contain Alias property" { + $result = Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.DirSyncEnabled | should -Be $null + $result.LastDirSyncTime | should -Be $null + $result.Mobile | should -Be "425-555-0101" + $result.ProvisioningErrors | Should -BeNullOrEmpty + $result.TelephoneNumber | should -Be "425-555-0100" + } + It "Should contain DirectoryRoleId in URI" { + $result = Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $Para= $params | ConvertTo-json | ConvertFrom-Json + $Para.URI | Should -match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleMember" + + Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleMember" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.Tests.ps1 new file mode 100644 index 0000000000..59b44b998f --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDirectoryRoleTemplate.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DisplayName" = "Mock-App" + "DeletedDateTime" = $null + "Description" = "Can read mock-app service health information" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDirectoryRoleTemplate -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDirectoryRoleTemplate" { + Context "Test for Get-EntraDirectoryRoleTemplate" { + It "Should return all directory role template" { + $result = Get-EntraDirectoryRoleTemplate + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.DisplayName | should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgDirectoryRoleTemplate -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should be fail when provide non supported parameter" { + { Get-EntraDirectoryRoleTemplate -Top 1} | should -Throw "A parameter cannot be found that matches parameter name 'Top'." + } + It "Property parameter should work" { + $result = Get-EntraDirectoryRoleTemplate -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgDirectoryRoleTemplate -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDirectoryRoleTemplate -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleTemplate" + + Get-EntraDirectoryRoleTemplate + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleTemplate" + + Should -Invoke -CommandName Get-MgDirectoryRoleTemplate -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryRoleTemplate -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDomain.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDomain.Tests.ps1 new file mode 100644 index 0000000000..7a04fa1cf8 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDomain.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +$scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "test.mail.onmicrosoft.com" + "State" = @{LastActionDateTime=""; Operation=""; Status=""; AdditionalProperties=""} + "AuthenticationType" = "Managed" + "IsAdminManaged" = $True + "IsDefault" = $False + "IsInitial" = $False + "IsRoot" = $False + "IsVerified" = $False + "Manufacturer" = $null + "Model" = $null + "PasswordNotificationWindowInDays" = $null + "PasswordValidityPeriodInDays" = $null + "ServiceConfigurationRecords" = $null + "SupportedServices" = {} + "VerificationDnsRecords" = $null + "AdditionalProperties" = {} + "Parameters" = $args + + } + ) + +} + + Mock -CommandName Get-MgDomain -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDomain" { + Context "Test for Get-EntraDomain" { + It "Should return specific domain" { + $result = Get-EntraDomain -Name "test.mail.onmicrosoft.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'test.mail.onmicrosoft.com' + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Name is empty" { + { Get-EntraDomain -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + } + It "Result should Contain ObjectId" { + $result = Get-EntraDomain -Name "test.mail.onmicrosoft.com" + $result.ObjectId | should -Be "test.mail.onmicrosoft.com" + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should Contain Name" { + $result = Get-EntraDomain -Name "test.mail.onmicrosoft.com" + $result.Name | should -Be "test.mail.onmicrosoft.com" + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain DomainId in parameters when passed Name to it" { + $result = Get-EntraDomain -Name "test.mail.onmicrosoft.com" + $params = Get-Parameters -data $result.Parameters + $params.DomainId | Should -Be "test.mail.onmicrosoft.com" + } + It "Property parameter should work" { + $result = Get-EntraDomain -Name "test.mail.onmicrosoft.com" -Property AuthenticationType + $result | Should -Not -BeNullOrEmpty + $result.AuthenticationType | Should -Be 'Managed' + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + {Get-EntraDomain -Name "test.mail.onmicrosoft.com" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomain" + + Get-EntraDomain -Name "test.mail.onmicrosoft.com" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomain" + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Get-EntraDomain -Name "test.mail.onmicrosoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDomainFederationSettings.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDomainFederationSettings.Tests.ps1 new file mode 100644 index 0000000000..b8eb3dcc61 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDomainFederationSettings.Tests.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "Contoso" + "FederatedIdpMfaBehavior" = "rejectMfaByFederatedIdp" + "Id" = "2a8ce608-bb34-473f-9e0f-f373ee4cbc5a" + "IsSignedAuthenticationRequestRequired" = "" + "IssuerUri" = "http://contoso.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.contoso.com/adfs/services/trust/mex" + "NextSigningCertificate" = "MIIC3jCCAcagAwIBAgIQEt0T0G5GPZ9" + "PassiveSignInUri" = "https://sts.contoso.com/adfs/ls/" + "PreferredAuthenticationProtocol" = "wsFed" + "PromptLoginBehavior" = "" + "SignOutUri" = "https://sts.deverett.info/adfs/ls/" + "SigningCertificate" = "MIIC3jCCAcagAwIBAgIQFsO0R8deG4h" + "SigningCertificateUpdateStatus" = @{ + "CertificateUpdateResult" = "success"; + } + } + ) + } + Mock -CommandName Get-MgDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDomainFederationSettings" { + Context "Test for Get-EntraDomainFederationSettings" { + It "Should return federation settings" { + $result = Get-EntraDomainFederationSettings -DomainName "test.com" + $result | Should -Not -BeNullOrEmpty + $result.FederationBrandName | Should -Be "Contoso" + $result.ActiveLogOnUri | Should -Be "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + Should -Invoke -CommandName Get-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is null" { + { Get-EntraDomainFederationSettings -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is empty" { + { Get-EntraDomainFederationSettings -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should fail when DomainName is null" { + { Get-EntraDomainFederationSettings -DomainName } | Should -Throw "Missing an argument for parameter 'DomainName'*" + } + It "Should fail when DomainName is empty" { + { Get-EntraDomainFederationSettings -DomainName "" } | Should -Throw "Cannot bind argument to parameter 'DomainName'*" + } + It "Should fail when invalid paramter is passed"{ + { Get-EntraDomainFederationSettings -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainFederationSettings" + $result = Get-EntraDomainFederationSettings -DomainName "test.com" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainFederationSettings" + Should -Invoke -CommandName Get-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDomainFederationSettings -DomainName "test.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDomainNameReference.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDomainNameReference.Tests.ps1 new file mode 100644 index 0000000000..18f04d9417 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDomainNameReference.Tests.ps1 @@ -0,0 +1,111 @@ + +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "onPremisesImmutableId" = $null + "deletedDateTime" = $null + "onPremisesSyncEnabled" = $null + "mobilePhone" = "425-555-0101" + "onPremisesProvisioningErrors" = @{} + "businessPhones" = @("425-555-0100") + "externalUserState" = $null + "externalUserStateChangeDate" = $null + "Parameters" = $args + } + ) + } + } + + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + + + +Describe "Get-EntraDomainNameReference" { + Context "Test for Get-EntraDomainNameReference" { + It "Should return specific domain Name Reference" { + $result = Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '22cc22cc-dd33-ee44-ff55-66aa66aa66aa' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Name is empty" { + { Get-EntraDomainNameReference -Name } | Should -Throw "Missing an argument for parameter 'Name'*" + } + It "Should fail when Name is invalid" { + { Get-EntraDomainNameReference -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string.*" + } + It "Result should Contain Alias property" { + $result = Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.DeletionTimestamp | should -Be $null + $result.DirSyncEnabled | should -Be $null + $result.ImmutableId | should -Be $null + $result.Mobile | should -Be "425-555-0101" + $result.ProvisioningErrors | Should -BeNullOrEmpty + $result.TelephoneNumber | should -Be "425-555-0100" + $result.UserState | should -Be $null + $result.UserStateChangedOn | should -Be $null + + } + It "Should contain DomainId in parameters when passed Name to it" { + + $result = Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" + $params = Get-Parameters -data $result.Parameters + $para= $params | ConvertTo-json | ConvertFrom-Json + $para.Uri -match "M365x99297270.mail.onmicrosoft.com" | Should -BeTrue + } + It "Property parameter should work" { + $result = Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be '22cc22cc-dd33-ee44-ff55-66aa66aa66aa' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainNameReference" + + Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainNameReference" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDomainNameReference -Name "M365x99297270.mail.onmicrosoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + + } + +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 new file mode 100644 index 0000000000..feda9f53fc --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +$scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "0000aaaa-11bb-cccc-dd22-eeeeee333333" + "Label" = "test.mail.onmicrosoft.com" + "IsOptional" = $False + "RecordType" = "Mx" + "SupportedService" = "Email" + "Ttl" = "3600" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.domainDnsMxRecord" + "mailExchange" = "test-mail-onmicrosoft-com.mail.protection.outlook.com" + } + "Parameters" = $args + + } + ) + +} + + Mock -CommandName Get-MgDomainServiceConfigurationRecord -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDomainServiceConfigurationRecord" { + Context "Test for Get-EntraDomainServiceConfigurationRecord" { + It "Should return specific domain confuguration record" { + $result = Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '0000aaaa-11bb-cccc-dd22-eeeeee333333' + + Should -Invoke -CommandName Get-MgDomainServiceConfigurationRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + + } + It "Should fail when Name is empty" { + { Get-EntraDomainServiceConfigurationRecord -Name } | Should -Throw "Missing an argument for parameter 'Name'*" + } + It "Should fail when Name is invalid" { + { Get-EntraDomainServiceConfigurationRecord -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + } + It "Result should Contain DnsRecordId" { + $result = Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" + $result.DnsRecordId | should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgDomainServiceConfigurationRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should Contain ObjectId" { + $result = Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" + $result.ObjectId | should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgDomainServiceConfigurationRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain DomainId in parameters when passed Name to it" { + $result = Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" + $params = Get-Parameters -data $result.Parameters + $params.DomainId | Should -Be "test.mail.onmicrosoft.com" + } + It "Property parameter should work" { + $result = Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" -Property RecordType + $result | Should -Not -BeNullOrEmpty + $result.RecordType | Should -Be 'Mx' + + Should -Invoke -CommandName Get-MgDomainServiceConfigurationRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + {Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainServiceConfigurationRecord" + + Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainServiceConfigurationRecord" + + Should -Invoke -CommandName Get-MgDomainServiceConfigurationRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Get-EntraDomainServiceConfigurationRecord -Name "test.mail.onmicrosoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.Tests.ps1 new file mode 100644 index 0000000000..33f450ea45 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraDomainVerificationDnsRecord.Tests.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +$scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "0000aaaa-11bb-cccc-dd22-eeeeee333333" + "Label" = "test.mail.onmicrosoft.com" + "IsOptional" = $False + "RecordType" = "Txt" + "SupportedService" = "Email" + "Ttl" = "3600" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.domainDnsTxtRecord" + "text" = "MS=ms75528557" + } + "Parameters" = $args + + } + ) + +} + + Mock -CommandName Get-MgDomainVerificationDnsRecord -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraDomainVerificationDnsRecord" { + Context "Test for Get-EntraDomainVerificationDnsRecord" { + It "Should return specific domain verification Dns record" { + $result = Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '0000aaaa-11bb-cccc-dd22-eeeeee333333' + + Should -Invoke -CommandName Get-MgDomainVerificationDnsRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + + } + It "Should fail when Name is empty" { + { Get-EntraDomainVerificationDnsRecord -Name } | Should -Throw "Missing an argument for parameter 'Name'*" + } + It "Should fail when Name is invalid" { + { Get-EntraDomainVerificationDnsRecord -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + } + It "Result should Contain DnsRecordId" { + $result = Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" + $result.DnsRecordId | should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgDomainVerificationDnsRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should Contain ObjectId" { + $result = Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" + $result.ObjectId | should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgDomainVerificationDnsRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should contain DomainId in parameters when passed Name to it" { + $result = Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" + $params = Get-Parameters -data $result.Parameters + $params.DomainId | Should -Be "test.mail.onmicrosoft.com" + } + It "Property parameter should work" { + $result = Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" -Property RecordType + $result | Should -Not -BeNullOrEmpty + $result.RecordType | Should -Be 'Txt' + + Should -Invoke -CommandName Get-MgDomainVerificationDnsRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainVerificationDnsRecord" + + Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDomainVerificationDnsRecord" + + Should -Invoke -CommandName Get-MgDomainVerificationDnsRecord -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDomainVerificationDnsRecord -Name "test.mail.onmicrosoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraFederationProperty.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraFederationProperty.Tests.ps1 new file mode 100644 index 0000000000..586551661e --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraFederationProperty.Tests.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "ADFS HYPER-V LAB" + "IssuerUri" = "http://anmaji.myworkspace.microsoft.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/mex" + "PassiveSignInUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + "SignOutUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Get-EntraFederationProperty" { + Context "Test for Get-EntraFederationProperty" { + It "Should return the empty object" { + $result = Get-EntraFederationProperty -DomainName "anmaji.myworkspace.contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.ActiveSignInUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/2005/usernamemixed" + $result.DisplayName | Should -Be "ADFS HYPER-V LAB" + $result.IssuerUri | Should -Be "http://anmaji.myworkspace.microsoft.com/adfs/services/trust/" + $result.MetadataExchangeUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/mex" + $result.PassiveSignInUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + $result.SignOutUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + + Should -Invoke -CommandName Get-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DomainName is empty" { + {Get-EntraFederationProperty -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Get-EntraFederationProperty -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + + It "Should contain DomainId in parameters when DomainName to it" { + Mock -CommandName Get-MgDomainFederationConfiguration -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Get-EntraFederationProperty -DomainName "anmaji.myworkspace.contoso.com" + $params = Get-Parameters -data $result + $params.DomainId | Should -Be "anmaji.myworkspace.contoso.com" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraFederationProperty" + + $result = Get-EntraFederationProperty -DomainName "anmaji.myworkspace.contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraFederationProperty" + + Should -Invoke -CommandName Get-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraFederationProperty -DomainName "anmaji.myworkspace.microsoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraObjectByObjectId.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraObjectByObjectId.Tests.ps1 new file mode 100644 index 0000000000..0281f09906 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraObjectByObjectId.Tests.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "OnPremisesSyncEnabled" = $null + "userPrincipalName" = "Adams@M365x99297270.OnMicrosoft.com" + "accountEnabled" = $true + "usageLocation" = "DE" + "displayName" = "Mock-App" + "userType" = "User" + "OnPremisesLastSyncDateTime" = $null + "onPremisesProvisioningErrors" = @{} + "Parameters" = $args + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + +} + + +Describe "Get-EntraObjectByObjectId" { + Context "Test for Get-EntraObjectByObjectId" { + It "Should return specific object by objectId" { + $result = Get-EntraObjectByObjectId -ObjectId '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.displayName | should -Be 'Mock-App' + $result.userType | should -Be 'User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when ObjectId is empty" { + { Get-EntraObjectByObjectId -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectIds'*" + } + It "Should fail when ObjectId is invalid" { + { Get-EntraObjectByObjectId -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectIds' because it is an empty string*" + } + It "Should return specific object by objectId and Types" { + $result = Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Types "User" + $result | Should -Not -BeNullOrEmpty + $result.userType | should -Be 'User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when ObjectId is empty" { + { Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Types } | Should -Throw "Missing an argument for parameter 'Types'*" + } + It "Should contain Ids in parameters when passed Id to it" { + $result = Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $para= $params | ConvertTo-json | ConvertFrom-Json + $para.Body.Ids | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Property parameter should work" { + $result = Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property displayName + $result | Should -Not -BeNullOrEmpty + $result.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraObjectByObjectId" + + $result = Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraObjectByObjectId" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraObjectByObjectId -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } + +} diff --git a/test/Entra/DirectoryManagement/Get-EntraPasswordPolicy.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraPasswordPolicy.Tests.ps1 new file mode 100644 index 0000000000..175e77ed3c --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraPasswordPolicy.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "contoso.com" + "IsAdminManaged" ="True" + "PasswordNotificationWindowInDays" = @{PasswordNotificationWindowInDays="14"; "Parameters" = $args} + "PasswordValidityPeriodInDays" = "2147483647" + } + ) + } + Mock -CommandName Get-MgDomain -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Get-EntraPasswordPolicy" { + Context "Test for Get-EntraPasswordPolicy" { + It "Should gets the current password policy for a tenant or a domain." { + $result = Get-EntraPasswordPolicy -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.NotificationDays.PasswordNotificationWindowInDays | Should -Be "14" + $result.ValidityPeriod | Should -Be "2147483647" + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when DomainName is empty" { + {Get-EntraPasswordPolicy -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Get-EntraPasswordPolicy -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPasswordPolicy" + + $result = Get-EntraPasswordPolicy -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPasswordPolicy" + + Should -Invoke -CommandName Get-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraPasswordPolicy -DomainName "contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraScopedRoleMembership.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..c807ed65f5 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraScopedRoleMembership.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $userObjId = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $roleObjId = "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $unitObjId = "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + $scopedRoleMembershipId = "scopedRoleMemId" + + $scriptblock = { + @{ + "id" = $scopedRoleMembershipId + "roleId"= $roleObjId + "administrativeUnitId"= $unitObjId + "roleMemberInfo"= @( + @{ + "id"= $userObjId + "displayName"= "displayName-value" + "userPrincipalName"= "userPrincipalName-value" + } + ) + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Tests for Get-EntraScopedRoleMembership"{ + It "Result should not be empty"{ + $result = Get-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -ScopedRoleMembershipId $scopedRoleMembershipId + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be $scopedRoleMembershipId + $result.AdministrativeUnitObjectId | should -Be $unitObjId + $result.RoleObjectId | should -Be $roleObjId + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Result should not be empty with ObjectId"{ + $result = Get-EntraScopedRoleMembership -ObjectId $unitObjId -ScopedRoleMembershipId $scopedRoleMembershipId + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be $scopedRoleMembershipId + $result.AdministrativeUnitObjectId | should -Be $unitObjId + $result.RoleObjectId | should -Be $roleObjId + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is invalid" { + { Get-EntraScopedRoleMembership -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraScopedRoleMembership -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when ScopedRoleMembershipId is empty" { + { Get-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -ScopedRoleMembershipId } | Should -Throw "Missing an argument for parameter 'ScopedRoleMembershipId'*" + } + It "Should fail when invalid parameter is passed" { + { Get-EntraScopedRoleMembership -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraScopedRoleMembership" + $result = Get-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -ScopedRoleMembershipId $scopedRoleMembershipId + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraScopedRoleMembership" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraScopedRoleMembership -AdministrativeUnitId $unitObjId -ScopedRoleMembershipId $scopedRoleMembershipId -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraSubscribedSku.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraSubscribedSku.Tests.ps1 new file mode 100644 index 0000000000..b4208d04b6 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraSubscribedSku.Tests.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +$scriptblock = { + return @( + [PSCustomObject]@{ + "PrepaidUnits" = @{Enabled="20"; LockedOut=""; Suspended=0; Warning=""; AdditionalProperties=""} + "AccountId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AccountName" = "M365x99297270" + "AppliesTo" = "User" + "CapabilityStatus" = "Enabled" + "ConsumedUnits" = "20" + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + "ServicePlans" = {"M365_AUDIT_PLATFORM", "EXCHANGE_S_FOUNDATION", "ATA", "ADALLOM_S_STANDALONE"} + "SkuId" = "11112222-bbbb-3333-cccc-4444dddd5555" + "SkuPartNumber" = "EMSPREMIUM" + "SubscriptionIds" = {"aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e"} + "Parameters" = $args + + } + ) + +} + + Mock -CommandName Get-MgSubscribedSku -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + + +Describe "Get-EntraSubscribedSku" { + Context "Test for Get-EntraSubscribedSku" { + It "Should return specific SubscribedSku" { + $result = Get-EntraSubscribedSku -SubscribedSkuId "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific SubscribedSku with alias" { + $result = Get-EntraSubscribedSku -ObjectId "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when SubscribedSkuId empty" { + { Get-EntraSubscribedSku -SubscribedSkuId } | Should -Throw "Missing an argument for parameter 'SubscribedSkuId'*" + } + It "Should fail when SubscribedSkuId invalid" { + { Get-EntraSubscribedSku -SubscribedSkuId "" } | Should -Throw "Cannot bind argument to parameter 'SubscribedSkuId' because it is an empty string." + } + It "Should return all SubscribedSku" { + $result = Get-EntraSubscribedSku + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraSubscribedSku -Property AppliesTo + $result | Should -Not -BeNullOrEmpty + $result.AppliesTo | Should -Be 'User' + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraSubscribedSku -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraSubscribedSku" + + Get-EntraSubscribedSku + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraSubscribedSku" + + Should -Invoke -CommandName Get-MgSubscribedSku -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraSubscribedSku -SubscribedSkuId "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Get-EntraTenantDetail.Tests.ps1 b/test/Entra/DirectoryManagement/Get-EntraTenantDetail.Tests.ps1 new file mode 100644 index 0000000000..c8a532e482 --- /dev/null +++ b/test/Entra/DirectoryManagement/Get-EntraTenantDetail.Tests.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +$scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "OnPremisesLastSyncDateTime" = $null + "OnPremisesSyncEnabled" = $null + "BusinessPhones" = {"425-555-0100"} + "City" = "Luchthaven Schiphol" + "DisplayName" = "Mock App" + "MarketingNotificationEmails" = {"mary@contoso.com", "john@contoso.com"} + "State" = "Noord-Holland" + "Street" = "Evert van de Beekstraat 354" + "TechnicalNotificationMails" = {"peter@contoso.com"} + "TenantType" = "AAD" + "AssignedPlans" = @{AssignedDateTime="04-12-2023 16:50:27"; CapabilityStatus="Enabled"; Service="MixedRealityCollaborationServices"; ServicePlanId="dcf9d2f4-772e-4434-b757-77a453cfbc02"; + AdditionalProperties=""} + "ProvisionedPlans" = @{CapabilityStatus="Enabled"; ProvisioningStatus="Success"; Service="exchange"; AdditionalProperties=""} + "VerifiedDomains" = @{Capabilities="Email"; IsDefault="False"; IsInitial="True"; Name="M365x99297270.onmicrosoft.com"; Type="Managed"; AdditionalProperties=""} + "PrivacyProfile" = @{ContactEmail="alice@contoso.com"; StatementUrl="https://contoso.com/privacyStatement"; AdditionalProperties=""} + "Parameters" = $args + + } + ) + +} + + Mock -CommandName Get-MgOrganization -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + + +Describe "Get-EntraTenantDetail" { + Context "Test for Get-EntraTenantDetail" { + It "Should return all Tenant Detail" { + $result = Get-EntraTenantDetail -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraTenantDetail -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top Tenant Detail" { + $result = Get-EntraTenantDetail -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraTenantDetail -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraTenantDetail -Top "xyz" } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraTenantDetail -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock App' + + Should -Invoke -CommandName Get-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraTenantDetail -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraTenantDetail" + + Get-EntraTenantDetail + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraTenantDetail" + + Should -Invoke -CommandName Get-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraTenantDetail -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Invalid.Tests.ps1 b/test/Entra/DirectoryManagement/Invalid.Tests.ps1 new file mode 100644 index 0000000000..1aa7d8a7bc --- /dev/null +++ b/test/Entra/DirectoryManagement/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.DirectoryManagement)){ + Import-Module Microsoft.Entra.DirectoryManagement +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/DirectoryManagement/Module.Tests.ps1 b/test/Entra/DirectoryManagement/Module.Tests.ps1 new file mode 100644 index 0000000000..8d9b21d8d4 --- /dev/null +++ b/test/Entra/DirectoryManagement/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.DirectoryManagement Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.DirectoryManagement + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.DirectoryManagement + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.DirectoryManagement + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.DirectoryManagement.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.DirectoryManagement + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.DirectoryManagement -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/DirectoryManagement/New-EntraAdministrativeUnit.Tests.ps1 b/test/Entra/DirectoryManagement/New-EntraAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..e34a955f70 --- /dev/null +++ b/test/Entra/DirectoryManagement/New-EntraAdministrativeUnit.Tests.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "deletedDateTime" = $null + "visibility" = $null + "displayName" = "DummyName" + "id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "@odata.context" = " https://graph.microsoft.com/v1.0/`$metadata#directory/administrativeUnits/`$entity" + "membershipType" = $null + "description" = $null + "membershipRuleProcessingState" = $null + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Tests for New-EntraAdministrativeUnit"{ + It "Result should not be empty"{ + $result = New-EntraAdministrativeUnit -DisplayName "DummyName" + $result | Should -Not -BeNullOrEmpty + $result.id | should -Be @('aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb') + $result.displayName | Should -Be "DummyName" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DisplayName is empty" { + { New-EntraAdministrativeUnit -DisplayName "" } | Should -Throw "Cannot bind argument to parameter 'DisplayName'*" + } + It "Should fail when DisplayName is null" { + { New-EntraAdministrativeUnit -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraAdministrativeUnit -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraAdministrativeUnit" + $result = New-EntraAdministrativeUnit -DisplayName "DummyName" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraAdministrativeUnit" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraAdministrativeUnit -DisplayName "DummyName" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/New-EntraAttributeSet.Tests.ps1 b/test/Entra/DirectoryManagement/New-EntraAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..bc1c14c1c8 --- /dev/null +++ b/test/Entra/DirectoryManagement/New-EntraAttributeSet.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [Microsoft.Graph.PowerShell.Models.MicrosoftGraphAttributeSet]@{ + "Description" = "CustomAttributeSet" + "Id" = "NewCustomAttributeSet" + "MaxAttributesPerSet" = 125 + "@odata.context" = 'https://graph.microsoft.com/v1.0/$metadata#directory/attributeSets/$entity' + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "New-EntraAttributeSet" { + Context "Test for New-EntraAttributeSet" { + It "Should return created AttributeSet" { + $result = New-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "NewCustomAttributeSet" + $result.MaxAttributesPerSet | should -Be 125 + $result.Description | should -Be "CustomAttributeSet" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return created AttributeSet with alias" { + $result = New-EntraAttributeSet -Id "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "NewCustomAttributeSet" + $result.MaxAttributesPerSet | should -Be 125 + $result.Description | should -Be "CustomAttributeSet" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AttributeSetId parameter is invalid" { + { New-EntraAttributeSet -AttributeSetId } | Should -Throw "Missing an argument for parameter 'AttributeSetId*" + } + It "Should fail when Description parameter is empty" { + { New-EntraAttributeSet -Description } | Should -Throw "Missing an argument for parameter 'Description*" + } + It "Should fail when MaxAttributesPerSet parameter is empty" { + { New-EntraAttributeSet -MaxAttributesPerSet } | Should -Throw "Missing an argument for parameter 'MaxAttributesPerSet*" + } + It "Should fail when MaxAttributesPerSet parameter is invalid" { + { New-EntraAttributeSet -MaxAttributesPerSet "a"} | Should -Throw "Cannot process argument transformation on parameter 'MaxAttributesPerSet'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraAttributeSet" + + New-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + New-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test/Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..e9cffcc98d --- /dev/null +++ b/test/Entra/DirectoryManagement/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { return @( + [PSCustomObject]@{ + "@odata.context" = '"https://graph.microsoft.com/v1.0/$metadata#directory/customSecurityAttributeDefinitions/$entity"' + "attributeSet" = "Engineering" + "description" = "Active projects for user" + "id" = "Engineering_Project1234" + "isCollection" = $true + "isSearchable"= $true + "name" = "Project1234" + "status" = "Available" + "type" = "String" + "usePreDefinedValuesOnly" = $true + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "New-EntraCustomSecurityAttributeDefinition" { + Context "Test for New-EntraCustomSecurityAttributeDefinition" { + It "Should add new custom Security Attribute Definitions" { + $result = New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "Engineering_Project1234" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when attributeSet is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'attributeSet'.*" + } + It "Should fail when attributeSet is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status = "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'attributeSet'*" + } + It "Should fail when isCollection is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection -isSearchable = $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'isCollection'.*" + } + It "Should fail when isCollection is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection "" -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot process argument transformation on parameter 'isCollection'*" + } + It "Should fail when isSearchable is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'isSearchable'.*" + } + It "Should fail when isSearchable is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable = "" -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot process argument transformation on parameter 'isSearchable'*" + } + + It "Should fail when name is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'name'.*" + } + It "Should fail when name is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "" -status "Available" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'name'*" + } + It "Should fail when status is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'status'.*" + } + It "Should fail when status is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "" -type "String" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'status'*" + } + It "Should fail when type is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type -usePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'type'.*" + } + It "Should fail when type is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "" -usePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'type'*" + } + It "Should fail when usePreDefinedValuesOnly is empty" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly } | Should -Throw "Missing an argument for parameter 'usePreDefinedValuesOnly'.*" + } + It "Should fail when usePreDefinedValuesOnly is invalid" { + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly "" } | Should -Throw "Cannot process argument transformation on parameter 'usePreDefinedValuesOnly'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraCustomSecurityAttributeDefinition" + $result = New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraCustomSecurityAttributeDefinition" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraCustomSecurityAttributeDefinition -attributeSet "Engineering" -description "Active projects for user" -isCollection $true -isSearchable $true -name "Project1234" -status "Available" -type "String" -usePreDefinedValuesOnly $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/New-EntraDomain.Tests.ps1 b/test/Entra/DirectoryManagement/New-EntraDomain.Tests.ps1 new file mode 100644 index 0000000000..541e698648 --- /dev/null +++ b/test/Entra/DirectoryManagement/New-EntraDomain.Tests.ps1 @@ -0,0 +1,112 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AvailabilityStatus" = $null + "IsAdminManaged" = "True" + "IsDefault" = "False" + "IsInitial" = "False" + "IsRoot" = "False" + "IsVerified" = "False" + "Id" = "lala.uk" + "Manufacturer" = $null + "Model" = $null + "PasswordNotificationWindowInDays" = $null + "PasswordValidityPeriodInDays" = $null + "ServiceConfigurationRecords" = $null + "SupportedServices" = @("Email", "OfficeCommunicationsOnline") + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#domains/$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgDomain -MockWith $scriptBlock -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "New-EntraDomain" { + Context "Test for New-EntraDomain" { + It "Create a new Domain" { + $result = New-EntraDomain -Name "lala.uk" + $result.ObjectId | should -Be "lala.uk" + $result.Name | should -Be "lala.uk" + + Should -Invoke -CommandName New-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Create a new Domain with a list of domain capabilities" { + $result = New-EntraDomain -Name "lala.uk" -SupportedServices @("Email", "OfficeCommunicationsOnline") + $result.ObjectId | should -Be "lala.uk" + $result.Name | should -Be "lala.uk" + $result.SupportedServices | should -Not -BeNullOrEmpty + } + + It "Create a new Domain and make if the default new user creation" { + $result = New-EntraDomain -Name "lala.uk" -IsDefault $false + $result.IsDefault | should -Be "False" + } + + It "Should fail when parameters are empty" { + { New-EntraDomain -Name -IsDefault -IsDefaultForCloudRedirections -SupportedServices} | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Name parameters are invalid" { + { New-EntraDomain -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + } + + It "Should fail when IsDefault parameters are invalid" { + { New-EntraDomain -Name "lala.uk" -IsDefault FD } | Should -Throw "Cannot process argument transformation on parameter 'IsDefault'*" + } + + It "Should fail when IsDefaultForCloudRedirections parameters are invalid" { + { New-EntraDomain -Name "lala.uk" -IsDefaultForCloudRedirections GH } | Should -Throw "Cannot process argument transformation on parameter 'IsDefaultForCloudRedirections'*" + } + + It "Should fail when SupportedServices parameters are invalid" { + { New-EntraDomain -Name "lala.uk" -SupportedServices $true } | Should -Throw "Cannot process argument transformation on parameter 'SupportedServices'*" + } + + It "Should contain Id in parameters when passed Name to it" { + $result = New-EntraDomain -Name "lala.uk" + $params = Get-Parameters -data $result.Parameters + $params.Id | Should -Match "lala.uk" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDomain" + + $result = New-EntraDomain -Name "lala.uk" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDomain" + + Should -Invoke -CommandName New-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraDomain -Name "lala.uk" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..16ced2c97a --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnit.Tests.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Test for Remove-EntraAdministrativeUnit" { + It "Should return empty object" { + $result = Remove-EntraAdministrativeUnit -AdministrativeUnitId bbbbbbbb-1111-1111-1111-cccccccccccc + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraAdministrativeUnit -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Remove-EntraAdministrativeUnit -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraAdministrativeUnit -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraAdministrativeUnit" + + Remove-EntraAdministrativeUnit -AdministrativeUnitId "bbbbbbbb-1111-1111-1111-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraAdministrativeUnit" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraAdministrativeUnit -AdministrativeUnitId "bbbbbbbb-1111-1111-1111-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..75906ea125 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + + $auId = "bbbbbbbb-1111-1111-1111-cccccccccccc" + $memId = "bbbbbbbb-2222-2222-2222-cccccccccccc" +} + +Describe "Test for Remove-EntraAdministrativeUnitMember" { + It "Should return empty object" { + $result = Remove-EntraAdministrativeUnitMember -AdministrativeUnitId $auId -MemberId $memId + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object with ObjectId" { + $result = Remove-EntraAdministrativeUnitMember -ObjectId $auId -MemberId $memId + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraAdministrativeUnitMember -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Remove-EntraAdministrativeUnitMember -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when MemberId is empty" { + { Remove-EntraAdministrativeUnitMember -MemberId "" } | Should -Throw "Cannot bind argument to parameter 'MemberId'*" + } + It "Should fail when MemberId is null" { + { Remove-EntraAdministrativeUnitMember -MemberId } | Should -Throw "Missing an argument for parameter 'MemberId'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraAdministrativeUnitMember -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraAdministrativeUnitMember" + + Remove-EntraAdministrativeUnitMember -AdministrativeUnitId $auId -MemberId $memId + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraAdministrativeUnitMember" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraAdministrativeUnitMember -AdministrativeUnitId $auId -MemberId $memId -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraDevice.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraDevice.Tests.ps1 new file mode 100644 index 0000000000..403229bfa7 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraDevice.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDevice -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Remove-EntraDevice" { + Context "Test for Remove-EntraDevice" { + It "Should return empty object" { + $result = Remove-EntraDevice -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDevice -ObjectId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraDevice -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when DeviceId is empty" { + { Remove-EntraDevice -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should contain DeviceId in parameters when passed DeviceId to it" { + Mock -CommandName Remove-MgDevice -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDevice -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDevice" + + Remove-EntraDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDevice" + + Should -Invoke -CommandName Remove-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..cd7d7a836d --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + #Import-Module .\bin\Microsoft.Entra.DirectoryManagement.psm1 -Force + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Remove-EntraDeviceRegisteredOwner" { + Context "Test for Remove-EntraDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when OwnerId is empty" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } + } + It "Should fail when OwnerId is invalid" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..d4932d12e2 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + #Import-Module .\bin\Microsoft.Entra.DirectoryManagement.psm1 -Force + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Remove-EntraDeviceRegisteredUser" { + Context "Test for Remove-EntraDeviceRegisteredUser" { + It "Should return empty object" { + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when UserId is empty" { + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } + } + It "Should fail when UserId is invalid" { + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" + + Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.Tests.ps1 new file mode 100644 index 0000000000..a1a0e9ad74 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraDirectoryRoleMember.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDirectoryRoleMemberByRef -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Remove-EntraDirectoryRoleMember" { + Context "Test for Remove-EntraDirectoryRoleMember" { + It "Should return empty object" { + $result = Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraDirectoryRoleMember -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DirectoryRoleId is empty" { + { Remove-EntraDirectoryRoleMember -DirectoryRoleId -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DirectoryRoleId'*" + } + It "Should fail when DirectoryRoleId is invalid" { + { Remove-EntraDirectoryRoleMember -DirectoryRoleId "" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DirectoryRoleId' because it is an empty string." + } + It "Should fail when MemberId is empty" { + { Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId } | Should -Throw "Missing an argument for parameter 'MemberId'*" + } + It "Should fail when MemberId is invalid" { + { Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "" } | Should -Throw "Cannot bind argument to parameter 'MemberId' because it is an empty string." + } + It "Should contain DirectoryRoleId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgDirectoryRoleMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryRoleId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed RefObjectId to it" { + Mock -CommandName Remove-MgDirectoryRoleMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleMember" + + Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleMember" + + Should -Invoke -CommandName Remove-MgDirectoryRoleMemberByRef -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDirectoryRoleMember -DirectoryRoleId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraDomain.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraDomain.Tests.ps1 new file mode 100644 index 0000000000..7f527e81d5 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraDomain.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgDomain -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Remove-EntraDomain" { + Context "Test for Remove-EntraDomain" { + It "Should return empty domain name" { + $result = Remove-EntraDomain -Name "Contoso.com" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Name is empty" { + { Remove-EntraDomain -Name } | Should -Throw "Missing an argument for parameter 'Name'*" + } + + It "Should fail when Name is invalid" { + { Remove-EntraDomain -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + } + + It "Should contain DomainId in parameters when passed Name to it" { + Mock -CommandName Remove-MgDomain -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Remove-EntraDomain -Name "Contoso.com" + $params = Get-Parameters -data $result + $params.DomainId | Should -Be "Contoso.com" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDomain" + + Remove-EntraDomain -Name "Contoso.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDomain" + + Should -Invoke -CommandName Remove-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDomain -Name "Contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.Tests.ps1 b/test/Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..6f59917f33 --- /dev/null +++ b/test/Entra/DirectoryManagement/Remove-EntraScopedRoleMembership.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Test for Remove-EntraScopedRoleMembership" { + It "Should return empty object" { + $result = Remove-EntraScopedRoleMembership -AdministrativeUnitId bbbbbbbb-1111-1111-1111-cccccccccccc -ScopedRoleMembershipId bbbbbbbb-2222-2222-2222-cccccccccccc + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object with ObjectId" { + $result = Remove-EntraScopedRoleMembership -ObjectId bbbbbbbb-1111-1111-1111-cccccccccccc -ScopedRoleMembershipId bbbbbbbb-2222-2222-2222-cccccccccccc + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraScopedRoleMembership -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Remove-EntraScopedRoleMembership -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when ScopedRoleMembershipId is empty" { + { Remove-EntraScopedRoleMembership -ScopedRoleMembershipId "" } | Should -Throw "Cannot bind argument to parameter 'ScopedRoleMembershipId'*" + } + It "Should fail when ScopedRoleMembershipId is null" { + { Remove-EntraScopedRoleMembership -ScopedRoleMembershipId } | Should -Throw "Missing an argument for parameter 'ScopedRoleMembershipId'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraScopedRoleMembership -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraScopedRoleMembership" + + Remove-EntraScopedRoleMembership -AdministrativeUnitId "bbbbbbbb-1111-1111-1111-cccccccccccc" -ScopedRoleMembershipId "bbbbbbbb-2222-2222-2222-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraScopedRoleMembership" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraScopedRoleMembership -AdministrativeUnitId "bbbbbbbb-1111-1111-1111-cccccccccccc" -ScopedRoleMembershipId "bbbbbbbb-2222-2222-2222-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.Tests.ps1 b/test/Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..3b0e6522b2 --- /dev/null +++ b/test/Entra/DirectoryManagement/Restore-EntraDeletedDirectoryObject.Tests.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "@odata.type" = "#microsoft.graph.user" + "@odata.Context" = 'https://graph.microsoft.com/v1.0/$metadata#directoryObjects/$entity' + "displayName" = "Mock-App" + "jobTitle" = "TestMock" + "mail" = "M365x99297270.onmicrosoft.com" + "mobilePhone" = "9984534564" + "userPrincipalName" = "M365x99297270.onmicrosoft.com" + "preferredLanguage" = "EN" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Restore-EntraDeletedDirectoryObject" { + Context "Restore-EntraDeletedDirectoryObject" { + It "Should return specific MS deleted directory object" { + $result = Restore-EntraDeletedDirectoryObject -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return specific MS deleted directory object with AutoReconcileProxyConflict" { + $result = Restore-EntraDeletedDirectoryObject -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AutoReconcileProxyConflict + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Id is empty" { + { Restore-EntraDeletedDirectoryObject -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Restore-EntraDeletedDirectoryObject -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Result should contain Alias properties" { + $result = Restore-EntraDeletedDirectoryObject -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result."@odata.type" | should -Be "#microsoft.graph.user" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Restore-EntraDeletedDirectoryObject" + Restore-EntraDeletedDirectoryObject -Id "11112222-bbbb-3333-cccc-4444dddd5555" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Restore-EntraDeletedDirectoryObject" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Restore-EntraDeletedDirectoryObject -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraAdministrativeUnit.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..46e95f388f --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraAdministrativeUnit.Tests.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Test for Set-EntraAdministrativeUnit" { + It "Should return empty object" { + $result = Set-EntraAdministrativeUnit -AdministrativeUnitId bbbbbbbb-1111-1111-1111-cccccccccccc -DisplayName "test" -Description "test" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return empty object withObjectID" { + $result = Set-EntraAdministrativeUnit -ObjectId bbbbbbbb-1111-1111-1111-cccccccccccc -DisplayName "test" -Description "test" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Set-EntraAdministrativeUnit -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is null" { + { Set-EntraAdministrativeUnit -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when invalid parameter is passed" { + { Set-EntraAdministrativeUnit -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAdministrativeUnit" + Set-EntraAdministrativeUnit -AdministrativeUnitId bbbbbbbb-1111-1111-1111-cccccccccccc -DisplayName "test" -Description "test" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraAdministrativeUnit -AdministrativeUnitId "bbbbbbbb-1111-1111-1111-cccccccccccc" -DisplayName "test" -Description "test" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraAttributeSet.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..0da81020ce --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraAttributeSet.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Set-EntraAttributeSet" { + Context "Test for Set-EntraAttributeSet" { + It "Should return created AttributeSet" { + $result = Set-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should return created AttributeSet with alias" { + $result = Set-EntraAttributeSet -Id "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when AttributeSetId parameter is empty" { + { Set-EntraAttributeSet -AttributeSetId } | Should -Throw "Missing an argument for parameter 'AttributeSetId*" + } + It "Should fail when Description parameter is empty" { + { Set-EntraAttributeSet -Description } | Should -Throw "Missing an argument for parameter 'Description*" + } + It "Should fail when MaxAttributesPerSet parameter is empty" { + { Set-EntraAttributeSet -MaxAttributesPerSet } | Should -Throw "Missing an argument for parameter 'MaxAttributesPerSet*" + } + It "Should fail when MaxAttributesPerSet parameter is invalid" { + { Set-EntraAttributeSet -MaxAttributesPerSet "a"} | Should -Throw "Cannot process argument transformation on parameter 'MaxAttributesPerSet'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAttributeSet" + + Set-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Set-EntraAttributeSet -AttributeSetId "NewCustomAttributeSet" -Description "CustomAttributeSet" -MaxAttributesPerSet 125 -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..55829b5a95 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Test for Set-EntraCustomSecurityAttributeDefinition" { + + It "Should return empty object" { + $result = Set-EntraCustomSecurityAttributeDefinition -Id "Demo12_ProjectDatevaluevaluevalue12test" -Description "Test desc" -UsePreDefinedValuesOnly $false -Status "Available" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when ID is empty" { + { Set-EntraCustomSecurityAttributeDefinition -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { Set-EntraCustomSecurityAttributeDefinition -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when invalid parameter is passed" { + { Set-EntraCustomSecurityAttributeDefinition -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + Mock -CommandName Invoke-GraphRequest -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraCustomSecurityAttributeDefinition" + $result = Set-EntraCustomSecurityAttributeDefinition -Id "Demo12_ProjectDatevaluevaluevalue12test" -Description "Test desc" -UsePreDefinedValuesOnly $false -Status "Available" + $params = Get-Parameters -data $result + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.headers.'User-Agent' | Should -Be $userAgentHeaderValue + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraCustomSecurityAttributeDefinition -Id "Demo12_ProjectDatevaluevaluevalue12test" -Description "Test desc" -UsePreDefinedValuesOnly $false -Status "Available" } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..9d95ded483 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Test for Set-EntraCustomSecurityAttributeDefinitionAllowedValue" { + + It "Should return empty object" { + $result = Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "Engineering_Project" -Id "Alpine" -IsActive $true + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when CustomSecurityAttributeDefinitionId is empty" { + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId'*" + } + It "Should fail when CustomSecurityAttributeDefinitionId is null" { + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'*" + } + It "Should fail when invalid parameter is passed" { + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + + It "Should fail when Id is empty" { + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "Engineering_Project" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "Engineering_Project" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraCustomSecurityAttributeDefinitionAllowedValue" + + $result = Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "Engineering_Project" -Id "Alpine" -IsActive $true + $result | Should -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraCustomSecurityAttributeDefinitionAllowedValue" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "Engineering_Project" -Id "Alpine" -IsActive $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDevice.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDevice.Tests.ps1 new file mode 100644 index 0000000000..c5830c6ec3 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDevice.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgDevice -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Set-EntraDevice"{ + Context "Test for Set-EntraDevice" { + It "Should return empty object"{ + $result = Set-EntraDevice -DeviceObjectId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" -AccountEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraDevice -ObjectId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" -AccountEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when DeviceObjectId is invalid" { + { Set-EntraDevice -DeviceObjectId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceObjectId' because it is an empty string." + } + It "Should fail when DeviceObjectId is empty" { + { Set-EntraDevice -DeviceObjectId } | Should -Throw "Missing an argument for parameter 'DeviceObjectId'*" + } + It "Should contain DeviceId in parameters when passed DeviceObjectId to it" { + Mock -CommandName Update-MgDevice -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Set-EntraDevice -DeviceObjectId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDevice" + + Set-EntraDevice -DeviceObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDevice" + + Should -Invoke -CommandName Update-MgDevice -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDevice -DeviceObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.Tests.ps1 new file mode 100644 index 0000000000..180559e47f --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDirSyncConfiguration.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Configuration" = @{ AlertThreshold =500 ; SynchronizationPreventionType = "enabledForCount"} + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + Mock -CommandName Get-MgDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + + Mock -CommandName Update-MgDirectoryOnPremiseSynchronization -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Set-EntraDirSyncConfiguration" { + Context "Test for Set-EntraDirSyncConfiguration" { + It "Should Modifies the directory synchronization settings." { + $result = Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when AccidentalDeletionThreshold is empty" { + {Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold -Force } | Should -Throw "Missing an argument for parameter 'AccidentalDeletionThreshold'. Specify a parameter*" + } + + It "Should fail when AccidentalDeletionThreshold is invalid" { + {Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "xy" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold '111' -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "111" -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirSyncConfiguration" + + Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirSyncConfiguration" + + Should -Invoke -CommandName Update-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDirSyncEnabled.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDirSyncEnabled.Tests.ps1 new file mode 100644 index 0000000000..c6da8a9095 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDirSyncEnabled.Tests.ps1 @@ -0,0 +1,64 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Set-EntraDirSyncEnabled" { + Context "Test for Set-EntraDirSyncEnabled" { + It "Should return empty object" { + $result = Set-EntraDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when EnableDirsync is empty" { + {Set-EntraDirSyncEnabled -EnableDirsync -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force } | Should -Throw "Missing an argument for parameter 'EnableDirsync'. Specify a parameter*" + } + + It "Should fail when EnableDirsync is invalid" { + {Set-EntraDirSyncEnabled -EnableDirsync 'xy' -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraDirSyncEnabled -EnableDirsync $True -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraDirSyncEnabled -EnableDirsync $True -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraDirSyncEnabled -EnableDirsync $True -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirSyncEnabled" + Set-EntraDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force | Out-Null + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDirSyncFeature.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDirSyncFeature.Tests.ps1 new file mode 100644 index 0000000000..6d9823893b --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDirSyncFeature.Tests.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Configuration" = @{ AlertThreshold =500 ; SynchronizationPreventionType = "enabledForCount"} + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + Mock -CommandName Get-MgDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + + Mock -CommandName Update-MgDirectoryOnPremiseSynchronization -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Set-EntraDirSyncFeature" { + Context "Test for Set-EntraDirSyncFeature" { + It "Should sets identity synchronization features for a tenant." { + $result = Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when Feature is empty" { + {Set-EntraDirSyncFeature -Feature -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force} | Should -Throw "Missing an argument for parameter 'Feature'. Specify a parameter*" + } + + It "Should fail when Feature is invalid" { + {Set-EntraDirSyncFeature -Feature "" -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force} | Should -Throw "Cannot bind argument to parameter 'Feature' because it is an empty string.*" + } + + It "Should fail when Enable is empty" { + {Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force } | Should -Throw "Missing an argument for parameter 'Enabled'.*" + } + + It "Should fail when Enable is invalid" { + {Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled "" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force} | Should -Throw "Cannot process argument transformation on parameter 'Enabled'.*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirSyncFeature" + + Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirSyncFeature" + + Should -Invoke -CommandName Update-MgDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDirSyncFeature -Feature "BypassDirSyncOverrides" -Enabled $false -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDomain.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDomain.Tests.ps1 new file mode 100644 index 0000000000..13403cf9ff --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDomain.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgDomain -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Set-EntraDomain"{ + Context "Test for Set-EntraDomain" { + It "Should return empty object"{ + $result = Set-EntraDomain -Name "test.mail.onmicrosoft.com" -IsDefault $True -SupportedServices @("OrgIdAuthentication") + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when Name is empty" { + { Set-EntraDomain -Name } | Should -Throw "Missing an argument for parameter 'Name'*" + + } + It "Should fail when Name is invalid" { + { Set-EntraDomain -Name "" } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string." + + } + It "Should fail when SupportedServices is empty" { + { Set-EntraDomain -Name "test.mail.onmicrosoft.com" -SupportedServices } | Should -Throw "Missing an argument for parameter 'SupportedServices'*" + + } + It "Should fail when -IsDefault is empty" { + { Set-EntraDomain -Name "test.mail.onmicrosoft.com" -IsDefault } | Should -Throw "Missing an argument for parameter 'IsDefault'*" + + } + It "Should fail when -IsDefault is invalid" { + { Set-EntraDomain -Name "test.mail.onmicrosoft.com" -IsDefault xyz } | Should -Throw "Cannot process argument transformation on parameter 'IsDefault'*" + + } + It "Should contain DomainId in parameters when passed Name to it" { + Mock -CommandName Update-MgDomain -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + + $result = Set-EntraDomain -Name "test.mail.onmicrosoft.com" + $params = Get-Parameters -data $result + $params.DomainId | Should -Be "test.mail.onmicrosoft.com" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDomain" + + Set-EntraDomain -Name "test.mail.onmicrosoft.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDomain" + + Should -Invoke -CommandName Update-MgDomain -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDomain -Name "test.mail.onmicrosoft.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraDomainFederationSettings.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraDomainFederationSettings.Tests.ps1 new file mode 100644 index 0000000000..77e74d9e49 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraDomainFederationSettings.Tests.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "Contoso" + "FederatedIdpMfaBehavior" = "rejectMfaByFederatedIdp" + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "IsSignedAuthenticationRequestRequired" = "" + "IssuerUri" = "http://contoso.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.contoso.com/adfs/services/trust/mex" + "NextSigningCertificate" = "MIIC3jCCAcagAwIBAgIQEt0T0G5GPZ9" + "PassiveSignInUri" = "https://sts.contoso.com/adfs/ls/" + "PreferredAuthenticationProtocol" = "wsFed" + "PromptLoginBehavior" = "" + "SignOutUri" = "https://sts.deverett.info/adfs/ls/" + "SigningCertificate" = "MIIC3jCCAcagAwIBAgIQFsO0R8deG4h" + "SigningCertificateUpdateStatus" = @{ + "CertificateUpdateResult" = "success"; + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.DirectoryManagement + + Mock -CommandName Update-MgDomainFederationConfiguration -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} +Describe "Set-EntraDomainFederationSettings" { + Context "Test for Set-EntraDomainFederationSettings" { + It "Should Updates settings for a federated domain." { + $result = Set-EntraDomainFederationSettings -DomainName "contoso.com" -LogOffUri "https://adfs1.manan.lab/adfs/" -PassiveLogOnUri "https://adfs1.manan.lab/adfs/" -ActiveLogOnUri "https://adfs1.manan.lab/adfs/services/trust/2005/" -IssuerUri "http://adfs1.manan.lab/adfs/services/" -FederationBrandName "ADFS" -MetadataExchangeUri "https://adfs1.manan.lab/adfs/services/trust/" -PreferredAuthenticationProtocol "saml" -PromptLoginBehavior "nativeSupport" -SigningCertificate "Testcertificate" -NextSigningCertificate "Testcertificate" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + + It "Should fail when DomainName is empty" { + {Set-EntraDomainFederationSettings -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Set-EntraDomainFederationSettings -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + It "Should fail when NextSigningCertificate is empty" { + { Set-EntraDomainFederationSettings -DomainName "contoso.com" -NextSigningCertificate } | Should -Throw "Missing an argument for parameter 'NextSigningCertificate'. Specify a parameter*" + } + + It "Should fail when SigningCertificate is empty" { + { Set-EntraDomainFederationSettings -DomainName "contoso.com" -SigningCertificate } | Should -Throw "Missing an argument for parameter 'SigningCertificate'. Specify a parameter*" + } + + It "Should fail when parameter is empty" { + {Set-EntraDomainFederationSettings -DomainName "contoso.com" -LogOffUri -PassiveLogOnUri -ActiveLogOnUri -IssuerUri -FederationBrandName -MetadataExchangeUri -PreferredAuthenticationProtocol -PromptLoginBehavior } | Should -Throw "Missing an argument for parameter*" + } + It "Should fail when invalid paramter is passed"{ + {Set-EntraDomainFederationSettings -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain DomainId in parameters when DomainName to it" { + Mock -CommandName Update-MgDomainFederationConfiguration -MockWith {$args} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Set-EntraDomainFederationSettings -DomainName "contoso.com" + $params = Get-Parameters -data $result + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.DomainId | Should -Be "contoso.com" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDomainFederationSettings" + + Set-EntraDomainFederationSettings -DomainName "contoso.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDomainFederationSettings" + + Should -Invoke -CommandName Update-MgDomainFederationConfiguration -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDomainFederationSettings -DomainName "contoso.com" -LogOffUri "https://adfs1.manan.lab/adfs/" -PassiveLogOnUri "https://adfs1.manan.lab/adfs/" -ActiveLogOnUri "https://adfs1.manan.lab/adfs/services/trust/2005/" -IssuerUri "http://adfs1.manan.lab/adfs/services/" -FederationBrandName "ADFS" -MetadataExchangeUri "https://adfs1.manan.lab/adfs/services/trust/" -PreferredAuthenticationProtocol "saml" -PromptLoginBehavior "nativeSupport" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraPartnerInformation.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraPartnerInformation.Tests.ps1 new file mode 100644 index 0000000000..9d240ba932 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraPartnerInformation.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -MockWith { + return @{ + value = @( + @{ + Id = "fd560167-ff1f-471a-8d74-3b0070abcea1" + Parameters = $args + } + ) + } + } +} + +Describe "Set-EntraPartnerInformation" { + Context "Test for Set-EntraPartnerInformation" { + It "Should return empty object" { + Mock -CommandName Invoke-MgGraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Set-EntraPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId b73cc049-a025-4441-ba3a-8826d9a68ecc + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when PartnerSupportUrl is empty" { + { Set-EntraPartnerInformation -PartnerSupportUrl } | Should -Throw "Missing an argument for parameter 'PartnerSupportUrl'*" + } + It "Should fail when PartnerCommerceUrl is empty" { + { Set-EntraPartnerInformation -PartnerCommerceUrl } | Should -Throw "Missing an argument for parameter 'PartnerCommerceUrl'*" + } + It "Should fail when PartnerHelpUrl is empty" { + { Set-EntraPartnerInformation -PartnerHelpUrl } | Should -Throw "Missing an argument for parameter 'PartnerHelpUrl'*" + } + It "Should fail when PartnerSupportEmails is empty" { + { Set-EntraPartnerInformation -PartnerSupportEmails } | Should -Throw "Missing an argument for parameter 'PartnerSupportEmails'*" + } + It "Should fail when PartnerSupportTelephones is empty" { + { Set-EntraPartnerInformation -PartnerSupportTelephones } | Should -Throw "Missing an argument for parameter 'PartnerSupportTelephones'*" + } + It "Should fail when TenantId is empty" { + { Set-EntraPartnerInformation -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Set-EntraPartnerInformation -TenantId abc } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'*" + } + It "Should contain params" { + $result = Set-EntraPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId b73cc049-a025-4441-ba3a-8826d9a68ecc + $params = Get-Parameters -data $result.value.Parameters + $params.Body.supportEmails | Should -Be @("contoso@example.com") + $params.Body.supportUrl | Should -Be "http://www.test1.com" + $params.Body.partnerTenantId | Should -Be "b73cc049-a025-4441-ba3a-8826d9a68ecc" + $params.Body.helpUrl | Should -Be "http://www.test1.com" + $params.Body.commerceUrl | Should -Be "http://www.test1.com" + $params.Body.supportTelephones | Should -Be @("2342") + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPartnerInformation" + + Set-EntraPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId b73cc049-a025-4441-ba3a-8826d9a68ecc + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPartnerInformation" + + Should -Invoke -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId b73cc049-a025-4441-ba3a-8826d9a68ecc -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Set-EntraTenantDetail.Tests.ps1 b/test/Entra/DirectoryManagement/Set-EntraTenantDetail.Tests.ps1 new file mode 100644 index 0000000000..72f18b8a59 --- /dev/null +++ b/test/Entra/DirectoryManagement/Set-EntraTenantDetail.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.DirectoryManagement + } + + $scriptblock = { + return @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } +} + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + Mock -CommandName Get-MgOrganization -MockWith {$scriptblock} -ModuleName Microsoft.Entra.DirectoryManagement + Mock -CommandName Update-MgOrganization -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement +} + +Describe "Set-EntraTenantDetail" { + Context "Test for Set-EntraTenantDetail" { + It "Should return empty object" { + $result = Set-EntraTenantDetail -MarketingNotificationEmails "amy@contoso.com","henry@contoso.com" -SecurityComplianceNotificationMails "john@contoso.com","mary@contoso.com" -SecurityComplianceNotificationPhones "1-555-625-9999", "1-555-233-5544" -TechnicalNotificationMails "peter@contoso.com" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + It "Should fail when MarketingNotificationEmails is empty" { + { Set-EntraTenantDetail -MarketingNotificationEmails } | Should -Throw "Missing an argument for parameter 'MarketingNotificationEmails'.*" + } + It "Should fail when SecurityComplianceNotificationMails is empty" { + { Set-EntraTenantDetail -SecurityComplianceNotificationMails } | Should -Throw "Missing an argument for parameter 'SecurityComplianceNotificationMails'.*" + } + It "Should fail when SecurityComplianceNotificationPhones is empty" { + { Set-EntraTenantDetail -SecurityComplianceNotificationPhones } | Should -Throw "Missing an argument for parameter 'SecurityComplianceNotificationPhones'.*" + } + It "Should fail when TechnicalNotificationMails is empty" { + { Set-EntraTenantDetail -TechnicalNotificationMails } | Should -Throw "Missing an argument for parameter 'TechnicalNotificationMails'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraTenantDetail" + + Set-EntraTenantDetail -MarketingNotificationEmails "amy@contoso.com","henry@contoso.com" -SecurityComplianceNotificationMails "john@contoso.com","mary@contoso.com" -SecurityComplianceNotificationPhones "1-555-625-9999", "1-555-233-5544" -TechnicalNotificationMails "peter@contoso.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraTenantDetail" + + Should -Invoke -CommandName Update-MgOrganization -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraTenantDetail -MarketingNotificationEmails "amy@contoso.com","henry@contoso.com" -SecurityComplianceNotificationMails "john@contoso.com","mary@contoso.com" -SecurityComplianceNotificationPhones "1-555-625-9999", "1-555-233-5544" -TechnicalNotificationMails "peter@contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/DirectoryManagement/Valid.Tests.ps1 b/test/Entra/DirectoryManagement/Valid.Tests.ps1 new file mode 100644 index 0000000000..9794249ef3 --- /dev/null +++ b/test/Entra/DirectoryManagement/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.DirectoryManagement)){ + Import-Module Microsoft.Entra.DirectoryManagement + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.DirectoryManagement +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.DirectoryManagement + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.DirectoryManagement -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/Entra/Entra.Tests.ps1 b/test/Entra/Entra.Tests.ps1 new file mode 100644 index 0000000000..526322e432 --- /dev/null +++ b/test/Entra/Entra.Tests.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +if($null -eq (Get-Module -Name Microsoft.Entra.Authentication)){ + Import-Module Microsoft.Entra.Authentication -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Applications)){ + Import-Module Microsoft.Entra.Applications -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.DirectoryManagement)){ + Import-Module Microsoft.Entra.DirectoryManagement -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Governance)){ + Import-Module Microsoft.Entra.Governance -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Users)){ + Import-Module Microsoft.Entra.Users -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Groups)){ + Import-Module Microsoft.Entra.Groups -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Reports)){ + Import-Module Microsoft.Entra.Reports -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.SignIns)){ + Import-Module Microsoft.Entra.SignIns -Force +} + +Import-Module Pester + +#$psmPath = (Get-Module Microsoft.Entra.Applications).Path +$ps1FilesPath = join-path $psscriptroot "..\..\module\Entra\Microsoft.Entra" +$testReportPath = join-path $psscriptroot "..\..\TestReport\Entra" +$mockScriptsPath = join-path $psscriptroot "..\..\test\Entra\*\*.Tests.ps1" + +$testOutputFile = "$testReportPath\TestResults.xml" +if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} + +$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "Entra.Tests.ps1" | ForEach-Object { $_.FullName } + +$config = New-PesterConfiguration +$config.Run.Path = $mockScripts +$config.Run.PassThru = $true +$config.Run.Exit = $true +$config.CodeCoverage.Enabled = $true +$config.CodeCoverage.CoveragePercentTarget = 100 +#$config.CodeCoverage.Path = $psmPath +$config.CodeCoverage.Path = $ps1FilesPath +$config.TestResult.Enabled = $true +$config.TestResult.OutputPath = $testOutputFile +$config.Output.Verbosity = "Detailed" + +Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test/module/Entra/EntraCmdletsMap.ps1 b/test/Entra/EntraCmdletsMap.ps1 similarity index 100% rename from test/module/Entra/EntraCmdletsMap.ps1 rename to test/Entra/EntraCmdletsMap.ps1 diff --git a/test/Entra/Governance/Get-EntraDirectoryRoleAssignment.Tests.ps1 b/test/Entra/Governance/Get-EntraDirectoryRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..de33a769a4 --- /dev/null +++ b/test/Entra/Governance/Get-EntraDirectoryRoleAssignment.Tests.ps1 @@ -0,0 +1,129 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppScope" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphAppScope" + "AppScopeId" = $null + "Id" = "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + "DirectoryScope" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject" + "DirectoryScopeId" = "/0000aaaa-11bb-cccc-dd22-eeeeee333333" + "Condition" = $null + "Principal" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject" + "PrincipalId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "RoleDefinition" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphUnifiedRoleDefinition" + "RoleDefinitionId" = "1b1b1b1b-2222-cccc-3333-4d4d4d4d4d4d" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleAssignments/$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgRoleManagementDirectoryRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Governance +} + +Describe "Get-EntraDirectoryRoleAssignment" { + Context "Test for Get-EntraDirectoryRoleAssignment" { + It "Should return specific role assignment" { + $result = Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraDirectoryRoleAssignment -Id "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when Get-EntraDirectoryRoleAssignment is empty" { + { Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'UnifiedRoleAssignmentId'*" + } + It "Should fail when Get-EntraDirectoryRoleAssignment is invalid" { + { Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'UnifiedRoleAssignmentId' because it is an empty string." + } + It "Should return all role assignments" { + $result = Get-EntraDirectoryRoleAssignment -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraDirectoryRoleAssignment -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top role assignment" { + $result = Get-EntraDirectoryRoleAssignment -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraDirectoryRoleAssignment -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraDirectoryRoleAssignment -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific application by filter" { + $result = Get-EntraDirectoryRoleAssignment -Filter "PrincipalId eq 'aaaaaaaa-bbbb-cccc-1111-222222222222'" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2' + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraDirectoryRoleAssignment -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result.ObjectId | should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + } + It "Should contain UnifiedRoleAssignmentId in parameters when passed Id to it" { + $result = Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $params = Get-Parameters -data $result.Parameters + $params.UnifiedRoleAssignmentId | Should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + } + It "Property parameter should work" { + $result = Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" -Property PrincipalId + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | Should -Be 'aaaaaaaa-bbbb-cccc-1111-222222222222' + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleAssignment" + + Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleAssignment" + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Governance/Get-EntraDirectoryRoleDefinition.Tests.ps1 b/test/Entra/Governance/Get-EntraDirectoryRoleDefinition.Tests.ps1 new file mode 100644 index 0000000000..9d3c761729 --- /dev/null +++ b/test/Entra/Governance/Get-EntraDirectoryRoleDefinition.Tests.ps1 @@ -0,0 +1,145 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "RolePermissions" = @{AllowedResourceActions="System.Object[]"; Condition=""; ExcludedResourceActions=""; AdditionalProperties=""} + "Description" = "Mock-App" + "DisplayName" = "Mock-App" + "Id" = "0000aaaa-11bb-cccc-dd22-eeeeee333333" + "InheritsPermissionsFrom" = {} + "IsBuiltIn" = $False + "IsEnabled" = $False + "ResourceScopes" = {/} + "TemplateId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "Version" = "2" + "RoleDefinitionId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleDefinitions/$entity" + "inheritsPermissionsFrom@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleDefinitions('54d418b2-4cc0-47ee-9b39-e8f84ed8e073')/inheritsPermissionsFrom" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgRoleManagementDirectoryRoleDefinition -MockWith $scriptblock -ModuleName Microsoft.Entra.Governance +} + +Describe "Get-EntraDirectoryRoleDefinition" { + Context "Test for Get-EntraDirectoryRoleDefinition" { + It "Should return specificrole Defination" { + $result = Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock-App" + $result.Id | Should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should return specificrole Defination With Alias" { + $result = Get-EntraDirectoryRoleDefinition -Id "0000aaaa-11bb-cccc-dd22-eeeeee333333" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock-App" + $result.Id | Should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when UnifiedRoleDefinitionId is empty" { + { Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId } | Should -Throw "Missing an argument for parameter 'UnifiedRoleDefinitionId'*" + } + It "Should fail when UnifiedRoleDefinitionId is invalid" { + { Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'UnifiedRoleDefinitionId' because it is an empty string." + } + It "Should return all role assignments" { + $result = Get-EntraDirectoryRoleDefinition -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraDirectoryRoleDefinition -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top role assignment" { + $result = Get-EntraDirectoryRoleDefinition -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraDirectoryRoleDefinition -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraDirectoryRoleDefinition -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific application by SearchString" { + $result = Get-EntraDirectoryRoleDefinition -SearchString 'Mock-App' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when String is empty" { + { Get-EntraDirectoryRoleDefinition -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should return specific application by filter" { + $result = Get-EntraDirectoryRoleDefinition -Filter "DisplayName eq 'Mock-App'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraDirectoryRoleDefinition -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Result should Contain ObjectId" { + $result = Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" + $result.ObjectId | should -Be "0000aaaa-11bb-cccc-dd22-eeeeee333333" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraDirectoryRoleDefinition -SearchString 'Mock-App' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-App" + } + It "Property parameter should work" { + $result = Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleDefinition" + + Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDirectoryRoleDefinition" + + Should -Invoke -CommandName Get-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "0000aaaa-11bb-cccc-dd22-eeeeee333333" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Governance/Invalid.Tests.ps1 b/test/Entra/Governance/Invalid.Tests.ps1 new file mode 100644 index 0000000000..f7d298be04 --- /dev/null +++ b/test/Entra/Governance/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Governance)){ + Import-Module Microsoft.Entra.Governance +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Governance + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} diff --git a/test/Entra/Governance/Module.Tests.ps1 b/test/Entra/Governance/Module.Tests.ps1 new file mode 100644 index 0000000000..de5efa70a0 --- /dev/null +++ b/test/Entra/Governance/Module.Tests.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Governance Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Governance + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Governance + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Governance + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Governance.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Governance + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Governance -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} + diff --git a/test/Entra/Governance/New-EntraDirectoryRoleAssignment.Tests.ps1 b/test/Entra/Governance/New-EntraDirectoryRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..c582d31d96 --- /dev/null +++ b/test/Entra/Governance/New-EntraDirectoryRoleAssignment.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppScope" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphAppScope" + "AppScopeId" = $null + "Id" = "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + "DirectoryScope" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject" + "DirectoryScopeId" = "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "Condition" = $null + "Principal" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject" + "PrincipalId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "RoleDefinition" = "Microsoft.Graph.PowerShell.Models.MicrosoftGraphUnifiedRoleDefinition" + "RoleDefinitionId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleAssignments/$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgRoleManagementDirectoryRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Governance +} + +Describe "New-EntraDirectoryRoleAssignment" { +Context "Test for New-EntraDirectoryRoleAssignment" { + It "Should return created Ms role assignment" { + $result = New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "54d418b2-4cc0-47ee-9b39-e8f84ed8e073" -DirectoryScopeId "/54d418b2-4cc0-47ee-9b39-e8f84ed8e073" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.RoleDefinitionId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.DirectoryScopeId | Should -Be "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName New-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when PrincipalId is empty" { + { New-EntraDirectoryRoleAssignment -PrincipalId -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" } | Should -Throw "Missing an argument for parameter 'PrincipalId'*" + } + It "Should fail when PrincipalId is invalid" { + { New-EntraDirectoryRoleAssignment -PrincipalId "" -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" } | Should -Throw "Cannot bind argument to parameter 'PrincipalId' because it is an empty string." + } + It "Should fail when RoleDefinitionId is empty" { + { New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" } | Should -Throw "Missing an argument for parameter 'RoleDefinitionId'*" + } + It "Should fail when RoleDefinitionId is invalid" { + { New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" } | Should -Throw "Cannot bind argument to parameter 'RoleDefinitionId' because it is an empty string." + } + It "Should fail when DirectoryScopeId is empty" { + { New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId } | Should -Throw "Missing an argument for parameter 'DirectoryScopeId'*" + } + It "Result should Contain ObjectId" { + $result = New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ObjectId | should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDirectoryRoleAssignment" + + New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDirectoryRoleAssignment" + + Should -Invoke -CommandName New-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraDirectoryRoleAssignment -PrincipalId "aaaaaaaa-bbbb-cccc-1111-222222222222" -RoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectoryScopeId "/00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Governance/New-EntraDirectoryRoleDefinition.Tests.ps1 b/test/Entra/Governance/New-EntraDirectoryRoleDefinition.Tests.ps1 new file mode 100644 index 0000000000..96e2e0bddf --- /dev/null +++ b/test/Entra/Governance/New-EntraDirectoryRoleDefinition.Tests.ps1 @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "RolePermissions" = {"Microsoft.Graph.PowerShell.Models.MicrosoftGraphUnifiedRolePermission"} + "Description" = "Mock-App" + "DisplayName" = "Mock-App" + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "InheritsPermissionsFrom" = {} + "IsBuiltIn" = $False + "IsEnabled" = $False + "ResourceScopes" = {/} + "TemplateId" = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + "Version" = "2" + "RoleDefinitionId" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleDefinitions/$entity" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgRoleManagementDirectoryRoleDefinition -MockWith $scriptblock -ModuleName Microsoft.Entra.Governance +} + +Describe "New-EntraDirectoryRoleDefinition" { + Context "Test for New-EntraDirectoryRoleDefinition" { + It "Should return specific Ms role Defination" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "4dd5aa9c-cf4d-4895-a993-740d342802b1" -Version 2 + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock-App" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.IsEnabled | Should -Be $False + $result.TemplateId | Should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result.Version | Should -Be 2 + + + Should -Invoke -CommandName New-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when RolePermissions is empty" { + {New-EntraDirectoryRoleDefinition -RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Missing an argument for parameter 'RolePermissions'*" + } + It "Should fail when IsEnabled is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + It "Should fail when IsEnabled is invalid" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled xy -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Cannot process argument transformation on parameter 'IsEnabled'*" + } + It "Should fail when DisplayName is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when DisplayName is invalid" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName "" -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Cannot bind argument to parameter 'DisplayName' because it is an empty string." + } + It "Should fail when ResourceScopes is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Missing an argument for parameter 'ResourceScopes'*" + } + It "Should fail when Description is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2} | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when TemplateId is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId -Version 2} | Should -Throw "Missing an argument for parameter 'TemplateId'*" + } + It "Should fail when Version is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff"-Version } | Should -Throw "Missing an argument for parameter 'Version'*" + } + It "Result should Contain ObjectId" { + $result = $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDirectoryRoleDefinition" + + $result = $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraDirectoryRoleDefinition" + + Should -Invoke -CommandName New-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraDirectoryRoleDefinition -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Governance/Remove-EntraDirectoryRoleAssignment.Tests.ps1 b/test/Entra/Governance/Remove-EntraDirectoryRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..66a5b755e3 --- /dev/null +++ b/test/Entra/Governance/Remove-EntraDirectoryRoleAssignment.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgRoleManagementDirectoryRoleAssignment -MockWith {} -ModuleName Microsoft.Entra.Governance +} + +Describe "Remove-EntraDirectoryRoleAssignment" { + Context "Test for Remove-EntraDirectoryRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDirectoryRoleAssignment -Id "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when UnifiedRoleAssignmentId is empty" { + { Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'UnifiedRoleAssignmentId'*" + } + It "Should fail when UnifiedRoleAssignmentId is invalid" { + { Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'UnifiedRoleAssignmentId' because it is an empty string." + } + It "Should contain UnifiedRoleAssignmentId in parameters when passed Id to it" { + Mock -CommandName Remove-MgRoleManagementDirectoryRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Governance + + $result = Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $params = Get-Parameters -data $result + $params.UnifiedRoleAssignmentId | Should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleAssignment" + + Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleAssignment" + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleAssignment -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDirectoryRoleAssignment -UnifiedRoleAssignmentId "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Governance/Remove-EntraDirectoryRoleDefinition.Tests.ps1 b/test/Entra/Governance/Remove-EntraDirectoryRoleDefinition.Tests.ps1 new file mode 100644 index 0000000000..556cdaf862 --- /dev/null +++ b/test/Entra/Governance/Remove-EntraDirectoryRoleDefinition.Tests.ps1 @@ -0,0 +1,66 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgRoleManagementDirectoryRoleDefinition -MockWith {} -ModuleName Microsoft.Entra.Governance +} + +Describe "Remove-EntraDirectoryRoleDefinition" { + Context "Test for Remove-EntraDirectoryRoleDefinition" { + It "Should return empty object" { + $result = Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDirectoryRoleDefinition -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when UnifiedRoleDefinitionId is empty" { + { Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId } | Should -Throw "Missing an argument for parameter 'UnifiedRoleDefinitionId'*" + } + It "Should fail when UnifiedRoleDefinitionId is invalid" { + { Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'UnifiedRoleDefinitionId' because it is an empty string*" + } + It "Should contain UnifiedRoleDefinitionId in parameters when passed Id to it" { + Mock -CommandName Remove-MgRoleManagementDirectoryRoleDefinition -MockWith {$args} -ModuleName Microsoft.Entra.Governance + + $result = Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result + $params.UnifiedRoleDefinitionId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleDefinition" + + Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDirectoryRoleDefinition" + + Should -Invoke -CommandName Remove-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Governance/Set-EntraDirectoryRoleDefinition.Tests.ps1 b/test/Entra/Governance/Set-EntraDirectoryRoleDefinition.Tests.ps1 new file mode 100644 index 0000000000..5de325cbbb --- /dev/null +++ b/test/Entra/Governance/Set-EntraDirectoryRoleDefinition.Tests.ps1 @@ -0,0 +1,110 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Governance) -eq $null){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgRoleManagementDirectoryRoleDefinition -MockWith {} -ModuleName Microsoft.Entra.Governance +} + +Describe "Set-EntraDirectoryRoleDefinition" { + Context "Test for Set-EntraDirectoryRoleDefinition" { + It "Should return empty object" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 3 + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should execute successfully with Alias" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = Set-EntraDirectoryRoleDefinition -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 3 + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 + } + It "Should fail when UnifiedRoleDefinitionId is empty" { + { Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId -DisplayName 'Mock-App' -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" } | Should -Throw "Missing an argument for parameter 'UnifiedRoleDefinitionId'*" + } + It "Should fail when UnifiedRoleDefinitionId is invalid" { + { Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "" -IsEnabled $false -DisplayName 'Mock-App' -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 3 } | Should -Throw "Cannot bind argument to parameter 'UnifiedRoleDefinitionId' because it is an empty string*" + } + It "Should fail when RolePermissions is empty" { + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions } | Should -Throw "Missing an argument for parameter 'RolePermissions'*" + } + It "Should fail when IsEnabled is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsEnabled } | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + It "Should fail when DisplayName is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when ResourceScopes is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -ResourceScopes } | Should -Throw "Missing an argument for parameter 'ResourceScopes'*" + } + It "Should fail when Description is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when TemplateId is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -TemplateId } | Should -Throw "Missing an argument for parameter 'TemplateId'*" + } + It "Should fail when Version is empty" { + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + {Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Version } | Should -Throw "Missing an argument for parameter 'Version'*" + } + It "Should contain UnifiedRoleDefinitionId in parameters when passed Id to it" { + Mock -CommandName Update-MgRoleManagementDirectoryRoleDefinition -MockWith {$args} -ModuleName Microsoft.Entra.Governance + + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + $result = Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 + $params = Get-Parameters -data $result + $params.UnifiedRoleDefinitionId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirectoryRoleDefinition" + + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraDirectoryRoleDefinition" + + Should -Invoke -CommandName Update-MgRoleManagementDirectoryRoleDefinition -ModuleName Microsoft.Entra.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $RolePermissions = New-object Microsoft.Open.MSGraph.Model.RolePermission + $RolePermissions.AllowedResourceActions = @("microsoft.directory/applications/basic/read") + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraDirectoryRoleDefinition -UnifiedRoleDefinitionId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RolePermissions $RolePermissions -IsEnabled $false -DisplayName 'Mock-App' -ResourceScopes "/" -Description "Mock-App" -TemplateId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Version 2 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} diff --git a/test/Entra/Governance/Valid.Tests.ps1 b/test/Entra/Governance/Valid.Tests.ps1 new file mode 100644 index 0000000000..220bc37647 --- /dev/null +++ b/test/Entra/Governance/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Governance)){ + Import-Module Microsoft.Entra.Governance + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Governance +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Governance + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Governance -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Governance + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Governance -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Governance + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Governance -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Governance + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Governance -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} diff --git a/test/Entra/Groups/Add-EntraGroupMember.Tests.ps1 b/test/Entra/Groups/Add-EntraGroupMember.Tests.ps1 new file mode 100644 index 0000000000..a52dda0640 --- /dev/null +++ b/test/Entra/Groups/Add-EntraGroupMember.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgGroupMember -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Add-EntraGroupMember" { + Context "Test for Add-EntraGroupMember" { + It "Should add an member to a group" { + $result = Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgGroupMember -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Add-EntraGroupMember -ObjectId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + + It "Should fail when GroupId is invalid" { + { Add-EntraGroupMember -GroupId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when RefObjectId is empty" { + { Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + + It "Should fail when RefObjectId is invalid" { + { Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName New-MgGroupMember -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-1111-2222-3333-cccccccccccc" + } + + It "Should contain DirectoryObjectId in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgGroupMember -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraGroupMember" + + Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraGroupMember" + + Should -Invoke -CommandName New-MgGroupMember -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraGroupMember -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Add-EntraGroupOwner.Tests.ps1 b/test/Entra/Groups/Add-EntraGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..7e71b91534 --- /dev/null +++ b/test/Entra/Groups/Add-EntraGroupOwner.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgGroupOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Add-EntraGroupOwner" { + Context "Test for Add-EntraGroupOwner" { + It "Should add an owner to a group" { + $result = Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgGroupOwnerByRef -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Add-EntraGroupOwner -GroupId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + + It "Should fail when GroupId is invalid" { + { Add-EntraGroupOwner -GroupId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when RefObjectId is empty" { + { Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + + It "Should fail when RefObjectId is invalid" { + { Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName New-MgGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraGroupOwner" + Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraGroupOwner" + Should -Invoke -CommandName New-MgGroupOwnerByRef -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraGroupOwner -GroupId "aaaaaaaa-1111-2222-3333-cccccccccccc" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Add-EntraLifecyclePolicyGroup.Tests.ps1 b/test/Entra/Groups/Add-EntraLifecyclePolicyGroup.Tests.ps1 new file mode 100644 index 0000000000..33d6b91dce --- /dev/null +++ b/test/Entra/Groups/Add-EntraLifecyclePolicyGroup.Tests.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Value" = "True" + "AdditionalProperties" = "{[@odata.context, https://graph.microsoft.com/v1.0/`$metadata#Edm.Boolean]}" + "Parameters" = $args + } + ) + } + + Mock -CommandName Add-MgGroupToLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Add-EntraLifecyclePolicyGroup" { + Context "Test for Add-EntraLifecyclePolicyGroup" { + It "Should return created LifecyclePolicyGroup" { + $result = Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff + $result | Should -Not -BeNullOrEmpty" + $result.Value | should -Be "True" + + Should -Invoke -CommandName Add-MgGroupToLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return created LifecyclePolicyGroup with alias" { + $result = Add-EntraLifecyclePolicyGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff + $result | Should -Not -BeNullOrEmpty" + $result.Value | should -Be "True" + + Should -Invoke -CommandName Add-MgGroupToLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string.*" + } + It "Should fail when GroupLifecyclePolicyId is empty" { + { Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'.*" + } + It "Should fail when GroupId is invalid" { + { Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string.*" + } + It "Should fail when GroupId is empty" { + { Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraLifecyclePolicyGroup" + + Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraLifecyclePolicyGroup" + + Should -Invoke -CommandName Add-MgGroupToLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraDeletedGroup.Tests.ps1 b/test/Entra/Groups/Get-EntraDeletedGroup.Tests.ps1 new file mode 100644 index 0000000000..aa86fc50c3 --- /dev/null +++ b/test/Entra/Groups/Get-EntraDeletedGroup.Tests.ps1 @@ -0,0 +1,150 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "DeletedDateTime" = "10-05-2024 04:27:17" + "CreatedDateTime" = "07-07-2023 14:31:41" + "DisplayName" = "Mock-App" + "MailNickname" = "Demo-Mock-App" + "GroupTypes" = "Unified" + "SecurityEnabled" = $False + "MailEnabled" = $True + "Visibility" = "Public" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#groups/$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgDirectoryDeletedItemAsGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraDeletedGroup" { +Context "Test for Get-EntraDeletedGroup" { + It "Should return specific Deleted Group" { + $result = Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return specific Deleted Group with alias" { + $result = Get-EntraDeletedGroup -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is empty" { + { Get-EntraDeletedGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Get-EntraDeletedGroup -GroupId ""} | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should return All deleted groups" { + $result = Get-EntraDeletedGroup -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 deleted group" { + $result = Get-EntraDeletedGroup -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific deleted group by filter" { + $result = Get-EntraDeletedGroup -Filter "DisplayName eq 'Mock-App'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraDeletedGroup -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return specific deleted groupn by SearchString" { + $result = Get-EntraDeletedGroup -SearchString "Demo-Mock-App" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.MailNickname | Should -Be "Demo-Mock-App" + $result.DisplayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when searchstring is empty" { + { Get-EntraDeletedGroup -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Property parameter should work" { + $result = Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain GroupId in parameters when passed Id to it" { + $result = Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.DirectoryObjectId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraDeletedGroup -SearchString "Demo-Mock-App" + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-App" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedGroup" + $result = Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraDeletedGroup" + Should -Invoke -CommandName Get-MgDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraGroup.Tests.ps1 b/test/Entra/Groups/Get-EntraGroup.Tests.ps1 new file mode 100644 index 0000000000..eb9a5f3ea4 --- /dev/null +++ b/test/Entra/Groups/Get-EntraGroup.Tests.ps1 @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraGroup with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DisplayName" = "demo" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "MailEnabled" = "False" + "Description" = "test" + "MailNickname" = "demoNickname" + "SecurityEnabled" = "True" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraGroup" { + Context "Test for Get-EntraGroup" { + It "Should return specific group" { + $result = Get-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is empty" { + { Get-EntraGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when searchstring is empty" { + { Get-EntraGroup -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should fail when filter is empty" { + { Get-EntraGroup -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraGroup -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraGroup -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all group" { + $result = Get-EntraGroup -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraGroup -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should return specific group by searchstring" { + $result = Get-EntraGroup -SearchString 'demo' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'demo' + + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return specific group by filter" { + $result = Get-EntraGroup -Filter "DisplayName -eq 'demo'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'demo' + + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return top group" { + $result = Get-EntraGroup -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Result should Contain ObjectId" { + $result = Get-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Get-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraGroup -SearchString 'demo' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "demo" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroup" + $result = Get-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroup" + Should -Invoke -CommandName Get-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraGroup -SearchString 'demo' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraGroupAppRoleAssignment.Tests.ps1 b/test/Entra/Groups/Get-EntraGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..7481d61ae9 --- /dev/null +++ b/test/Entra/Groups/Get-EntraGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,141 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + "AppRoleId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "CreatedDateTime" = "06-05-2024 05:42:01" + "DeletedDateTime" = $null + "PrincipalDisplayName" = "Mock-Group" + "PrincipalId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ResourceId" = "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + "ResourceDisplayName" = "Mock-Group" + "PrincipalType" = "PrincipalType" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgGroupAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraGroupAppRoleAssignment" { +Context "Test for Get-EntraGroupAppRoleAssignment" { + It "Should return specific Group AppRole Assignment" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return specific Group AppRole Assignment with alias" { + $result = Get-EntraGroupAppRoleAssignment -objectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when ObjectlId is empty" { + { Get-EntraGroupAppRoleAssignment -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when ObjectlId is invalid" { + { Get-EntraGroupAppRoleAssignment -GroupId ""} | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should return All Group AppRole Assignment" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 Group AppRole Assignment" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.PrincipalDisplayName | Should -Be 'Mock-Group' + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Result should Contain GroupId" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + } + It "Should contain GroupId in parameters when passed Id to it" { + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupAppRoleAssignment" + + $result = Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupAppRoleAssignment" + + Should -Invoke -CommandName Get-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + + diff --git a/test/Entra/Groups/Get-EntraGroupLifecyclePolicy.Tests.ps1 b/test/Entra/Groups/Get-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..3e280b8ec2 --- /dev/null +++ b/test/Entra/Groups/Get-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,110 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = 200 + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "ManagedGroupTypes" = "All" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraGroupLifecyclePolicy" { + Context "Test for Get-EntraGroupLifecyclePolicy" { + It "Retrieve all groupLifecyclePolicies" { + $result = Get-EntraGroupLifecyclePolicy + $result | Should -Not -BeNullOrEmpty + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraGroupLifecyclePolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.GroupLifetimeInDays | Should -Be 200 + } + + It "Retrieve properties of an groupLifecyclePolicy" { + $result = Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupLifecyclePolicyId is empty" { + { Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'*" + } + + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string." + } + + It "Should contain GroupLifecyclePolicyId in parameters when passed GroupLifecyclePolicyId to it" { + $result = Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.GroupLifecyclePolicyId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Property parameter should work" { + $result = Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupLifecyclePolicy" + + $result = Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraGroupMember.Tests.ps1 b/test/Entra/Groups/Get-EntraGroupMember.Tests.ps1 new file mode 100644 index 0000000000..30b72d4b56 --- /dev/null +++ b/test/Entra/Groups/Get-EntraGroupMember.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "value"= @{ + "DisplayName" = "demo" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "@odata.type" = "#microsoft.graph.user" + "Description" = "test" + } + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraGroupMember" { + Context "Test for Get-EntraGroupMember" { + It "Should return specific group" { + $result = Get-EntraGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Contain 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is invalid" { + { Get-EntraGroupMember -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when GroupId is empty" { + { Get-EntraGroupMember -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when Top is empty" { + { Get-EntraGroupMember -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is invalid" { + { Get-EntraGroupMember -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return all group" { + $result = Get-EntraGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should return top group" { + $result = @(Get-EntraGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -top 1 -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupMember" + + $result = Get-EntraGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupMember" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraGroupOwner.Tests.ps1 b/test/Entra/Groups/Get-EntraGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..48434a44dd --- /dev/null +++ b/test/Entra/Groups/Get-EntraGroupOwner.Tests.ps1 @@ -0,0 +1,141 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $mockResponse = { + return @{ + value = @( + @{ + "DeletedDateTime" = $null + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.user" + "businessPhones" = @("425-555-0100") + "displayName" = "MOD Administrator" + "givenName" = "MOD" + "mail" = "admin@contoso.com" + "mobilePhone" = "425-555-0101" + "preferredLanguage" = "en" + "surname" = "Administrator" + "userPrincipalName" = "admin@contoso.com" + } + "Parameters" = $args + } + ) + } + } + Mock -CommandName Invoke-GraphRequest -MockWith $mockResponse -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraGroupOwner" { + Context "Test for Get-EntraGroupOwner" { + It "Get a group owner by GroupId" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + $result.DeletedDateTime | should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Get a group owner by alias" { + $result = Get-EntraGroupOwner -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + $result.DeletedDateTime | should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Get-EntraGroupOwner -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Get-EntraGroupOwner -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Gets all group owners" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Gets two group owners" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 2 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top XY} | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain GroupId" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $groupId= $params | ConvertTo-json | ConvertFrom-Json + $groupId.Uri -match "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -BeTrue + } + + It "Property parameter should work" { + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupOwner" + + $result = Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraGroupOwner" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraGroupOwner -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraLifecyclePolicyGroup.Tests.ps1 b/test/Entra/Groups/Get-EntraLifecyclePolicyGroup.Tests.ps1 new file mode 100644 index 0000000000..a6b0766adc --- /dev/null +++ b/test/Entra/Groups/Get-EntraLifecyclePolicyGroup.Tests.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = 200 + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "ManagedGroupTypes" = "All" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgGroupLifecyclePolicyByGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraLifecyclePolicyGroup" { + Context "Test for Get-EntraLifecyclePolicyGroup" { + It "Retrieve lifecycle policy object" { + $result = Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicyByGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Retrieve lifecycle policy object with alias" { + $result = Get-EntraLifecyclePolicyGroup -Id "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicyByGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Get-EntraLifecyclePolicyGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Get-EntraLifecyclePolicyGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + } + + It "Property parameter should work" { + $result = Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicyByGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraLifecyclePolicyGroup" + + $result = Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraLifecyclePolicyGroup" + + Should -Invoke -CommandName Get-MgGroupLifecyclePolicyByGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraLifecyclePolicyGroup -GroupId "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Get-EntraObjectSetting.Tests.ps1 b/test/Entra/Groups/Get-EntraObjectSetting.Tests.ps1 new file mode 100644 index 0000000000..d272e299d1 --- /dev/null +++ b/test/Entra/Groups/Get-EntraObjectSetting.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraObjectSetting with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + id = "bbbbbbbb-1111-2222-3333-cccccccccccc" + displayName = 'Group.Unified.Guest' + values = @{value=$false; name="AllowToAddGuests"} + templateId = "bbbbbbbb-1111-2222-3333-cccccccccaaa" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Get-EntraObjectSetting" { + Context "Test for Get-EntraObjectSetting" { + It "Should return specific Object Setting" { + $result = Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when TargetType is empty" { + { Get-EntraObjectSetting -TargetType } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when Top is empty" { + { Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all Object Setting" { + $result = Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should return top Object Setting" { + $result = @(Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should contain ID in parameters when passed TargetType TargetObjectId to it" { + $result = Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraObjectSetting" + $result = Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraObjectSetting" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should contain property when passed property to it" { + $result = Get-EntraObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName + $result.displayName | Should -Not -BeNullOrEmpty + } + } +} diff --git a/test/Entra/Groups/Invalid.Tests.ps1 b/test/Entra/Groups/Invalid.Tests.ps1 new file mode 100644 index 0000000000..437a3a586e --- /dev/null +++ b/test/Entra/Groups/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Groups)){ + Import-Module Microsoft.Entra.Groups +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Groups + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/Groups/Module.Tests.ps1 b/test/Entra/Groups/Module.Tests.ps1 new file mode 100644 index 0000000000..b3e48403f2 --- /dev/null +++ b/test/Entra/Groups/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Groups Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Groups + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Groups + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Groups + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Groups.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Groups + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Groups -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/Groups/New-EntraGroup.Tests.ps1 b/test/Entra/Groups/New-EntraGroup.Tests.ps1 new file mode 100644 index 0000000000..ab9f60cc28 --- /dev/null +++ b/test/Entra/Groups/New-EntraGroup.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + #Write-Host "Mocking New-EntraGroup with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DisplayName" = "demo" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "MailEnabled" = "False" + "Description" = "test" + "MailNickname" = "demoNickname" + "SecurityEnabled" = "True" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "New-EntraGroup" { + Context "Test for New-EntraGroup" { + It "Should return created Group" { + $result = New-EntraGroup -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Description "test" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "demo" + $result.MailEnabled | should -Be "False" + $result.SecurityEnabled | should -Be "True" + $result.Description | should -Be "test" + + Should -Invoke -CommandName New-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when parameters are invalid" { + { New-EntraGroup -DisplayName "" -MailEnabled "" -SecurityEnabled "" -MailNickName "" -Description "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when parameters are empty" { + { New-EntraGroup -DisplayName -MailEnabled -SecurityEnabled -MailNickName -Description } | Should -Throw "Missing an argument for parameter*" + } + It "Result should Contain ObjectId" { + $result = New-EntraGroup -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Description "test" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroup" + $result = New-EntraGroup -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Description "test" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroup" + Should -Invoke -CommandName New-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraGroup -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/New-EntraGroupAppRoleAssignment.Tests.ps1 b/test/Entra/Groups/New-EntraGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..01e0c44903 --- /dev/null +++ b/test/Entra/Groups/New-EntraGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,117 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AppRoleId" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "CreatedDateTime" = "06-05-2024 05:42:01" + "DeletedDateTime" = $null + "PrincipalDisplayName" = "Mock-Group" + "PrincipalId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ResourceId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "ResourceDisplayName" = "Mock-Group" + "PrincipalType" = "PrincipalType" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#groups('aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb')/appRoleAssignments/$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgGroupAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "New-EntraGroupAppRoleAssignment" { +Context "Test for New-EntraGroupAppRoleAssignment" { + It "Should return created Group AppRole Assignment" { + $result = New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + + Should -Invoke -CommandName New-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return created Group AppRole Assignment with alias" { + $result = New-EntraGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + + Should -Invoke -CommandName New-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when ObjectlId is empty" { + { New-EntraGroupAppRoleAssignment -GroupId -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when ObjectlId is invalid" { + { New-EntraGroupAppRoleAssignment -GroupId "" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when PrincipalId is empty" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'PrincipalId'*" + } + It "Should fail when PrincipalId is invalid" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'PrincipalId' because it is an empty string." + } + It "Should fail when ResourceId is empty" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'ResourceId'*" + } + It "Should fail when ResourceId is invalid" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'ResourceId' because it is an empty string." + } + It "Should fail when Id is empty" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -AppRoleId } | Should -Throw "Missing an argument for parameter 'AppRoleId'*" + } + It "Should fail when Id is invalid" { + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -AppRoleId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleId' because it is an empty string." + } + It "Result should Contain GroupId" { + $result = New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Should contain AppRoleId in parameters when passed Id to it" { + $result = New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupAppRoleAssignment" + + $result = New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupAppRoleAssignment" + + Should -Invoke -CommandName New-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Groups/New-EntraGroupLifecyclePolicy.Tests.ps1 b/test/Entra/Groups/New-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..0d4105900c --- /dev/null +++ b/test/Entra/Groups/New-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,87 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AlternateNotificationEmails" = "example@contoso.com" + "GroupLifetimeInDays" = "99" + "ManagedGroupTypes" = "Selected" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "New-EntraGroupLifecyclePolicy" { + Context "Test for New-EntraGroupLifecyclePolicy" { + It "Should return created GroupLifecyclePolicy" { + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.GroupLifetimeInDays | should -Be "99" + $result.ManagedGroupTypes | should -Be "Selected" + $result.AlternateNotificationEmails | should -Be "example@contoso.com" + + Should -Invoke -CommandName New-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupLifetimeInDays is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot process argument transformation on parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when GroupLifetimeInDays is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when ManagedGroupTypes is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot bind argument to parameter 'ManagedGroupTypes' because it is an empty string.*" + } + It "Should fail when ManagedGroupTypes is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'ManagedGroupTypes'.*" + } + It "Should fail when AlternateNotificationEmails is invalid" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "" } | Should -Throw "Cannot bind argument to parameter 'AlternateNotificationEmails' because it is an empty string.*" + } + It "Should fail when AlternateNotificationEmails is empty" { + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails } | Should -Throw "Missing an argument for parameter 'AlternateNotificationEmails'.*" + } + It "Result should Contain ObjectId" { + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupLifecyclePolicy" + + $result = New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName New-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Remove-EntraGroup.Tests.ps1 b/test/Entra/Groups/Remove-EntraGroup.Tests.ps1 new file mode 100644 index 0000000000..f9064dffc6 --- /dev/null +++ b/test/Entra/Groups/Remove-EntraGroup.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgGroup -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraGroup" { + Context "Test for Remove-EntraGroup" { + It "Should return empty object" { + $result = Remove-EntraGroup -GroupId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraGroup -ObjectId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is invalid" { + { Remove-EntraGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when GroupId is empty" { + { Remove-EntraGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgGroup -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Remove-EntraGroup -GroupId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroup" + + Remove-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroup" + + Should -Invoke -CommandName Remove-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Remove-EntraGroupAppRoleAssignment.Tests.ps1 b/test/Entra/Groups/Remove-EntraGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..40db336ce0 --- /dev/null +++ b/test/Entra/Groups/Remove-EntraGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraGroupAppRoleAssignment" { + Context "Test for Remove-EntraGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should return empty object with Alias" { + $result = Remove-EntraGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is empty" { + { Remove-EntraGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Remove-EntraGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" + } + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" + + Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/Groups/Remove-EntraGroupLifecyclePolicy.Tests.ps1 b/test/Entra/Groups/Remove-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..b7fdb69354 --- /dev/null +++ b/test/Entra/Groups/Remove-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgGroupLifecyclePolicy -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraGroupLifecyclePolicy" { + Context "Test for Remove-EntraGroupLifecyclePolicy" { + It "Should remove a groupLifecyclePolicies" { + $result = Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraGroupLifecyclePolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupLifecyclePolicyId is empty" { + { Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'*" + } + + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string." + } + + It "Should contain GroupLifecyclePolicyId in parameters when passed GroupLifecyclePolicyId to it" { + Mock -CommandName Remove-MgGroupLifecyclePolicy -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result + $params.GroupLifecyclePolicyId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupLifecyclePolicy" + + Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName Remove-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Remove-EntraGroupMember.Tests.ps1 b/test/Entra/Groups/Remove-EntraGroupMember.Tests.ps1 new file mode 100644 index 0000000000..0ec3c58073 --- /dev/null +++ b/test/Entra/Groups/Remove-EntraGroupMember.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgGroupMemberByRef -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraGroupMember" { + Context "Test for Remove-EntraGroupMember" { + It "Should reemove a member" { + $result = Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupMemberByRef -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Remove-EntraGroupMember -GroupId -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraGroupMember -GroupId "" -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when MemberId is empty" { + { Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId } | Should -Throw "Missing an argument for parameter 'MemberId'*" + } + + It "Should fail when MemberId is invalid" { + { Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId "" } | Should -Throw "Cannot bind argument to parameter 'MemberId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgGroupMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "11112222-bbbb-3333-cccc-4444dddd5555" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupMember" + + Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupMember" + + Should -Invoke -CommandName Remove-MgGroupMemberByRef -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroupMember -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -MemberId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Remove-EntraGroupOwner.Tests.ps1 b/test/Entra/Groups/Remove-EntraGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..da390913d2 --- /dev/null +++ b/test/Entra/Groups/Remove-EntraGroupOwner.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgGroupOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraGroupOwner" { + Context "Test for Remove-EntraGroupOwner" { + It "Should remove an owner" { + $result = Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupOwnerByRef -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Remove-EntraGroupOwner -GroupId -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraGroupOwner -GroupId "" -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when OwnerId is empty" { + { Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId } | Should -Throw "Missing an argument for parameter 'OwnerId'*" + } + + It "Should fail when OwnerId is invalid" { + { Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId "" } | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "11112222-bbbb-3333-cccc-4444dddd5555" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupOwner" + + Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupOwner" + + Should -Invoke -CommandName Remove-MgGroupOwnerByRef -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroupOwner -GroupId "11112222-bbbb-3333-cccc-4444dddd5555" -OwnerId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Remove-EntraLifecyclePolicyGroup.Tests.ps1 b/test/Entra/Groups/Remove-EntraLifecyclePolicyGroup.Tests.ps1 new file mode 100644 index 0000000000..f8e0cef30d --- /dev/null +++ b/test/Entra/Groups/Remove-EntraLifecyclePolicyGroup.Tests.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Value" = $true + "Parameters" = $args + } + ) + } + Mock -CommandName Remove-MgGroupFromLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Remove-EntraLifecyclePolicyGroup" { + Context "Test for Remove-EntraLifecyclePolicyGroup" { + It "Should remove a group from a lifecycle policy" { + $result = Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $result.Value | Should -Be $true + + Should -Invoke -CommandName Remove-MgGroupFromLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should remove a group from a lifecycle policy with alias" { + $result = Remove-EntraLifecyclePolicyGroup -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $result.Value | Should -Be $true + + Should -Invoke -CommandName Remove-MgGroupFromLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when GroupLifecyclePolicyId is empty" { + { Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'*" + } + + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string." + } + + It "Should fail when GroupId is empty" { + { Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should contain GroupLifecyclePolicyId in parameters when passed GroupLifecyclePolicyId to it" { + $result = Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "bea81df1-91cb-4b6e-aa79-b40888fe0b8b" + $params = Get-Parameters -data $result.Parameters + $params.GroupLifecyclePolicyId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "ccccdddd-2222-eeee-3333-ffff4444aaaa" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraLifecyclePolicyGroup" + + Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraLifecyclePolicyGroup" + + Should -Invoke -CommandName Remove-MgGroupFromLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -GroupId "ccccdddd-2222-eeee-3333-ffff4444aaaa" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Reset-EntraLifeCycleGroup.Tests.ps1 b/test/Entra/Groups/Reset-EntraLifeCycleGroup.Tests.ps1 new file mode 100644 index 0000000000..8fba530930 --- /dev/null +++ b/test/Entra/Groups/Reset-EntraLifeCycleGroup.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-MgRenewGroup -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Reset-EntraLifeCycleGroup" { + Context "Test for Reset-EntraLifeCycleGroup" { + It "Should renews a specified group" { + $result = Reset-EntraLifeCycleGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-MgRenewGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when Id is empty" { + { Reset-EntraLifeCycleGroup -Id } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + + It "Should fail when Id is invalid" { + { Reset-EntraLifeCycleGroup -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed Id to it" { + Mock -CommandName Invoke-MgRenewGroup -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Reset-EntraLifeCycleGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Reset-EntraLifeCycleGroup" + + Reset-EntraLifeCycleGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Reset-EntraLifeCycleGroup" + + Should -Invoke -CommandName Invoke-MgRenewGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Reset-EntraLifeCycleGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 b/test/Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 new file mode 100644 index 0000000000..dc3ebd5c83 --- /dev/null +++ b/test/Entra/Groups/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgContactMemberOfAsGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Select-EntraGroupIdsContactIsMemberOf" { + Context "Test for Select-EntraGroupIdsContactIsMemberOf" { + It "Should return specific Contact Membership" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $UserID = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result = Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + $result | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgContactMemberOfAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when ObjectId is missing" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsContactIsMemberOf -ObjectId -GroupIdsForMembershipCheck $Groups } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is empty" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsContactIsMemberOf -ObjectId "" -GroupIdsForMembershipCheck $Groups } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when GroupIdsForMembershipCheck is empty" { + $UserID = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + { Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck } | Should -Throw "Missing an argument for parameter 'GroupIdsForMembershipCheck'*" + } + + It "Should fail when GroupIdsForMembershipCheck is invalid" { + $UserID = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + { Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck "xyz" } | Should -Throw "Cannot process argument transformation on parameter 'GroupIdsForMembershipCheck'.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsContactIsMemberOf" + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $UserID = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result = Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsContactIsMemberOf" + + Should -Invoke -CommandName Get-MgContactMemberOfAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $UserID = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Select-EntraGroupIdsContactIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 b/test/Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 new file mode 100644 index 0000000000..7e47232655 --- /dev/null +++ b/test/Entra/Groups/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "Parameters" = $args + } + ) + } + $scriptblock2 = { + # Write-Host "Mocking Get-EntraGroup with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DisplayName" = "demo" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "MailEnabled" = "False" + "Description" = "test" + "MailNickname" = "demoNickname" + "SecurityEnabled" = "True" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgGroupMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups + Mock -CommandName Get-MgGroup -MockWith $scriptblock2 -ModuleName Microsoft.Entra.Groups +} + +Describe "Select-EntraGroupIdsGroupIsMemberOf" { + Context "Test for Select-EntraGroupIdsGroupIsMemberOf" { + It "Should return specific Group Membership" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $GroupID = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result = Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupID -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + $result | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgGroupMemberOf -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when ObjectId is missing" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsGroupIsMemberOf -ObjectId -GroupIdsForMembershipCheck $Groups } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is empty" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsGroupIsMemberOf -ObjectId "" -GroupIdsForMembershipCheck $Groups } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when GroupIdsForMembershipCheck is empty" { + $GroupID = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupID -GroupIdsForMembershipCheck } | Should -Throw "Missing an argument for parameter 'GroupIdsForMembershipCheck'*" + } + + It "Should fail when GroupIdsForMembershipCheck is invalid" { + $GroupID = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + { Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupID -GroupIdsForMembershipCheck "Xy" } | Should -Throw "Cannot process argument transformation on parameter 'GroupIdsForMembershipCheck'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsGroupIsMemberOf" + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $GroupID = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupID -GroupIdsForMembershipCheck $Groups + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-EntraGroupIdsGroupIsMemberOf" + + Should -Invoke -CommandName Get-MgGroupMemberOf -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $GroupID = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Select-EntraGroupIdsGroupIsMemberOf -ObjectId $GroupID -GroupIdsForMembershipCheck $Groups -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 b/test/Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 new file mode 100644 index 0000000000..9b43b40d79 --- /dev/null +++ b/test/Entra/Groups/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 @@ -0,0 +1,79 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgUserMemberOfAsGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Select-EntraGroupIdsUserIsMemberOf" { + Context "Test for Select-EntraGroupIdsUserIsMemberOf" { + It "Should return group membership id's" { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $userID = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result = Select-entraGroupIdsUserIsMemberOf -ObjectId $UserId -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + $result | Should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgUserMemberOfAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + + It "Should fail when UserID is invalid " { + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $UserID = "" + { Select-EntraGroupIdsUserIsMemberOf -ObjectId $UserID -GroupIdsForMembershipCheck $Groups } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-entraGroupIdsUserIsMemberOf" + + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $userID = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result = Select-entraGroupIdsUserIsMemberOf -ObjectId $UserId -GroupIdsForMembershipCheck $Groups + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Select-entraGroupIdsUserIsMemberOf" + + Should -Invoke -CommandName Get-MgUserMemberOfAsGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $Groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck + $Groups.GroupIds = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $userID = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Select-entraGroupIdsUserIsMemberOf -ObjectId $UserId -GroupIdsForMembershipCheck $Groups -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + + } +} + diff --git a/test/Entra/Groups/Set-EntraGroup.Tests.ps1 b/test/Entra/Groups/Set-EntraGroup.Tests.ps1 new file mode 100644 index 0000000000..fe7d964057 --- /dev/null +++ b/test/Entra/Groups/Set-EntraGroup.Tests.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Groups) -eq $null){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgGroup -MockWith {} -ModuleName Microsoft.Entra.Groups +} + +Describe "Set-EntraGroup" { + Context "Test for Set-EntraGroup" { + It "Should return empty object" { + $result = Set-EntraGroup -GroupId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Description "test" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraGroup -Id bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "demo" -MailEnabled $false -SecurityEnabled $true -MailNickName "demoNickname" -Description "test" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should fail when GroupId is invalid" { + { Set-EntraGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when GroupId is empty" { + { Set-EntraGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Update-MgGroup -MockWith {$args} -ModuleName Microsoft.Entra.Groups + + $result = Set-EntraGroup -GroupId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroup" + + Set-EntraGroup -Id bbbbbbbb-1111-2222-3333-cccccccccccc + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroup" + Should -Invoke -CommandName Update-MgGroup -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraGroup -Id bbbbbbbb-1111-2222-3333-cccccccccccc } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Set-EntraGroupLifecyclePolicy.Tests.ps1 b/test/Entra/Groups/Set-EntraGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..73e65f92e0 --- /dev/null +++ b/test/Entra/Groups/Set-EntraGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Groups) -eq $null) { + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = "100" + "ManagedGroupTypes" = "All" + "Parameters" = $args + } + ) + } + + Mock -CommandName Update-MgGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Groups +} + +Describe "Set-EntraGroupLifecyclePolicy" { + Context "Test for Set-EntraGroupLifecyclePolicy" { + It "Should return updated GroupLifecyclePolicy" { + $result = Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.GroupLifetimeInDays | should -Be "100" + $result.ManagedGroupTypes | should -Be "All" + $result.AlternateNotificationEmails | should -Be "admingroup@contoso.com" + + Should -Invoke -CommandName Update-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraGroupLifecyclePolicy -Id "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + } + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string.*" + } + It "Should fail when GroupLifecyclePolicyId is empty" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'.*" + } + It "Should fail when GroupLifetimeInDays is invalid" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot process argument transformation on parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when GroupLifetimeInDays is empty" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when ManagedGroupTypes is empty" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'ManagedGroupTypes'.*" + } + It "Should fail when AlternateNotificationEmails is empty" { + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails } | Should -Throw "Missing an argument for parameter 'AlternateNotificationEmails'.*" + } + It "Result should Contain ObjectId" { + $result = Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroupLifecyclePolicy" + + $result = Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraGroupLifecyclePolicy" + + Should -Invoke -CommandName Update-MgGroupLifecyclePolicy -ModuleName Microsoft.Entra.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Groups/Valid.Tests.ps1 b/test/Entra/Groups/Valid.Tests.ps1 new file mode 100644 index 0000000000..09183dedca --- /dev/null +++ b/test/Entra/Groups/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Groups)){ + Import-Module Microsoft.Entra.Groups + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Groups +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Groups + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Groups + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Groups -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Groups + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Groups -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Groups + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Groups -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/Entra/New-EntraInvitation.Tests.ps1 b/test/Entra/New-EntraInvitation.Tests.ps1 new file mode 100644 index 0000000000..d7c0ac4c68 --- /dev/null +++ b/test/Entra/New-EntraInvitation.Tests.ps1 @@ -0,0 +1,230 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +# BeforeAll { +# if((Get-Module -Name Microsoft.Entra) -eq $null){ +# Import-Module Microsoft.Entra +# } +# Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + +# $scriptblock = { +# return @( +# [PSCustomObject]@{ +# "Id" = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" +# "InviteRedeemUrl" = "https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3dd5aec55f-2d12-4442-8d2f-ccca95d4390e%26user%3d3135a58d-b417-40ae-bb44-a82df52b7957%26ticket%3dzbiyasVbMTkRKVom98YD%25252fOJvkr2WRQsI2Om6Z62TDYg%25253d%26ver%3d2.0" +# "InviteRedirectUrl" = "http://myapps.contoso.com/" +# "InvitedUser" = @{ +# "AboutMe" = "" +# "AccountEnabled" = "" +# "Activities" = "" +# "AgeGroup" = "" +# "AgreementAcceptances" = "" +# "AppRoleAssignments" = "" +# "AssignedLicenses" = "" +# "AssignedPlans" = "" +# "Authentication" = "" +# "AuthorizationInfo" = "" +# "Birthday" = "" +# "BusinessPhones" = "" +# "Calendar" = "" +# "CalendarGroups" = "" +# "CalendarView" = "" +# "Calendars" = "" +# "Chats" = "" +# "City" = "" +# "CompanyName" = "" +# "ConsentProvidedForMinor" = "" +# "ContactFolders" = "" +# "Contacts" = "" +# "Country" = "" +# "CreatedDateTime" = "" +# "CreatedObjects" = "" +# "CreationType" = "" +# "CustomSecurityAttributes" = "" +# "DeletedDateTime" = "" +# "Department" = "" +# "DeviceEnrollmentLimit" = "" +# "DeviceManagementTroubleshootingEvents" = "" +# "DirectReports" = "" +# "DisplayName" = "" +# "Drive" = "" +# "Drives" = "" +# "EmployeeExperience" = "" +# "EmployeeHireDate" = "" +# "EmployeeId" = "" +# "EmployeeLeaveDateTime" = "" +# "EmployeeOrgData" = "" +# "EmployeeType" = "" +# "Events" = "" +# "Extensions" = "" +# "ExternalUserState" = "" +# "ExternalUserStateChangeDateTime" = "" +# "FaxNumber" = "" +# "FollowedSites" = "" +# "GivenName" = "" +# "HireDate" = "" +# "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" +# "Identities" = "" +# "ImAddresses" = "" +# "InferenceClassification" = "" +# "Insights" = "" +# "Interests" = "" +# "IsResourceAccount" = "" +# "JobTitle" = "" +# "JoinedTeams" = "" +# "LastPasswordChangeDateTime" = "" +# "LegalAgeGroupClassification" = "" +# "LicenseAssignmentStates" = "" +# "LicenseDetails" = "" +# "Mail" = "" +# "MailFolders" = "" +# "MailNickname" = "" +# "MailboxSettings" = "" +# "ManagedAppRegistrations" = "" +# "ManagedDevices" = "" +# "Manager" = "" +# "MemberOf" = "" +# "Messages" = "" +# "MobilePhone" = "" +# "MySite" = "" +# "Oauth2PermissionGrants" = "" +# "OfficeLocation" = "" +# "OnPremisesDistinguishedName" = "" +# "OnPremisesDomainName" = "" +# "OnPremisesExtensionAttributes" = "" +# "OnPremisesImmutableId" = "" +# "OnPremisesLastSyncDateTime" = "" +# "OnPremisesProvisioningErrors" = "" +# "OnPremisesSamAccountName" = "" +# "OnPremisesSecurityIdentifier" = "" +# "OnPremisesSyncEnabled" = "" +# "OnPremisesUserPrincipalName" = "" +# "Onenote" = "" +# "OnlineMeetings" = "" +# "OtherMails" = "" +# "Outlook" = "" +# "OwnedDevices" = "" +# "OwnedObjects" = "" +# "PasswordPolicies" = "" +# "PasswordProfile" = "" +# "PastProjects" = "" +# "People" = "" +# "PermissionGrants" = "" +# "Photo" = "" +# "Photos" = "" +# "Planner" = "" +# "PostalCode" = "" +# "PreferredDataLocation" = "" +# "PreferredLanguage" = "" +# "PreferredName" = "" +# "Presence" = "" +# "Print" = "" +# "ProvisionedPlans" = "" +# "ProxyAddresses" = "" +# "RegisteredDevices" = "" +# "Responsibilities" = "" +# "Schools" = "" +# "ScopedRoleMemberOf" = "" +# "SecurityIdentifier" = "" +# "ServiceProvisioningErrors" = "" +# "Settings" = "" +# "ShowInAddressList" = "" +# "SignInActivity" = "" +# "SignInSessionsValidFromDateTime" = "" +# "Skills" = "" +# "State" = "" +# "StreetAddress" = "" +# "Surname" = "" +# "Teamwork" = "" +# "Todo" = "" +# "TransitiveMemberOf" = "" +# "UsageLocation" = "" +# "UserPrincipalName" = "SawyerM@contoso.com" +# "UserType" = "Guest" +# } +# "InvitedUserDisplayName" = "" +# "InvitedUserEmailAddress" = "SawyerM@contoso.com" +# "InvitedUserMessageInfo" = @{ +# "CcRecipients" = [System.Object]@() +# "CustomizedMessageBody" = "" +# "MessageLanguage" = "" +# } +# "InvitedUserType" = "Guest" +# "ResetRedemption" = $false +# "SendInvitationMessage" = $true +# "Status" = "PendingAcceptance" +# "AdditionalProperties" = @{ +# "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#invitations/$entity" +# } +# "Parameters" = $args +# } +# ) +# } +# Mock -CommandName New-MgInvitation -MockWith $scriptblock -ModuleName Microsoft.Entra +# } + +# Describe "New-EntraInvitation" { +# Context "Test for New-EntraInvitation" { +# It "Should invite a new external user to your directory" { +# $result = New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage $True -InviteRedirectUrl "http://myapps.contoso.com" +# $result | Should -Not -BeNullOrEmpty +# $result.Id | Should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" +# $result.Status | Should -Be "PendingAcceptance" +# $result.InvitedUser.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" +# $result.InvitedUser.UserPrincipalName | Should -Be "SawyerM@contoso.com" +# $result.InvitedUser.UserType | Should -Be "Guest" +# $result.InvitedUserEmailAddress | Should -Be "SawyerM@contoso.com" +# $result.InvitedUserType | Should -Be "Guest" +# $result.ResetRedemption | Should -Be $false +# $result.SendInvitationMessage | Should -Be $true +# $result.InvitedUserDisplayName | Should -BeNullOrEmpty + +# Should -Invoke -CommandName New-MgInvitation -ModuleName Microsoft.Entra -Times 1 +# } + +# It "Should fail when parameters are empty" { +# { New-EntraInvitation -InvitedUserEmailAddress -SendInvitationMessage -InviteRedirectUrl } | Should -Throw "Missing an argument for parameter*" +# } + +# It "Should fail when InviteRedirectUrl parameter are Invalid" { +# { New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage $True -InviteRedirectUrl "" } | Should -Throw "Cannot bind argument to parameter 'InviteRedirectUrl' because it is an empty string." +# } + +# It "Should fail when SendInvitationMessage parameter are Invalid" { +# { New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage "123" -InviteRedirectUrl "http://myapps.contoso.com" } | Should -Throw "Cannot process argument transformation on parameter*" +# } + +# It "Should fail when InvitedUserEmailAddress parameter are Invalid" { +# { New-EntraInvitation -InvitedUserEmailAddress "" -SendInvitationMessage $True -InviteRedirectUrl "http://myapps.contoso.com" } | Should -Throw "Cannot bind argument to parameter 'InvitedUserEmailAddress' because it is an empty string." +# } + +# It "Should contain ObjectId in result" { +# $result = New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage $True -InviteRedirectUrl "http://myapps.contoso.com" +# $result.ObjectId | should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" +# } + +# It "Should contain 'User-Agent' header" { +# $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraInvitation" +# $result = New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage $True -InviteRedirectUrl "http://myapps.contoso.com" +# $result | Should -Not -BeNullOrEmpty +# $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraInvitation" +# Should -Invoke -CommandName New-MgInvitation -ModuleName Microsoft.Entra -Times 1 -ParameterFilter { +# $Headers.'User-Agent' | Should -Be $userAgentHeaderValue +# $true +# } +# } +# It "Should execute successfully without throwing an error " { +# # Disable confirmation prompts +# $originalDebugPreference = $DebugPreference +# $DebugPreference = 'Continue' + +# try { +# # Act & Assert: Ensure the function doesn't throw an exception +# { New-EntraInvitation -InvitedUserEmailAddress SawyerM@contoso.com -SendInvitationMessage $True -InviteRedirectUrl "http://myapps.contoso.com" -Debug } | Should -Not -Throw +# } finally { +# # Restore original confirmation preference +# $DebugPreference = $originalDebugPreference +# } +# } +# } +# } diff --git a/test/Entra/Reports/Get-EntraAuditDirectoryLog.Tests.ps1 b/test/Entra/Reports/Get-EntraAuditDirectoryLog.Tests.ps1 new file mode 100644 index 0000000000..ee44ba6a5f --- /dev/null +++ b/test/Entra/Reports/Get-EntraAuditDirectoryLog.Tests.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Reports) -eq $null) { + Import-Module Microsoft.Entra.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraAuditDirectoryLog with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + category = 'DirectoryManagement' + resultReason = 'Successfully deleted [0] records for [[LicenseKey:][TenantId:bbbbbbbb-1111-2222-3333-ccccccccccc2][UserName:][UserObjectId:bbbbbbbb-1111-2222-3333-ccccccccccc1][HomeTenantId:bbbbbbbb-1111-2222-3333-cccccccccccc][AzureSovereign:WorldWide]]' + id = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + operationType = 'Delete' + loggedByService = 'Azure MFA12' + additionalDetails = @{ key = 'RequestId'; value = '00000000-0000-0000-0000-000000000000' } + activityDisplayName = 'DeleteDataFromBackend' + targetResources = @( + @{ + userPrincipalName = '' + groupType = '' + id = 'bbbbbbbb-1111-2222-3333-cccccccccaaa' + type = 'User' + displayName = '' + modifiedProperties = @() + } + ) + correlationId = 'bbbbbbbb-1111-2222-3333-cccccccccrrr' + result = 'success' + initiatedBy = @{ app = ''; user = '' } + activityDateTime = '06/19/2024 9:52:22 am' + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Reports +} + +Describe "Get-EntraAuditDirectoryLog" { + Context "Test for Get-EntraAuditDirectoryLog" { + It "Should return specific Audit Directory Logs" { + $result = Get-EntraAuditDirectoryLog -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraAuditDirectoryLog -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when filter is empty" { + { Get-EntraAuditDirectoryLog -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraAuditDirectoryLog -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraAuditDirectoryLog -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all Audit Directory Logs" { + $result = Get-EntraAuditDirectoryLog -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraAuditDirectoryLog -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return specific Audit Directory Logs by filter" { + $result = Get-EntraAuditDirectoryLog -Filter "correlationId eq 'bbbbbbbb-1111-2222-3333-cccccccccrrr'" + $result | Should -Not -BeNullOrEmpty + $result.id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should return top Audit Directory Logs" { + $result = @(Get-EntraAuditDirectoryLog -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should contain ID in parameters when passed Id to it" { + $result = Get-EntraAuditDirectoryLog -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + Mock -CommandName Invoke-GraphRequest -MockWith {$args} -ModuleName Microsoft.Entra.Reports + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuditDirectoryLog" + $result = Get-EntraAuditDirectoryLog -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAuditDirectoryLog -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Reports/Get-EntraAuditSignInLog.Tests.ps1 b/test/Entra/Reports/Get-EntraAuditSignInLog.Tests.ps1 new file mode 100644 index 0000000000..031f797823 --- /dev/null +++ b/test/Entra/Reports/Get-EntraAuditSignInLog.Tests.ps1 @@ -0,0 +1,122 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Reports) -eq $null) { + Import-Module Microsoft.Entra.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraAuditSignInLog with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + conditionalAccessStatus = 'success' + userId = 'bbbbbbbb-1111-2222-3333-cccccccccccc' + riskLevelDuringSignIn = 'none' + userPrincipalName = 'test@m365x99297270.onmicrosoft.com' + resourceDisplayName = 'Windows Azure Active SignIn' + riskEventTypes_v2 = @{} + ipAddress = '2409:40c2:401d:1cab:9464:4580:6282:b375' + status = @{} + clientAppUsed = 'Mobile Apps and Desktop clients' + isInteractive = 'True' + createdDateTime = '06/21/2024 7:07:42 am' + correlationId = 'bbbbbbbb-1111-2222-3333-cccccccccc11' + userDisplayName = 'MOD Administrator' + location = @{} + riskDetail = 'none' + appDisplayName = 'Azure Active SignIn PowerShell' + id = 'bbbbbbbb-1111-2222-3333-cccccccccc22' + appliedConditionalAccessPolicies =@{} + deviceDetail = @{} + riskLevelAggregated = 'none' + appId = 'bbbbbbbb-1111-2222-3333-cccccccccc55' + resourceId = 'bbbbbbbb-1111-2222-3333-cccccccccc66' + riskEventTypes = @{} + riskState = 'none' + + + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Reports +} + +Describe "Get-EntraAuditSignInLog" { + Context "Test for Get-EntraAuditSignInLog" { + It "Should return specific Audit SignIn Logs" { + $result = Get-EntraAuditSignInLog -SignInId "bbbbbbbb-1111-2222-3333-cccccccccc22" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc22' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should return specific Audit SignIn Logs with alias" { + $result = Get-EntraAuditSignInLog -Id "bbbbbbbb-1111-2222-3333-cccccccccc22" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc22' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should fail when SignInId is empty" { + { Get-EntraAuditSignInLog -SignInId } | Should -Throw "Missing an argument for parameter 'SignInId'*" + } + It "Should fail when filter is empty" { + { Get-EntraAuditSignInLog -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should fail when Top is empty" { + { Get-EntraAuditSignInLog -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraAuditSignInLog -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all Audit SignIn Logs" { + $result = Get-EntraAuditSignInLog -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraAuditSignInLog -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should return specific Audit SignIn Logs by filter" { + $result = Get-EntraAuditSignInLog -Filter "correlationId eq 'bbbbbbbb-1111-2222-3333-cccccccccc11'" + $result | Should -Not -BeNullOrEmpty + $result.id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc22' + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should return top Audit SignIn Logs" { + $result = @(Get-EntraAuditSignInLog -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + It "Should contain ID in parameters when passed Id to it" { + $result = Get-EntraAuditSignInLog -SignInId "bbbbbbbb-1111-2222-3333-cccccccccc22" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc22" + } + It "Should contain 'User-Agent' header" { + Mock -CommandName Invoke-GraphRequest -MockWith {$args} -ModuleName Microsoft.Entra.Reports + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuditSignInLog" + $result = Get-EntraAuditSignInLog -SignInId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAuditSignInLog -SignInId "bbbbbbbb-1111-2222-3333-cccccccccc22" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Reports/Invalid.Tests.ps1 b/test/Entra/Reports/Invalid.Tests.ps1 new file mode 100644 index 0000000000..bfac3c5f31 --- /dev/null +++ b/test/Entra/Reports/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Reports)){ + Import-Module Microsoft.Entra.Reports +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Reports + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} diff --git a/test/Entra/Reports/Module.Tests.ps1 b/test/Entra/Reports/Module.Tests.ps1 new file mode 100644 index 0000000000..5d3dc15293 --- /dev/null +++ b/test/Entra/Reports/Module.Tests.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Reports Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Reports) -eq $null){ + Import-Module Microsoft.Entra.Reports + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Reports + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Reports + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Reports + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Reports.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Reports + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Reports -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} + diff --git a/test/Entra/Reports/Valid.Tests.ps1 b/test/Entra/Reports/Valid.Tests.ps1 new file mode 100644 index 0000000000..c07e2e3cb5 --- /dev/null +++ b/test/Entra/Reports/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Reports)){ + Import-Module Microsoft.Entra.Reports + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Reports +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Reports + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Reports + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Reports -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Reports + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Reports -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Reports + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Reports -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} diff --git a/test/Entra/SignIns/Get-EntraAuthorizationPolicy.Tests.ps1 b/test/Entra/SignIns/Get-EntraAuthorizationPolicy.Tests.ps1 new file mode 100644 index 0000000000..1d7e02cc21 --- /dev/null +++ b/test/Entra/SignIns/Get-EntraAuthorizationPolicy.Tests.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DefaultUserRolePermissions" = @{AllowedToCreateApps = "False"; AllowedToCreateSecurityGroups = "False"; AllowedToCreateTenants = "True"; + AllowedToReadBitlockerKeysForOwnedDevice = "True"; AllowedToReadOtherUsers = "False"; PermissionGrantPoliciesAssigned = ""; + AdditionalProperties = "" + } + "DeletedDateTime" = $null + "GuestUserRoleId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DisplayName" = "AuthorizationPolicy" + "Description" = "AuthorizationPolicy" + "AllowEmailVerifiedUsersToJoinOrganization" = $True + "AllowedToSignUpEmailBasedSubscriptions" = $True + "AllowInvitesFrom" = "everyone" + "AllowUserConsentForRiskyApps" = "" + "AllowedToUseSspr" = $True + "BlockMsolPowerShell" = $True + "Id" = "authorizationPolicy" + "Parameters" = $args + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraAuthorizationPolicy" { + Context "Test for Get-EntraAuthorizationPolicy" { + It "Should return AuthorizationPolicy" { + $result = Get-EntraAuthorizationPolicy + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'authorizationPolicy' + $result.DisplayName | should -Be 'AuthorizationPolicy' + $result.Description | should -Be 'AuthorizationPolicy' + $result.AllowInvitesFrom | should -Be 'everyone' + $result.GuestUserRoleId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.AllowEmailVerifiedUsersToJoinOrganization | should -Be $True + $result.AllowedToSignUpEmailBasedSubscriptions | should -Be $True + $result.AllowedToUseSspr | should -Be $True + $result.BlockMsolPowerShell | should -Be $True + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return AuthorizationPolicy when passed Id" { + $result = Get-EntraAuthorizationPolicy -Id 'authorizationPolicy' + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'authorizationPolicy' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + {Get-EntraAuthorizationPolicy -Id ''} | Should -Throw 'Exception calling "Substring" with "2" argument*' + } + It "Should fail when Id is invalid" { + {Get-EntraAuthorizationPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Property parameter should work" { + $result = Get-EntraAuthorizationPolicy -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'AuthorizationPolicy' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraAuthorizationPolicy -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuthorizationPolicy" + + Get-EntraAuthorizationPolicy + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAuthorizationPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraAuthorizationPolicy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraConditionalAccessPolicy.Tests.ps1 b/test/Entra/SignIns/Get-EntraConditionalAccessPolicy.Tests.ps1 new file mode 100644 index 0000000000..4da190a36c --- /dev/null +++ b/test/Entra/SignIns/Get-EntraConditionalAccessPolicy.Tests.ps1 @@ -0,0 +1,117 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Conditions" = [PSCustomObject]@{ + "ClientAppTypes" = @("all") + "ServicePrincipalRiskLevels" = @() + "SignInRiskLevels" = @() + "UserRiskLevels" = @() + } + "CreatedDateTime" = "20-May-24 9:26:07 AM" + "Description" = "" + "DisplayName" = "MFA policy" + "GrantControls" = [PSCustomObject]@{ + "BuiltInControls" = @("mfa") + "CustomAuthenticationFactors" = @() + "Operator" = "OR" + "TermsOfUse" = @() + } + "Id" = "aaaaaaaa-1111-2222-3333-ccccccccccc" + "ModifiedDateTime" = "" + "SessionControls" = [PSCustomObject]@{ + "DisableResilienceDefaults" = $null + } + "State" = "enabled" + "TemplateId" = "" + "AdditionalProperties" = @{ + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#identity/conditionalAccess/policies/$entity" + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgIdentityConditionalAccessPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraConditionalAccessPolicy" { + Context "Test for Get-EntraConditionalAccessPolicy" { + It "Should retrieves a conditional access policy in Microsoft Entra ID with given ID" { + $result = Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result.ObjectId | Should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result.DisplayName | Should -Be "MFA policy" + $result.State | Should -Be "enabled" + + Should -Invoke -CommandName Get-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should retrieves a list of all conditional access policies in Microsoft Entra ID" { + $result = Get-EntraConditionalAccessPolicy + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Contain "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result.ObjectId | Should -Contain "aaaaaaaa-1111-2222-3333-ccccccccccc" + + Should -Invoke -CommandName Get-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'MFA policy' + } + + It "Should fail when PolicyId is empty" { + { Get-EntraConditionalAccessPolicy -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + + It "Should fail when PolicyId is invalid" { + { Get-EntraConditionalAccessPolicy -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string." + } + + It "Result should Contain ObjectId" { + $result = Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result.ObjectId | should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + } + + It "Should contain ConditionalAccessPolicyId in parameters when passed PolicyId to it" { + $result = Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.ConditionalAccessPolicyId | Should -Be "aaaaaaaa-1111-2222-3333-ccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraConditionalAccessPolicy" + $result = Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraConditionalAccessPolicy" + Should -Invoke -CommandName Get-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraConditionalAccessPolicy -PolicyId "aaaaaaaa-1111-2222-3333-ccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraFeatureRolloutPolicy.Tests.ps1 b/test/Entra/SignIns/Get-EntraFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..8a31bc7d78 --- /dev/null +++ b/test/Entra/SignIns/Get-EntraFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [Microsoft.Graph.PowerShell.Models.MicrosoftGraphFeatureRolloutPolicy]@{ + "DisplayName" = "Feature-Rollout-Policy" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "IsAppliedToOrganization" = "False" + "Description" = "Feature-Rollout-Policy" + "Feature" = "emailAsAlternateId" + "IsEnabled" = "True" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraFeatureRolloutPolicy" { + Context "Test for Get-EntraFeatureRolloutPolicy" { + It "Should return specific FeatureRolloutPolicy" { + $result = Get-EntraFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + { Get-EntraFeatureRolloutPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraFeatureRolloutPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when searchstring is empty" { + { Get-EntraFeatureRolloutPolicy -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should fail when filter is empty" { + { Get-EntraFeatureRolloutPolicy -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return specific FeatureRolloutPolicy by searchstring" { + $result = Get-EntraFeatureRolloutPolicy -SearchString 'Feature-Rollout-Policy' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Feature-Rollout-Policy' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return specific FeatureRolloutPolicy by filter" { + $result = Get-EntraFeatureRolloutPolicy -Filter "DisplayName -eq 'Feature-Rollout-Policy'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Feature-Rollout-Policy' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return specific Property" { + $result = Get-EntraFeatureRolloutPolicy -Property Id + $result.Id | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraFeatureRolloutPolicy" + + $result = Get-EntraFeatureRolloutPolicy + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraFeatureRolloutPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraFeatureRolloutPolicy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraIdentityProvider.Tests.ps1 b/test/Entra/SignIns/Get-EntraIdentityProvider.Tests.ps1 new file mode 100644 index 0000000000..208a02c4a9 --- /dev/null +++ b/test/Entra/SignIns/Get-EntraIdentityProvider.Tests.ps1 @@ -0,0 +1,105 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "Google-OAUTH" + "DisplayName" = "Mock-App" + "AdditionalProperties" = @{ + "@odata.context" = 'https://graph.microsoft.com/v1.0/$metadata#identity/identityProviders/$entity' + "@odata.type" = "#microsoft.graph.socialIdentityProvider" + "clientId" = "Google123" + "clientSecret" = "******" + "identityProviderType" = "Google" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgIdentityProvider -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraIdentityProvider" { +Context "Test for Get-EntraIdentityProvider" { + It "Should return specific identity provider" { + $result = Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "Google-OAUTH" + $result.DisplayName | Should -Be "Mock-App" + $result.identityProviderType | Should -Be "Google" + + Should -Invoke -CommandName Get-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return specific identity provider with alias" { + $result = Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "Google-OAUTH" + $result.DisplayName | Should -Be "Mock-App" + $result.identityProviderType | Should -Be "Google" + + Should -Invoke -CommandName Get-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraIdentityProvider -IdentityProviderBaseId } | Should -Throw "Missing an argument for parameter 'IdentityProviderBaseId'*" + } + It "Should fail when Id is invalid" { + { Get-EntraIdentityProvider -IdentityProviderBaseId "" } | Should -Throw "Cannot bind argument to parameter 'IdentityProviderBaseId' because it is an empty string." + } + It "Result should Contain Alias properties" { + $result = Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $result.ObjectId | should -Be "Google-OAUTH" + $result.Name | should -Be "Mock-App" + $result.Type | should -Be "Google" + } + It "Should contain IdentityProviderBaseId in parameters when passed Id to it" { + + $result = Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $params = Get-Parameters -data $result.Parameters + $params.IdentityProviderBaseId | Should -Be "Google-OAUTH" + } + It "Property parameter should work" { + $result = Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraIdentityProvider" + + Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraIdentityProvider" + + Should -Invoke -CommandName Get-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraOAuth2PermissionGrant.Tests.ps1 b/test/Entra/SignIns/Get-EntraOAuth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..f4981a919a --- /dev/null +++ b/test/Entra/SignIns/Get-EntraOAuth2PermissionGrant.Tests.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "ClientId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "PrincipalId" = $null + "ResourceId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ConsentType" = "AllPrincipals" + "Scope" = "Policy.Read.All Policy.ReadWrite.ConditionalAccess User.Read" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgOAuth2PermissionGrant -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraOAuth2PermissionGrant" { +Context "Test for Get-EntraOAuth2PermissionGrant" { + It "Should return OAuth2 Permission Grant" { + $result = Get-EntraOAuth2PermissionGrant + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.PrincipalId | Should -BeNullOrEmpty + $result.ClientId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + + Should -Invoke -CommandName Get-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return All Group AppRole Assignment" { + $result = Get-EntraOAuth2PermissionGrant -All + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.PrincipalId | Should -BeNullOrEmpty + $result.ClientId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + + + Should -Invoke -CommandName Get-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraOAuth2PermissionGrant -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 Group AppRole Assignment" { + $result = Get-EntraOAuth2PermissionGrant -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.PrincipalId | Should -BeNullOrEmpty + $result.ClientId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + + + Should -Invoke -CommandName Get-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraOAuth2PermissionGrant -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraOAuth2PermissionGrant -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain ObjectId" { + $result = Get-EntraOAuth2PermissionGrant -Top 1 + $result.ObjectId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Property parameter should work" { + $result = Get-EntraOAuth2PermissionGrant -Property ConsentType + $result | Should -Not -BeNullOrEmpty + $result.ConsentType | Should -Be 'AllPrincipals' + + Should -Invoke -CommandName Get-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraOAuth2PermissionGrant -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraOAuth2PermissionGrant" + + $result = Get-EntraOAuth2PermissionGrant -Top 1 + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraOAuth2PermissionGrant" + + Should -Invoke -CommandName Get-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraOAuth2PermissionGrant -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/SignIns/Get-EntraPermissionGrantConditionSet.Tests.ps1 b/test/Entra/SignIns/Get-EntraPermissionGrantConditionSet.Tests.ps1 new file mode 100644 index 0000000000..bda37ead0a --- /dev/null +++ b/test/Entra/SignIns/Get-EntraPermissionGrantConditionSet.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ClientApplicationIds" = {"All"} + "ClientApplicationPublisherIds" = {"All"} + "ClientApplicationTenantIds" = {"All"} + "ClientApplicationsFromVerifiedPublisherOnly" = $true + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgPolicyPermissionGrantPolicyInclude -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + Mock -CommandName Get-MgPolicyPermissionGrantPolicyExclude -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} +Describe "Get-EntraPermissionGrantConditionSet"{ + It "Should not return empty object for condition set 'includes'"{ + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should not return empty object for condition set 'excludes'"{ + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "excludes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when parameters are empty" { + { Get-EntraPermissionGrantConditionSet -PolicyId "" -ConditionSetType "" -Id ""} | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when parameters are null" { + { Get-EntraPermissionGrantConditionSet -PolicyId -ConditionSetType -Id} | Should -Throw "Missing an argument for parameter*" + } + It "Should contain PermissionGrantConditionSetId in parameters when passed Id to it" { + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantConditionSetId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain PermissionGrantPolicyId in parameters when passed PolicyId to it" { + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "policy1" + } + It "Property parameter should work" { + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when Property is empty" { + {Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantConditionSet" + $result = Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantConditionSet" + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraPermissionGrantPolicy.Tests.ps1 b/test/Entra/SignIns/Get-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..d35f033cdb --- /dev/null +++ b/test/Entra/SignIns/Get-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "microsoft-all-application-permissions" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "Includes all application permissions (app roles), for all APIs, for any client application." + "DisplayName" = "All application" + "Excludes" = @{} + "Includes" = @("00aa00aa-bb11-cc22-dd33-44ee44ee44ee") + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Get-EntraPermissionGrantPolicy" { + Context "Test for Get-EntraPermissionGrantPolicy" { + It "Should return specific PermissionGrantPolicy" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "microsoft-all-application-permissions" + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'. Specify a parameter of type 'System.String' and try again." + } + It "Result should Contain ObjectId" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result.ObjectId | should -Be "microsoft-all-application-permissions" + } + It "Should contain PermissionGrantPolicyId in parameters when passed ObjectId to it" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "microsoft-all-application-permissions" + } + It "Property parameter should work" { + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'All application' + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantPolicy" + + $result = Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Get-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraPolicy.Tests.ps1 b/test/Entra/SignIns/Get-EntraPolicy.Tests.ps1 new file mode 100644 index 0000000000..723f0752e2 --- /dev/null +++ b/test/Entra/SignIns/Get-EntraPolicy.Tests.ps1 @@ -0,0 +1,110 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $ScriptBlock = { + + $policyObject = [PSCustomObject]@{ + "value" = @( + [PSCustomObject]@{ + "id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + }, + [PSCustomObject]@{ + "id" = "bbbbbbbb-1111-1111-1111-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + }, + [PSCustomObject]@{ + "id" = "bbbbbbbb-2222-2222-2222-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + } + ) + } + + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies' + Value = $policyObject.value + } + + return $response + } + + Mock -CommandName Invoke-GraphRequest -MockWith $ScriptBlock -ModuleName Microsoft.Entra.SignIns +} +Describe "Get-EntraPolicy" { + Context "Test for Get-EntraPolicy" { + It "Should return specific Policy" { + $result = Get-EntraPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Contain 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return all Policies" { + $result = Get-EntraPolicy -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return all Policy" { + $result = Get-EntraPolicy -Top 1 + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + { Get-EntraPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Top is empty" { + { Get-EntraPolicy -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraPolicy -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should fail when All has an argument" { + { Get-EntraPolicy -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPolicy" + $result = Get-EntraPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Get-EntraTrustedCertificateAuthority.Tests.ps1 b/test/Entra/SignIns/Get-EntraTrustedCertificateAuthority.Tests.ps1 new file mode 100644 index 0000000000..040307900a --- /dev/null +++ b/test/Entra/SignIns/Get-EntraTrustedCertificateAuthority.Tests.ps1 @@ -0,0 +1,92 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "CertificateAuthorities" = @( + @{ + "isRootAuthority" = $true + "certificateRevocationListUrl"= "https://example.crl" + "deltaCertificateRevocationListUrl"= "https://test.crl" + "certificate"= + "MIIDADCCAeigAwIBAgIQZUf+HS6ftbZKl+KtsZRsTDANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhtc2NtZGxldDAeFw0yNDAzMDYwNzIwMzhaFw0yNT + AzMDYwNzQwMzhaMBMxETAPBgNVBAMMCG1zY21kbGV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxIWxFGyuCi8kxmdjJI1WfY7zWqtgwvpk + wswBKrYmzN1/MzG2YX9yXsSLSd8Exh45P28ET3HpstVCXU1NnlQLW6c1ZEicRfj+Lv/h/z7Ckip8ccpJUNTaeyygC0pvqYjn+6zIVstMSOjNrWbQ8KrHTCh + lL3YvzD96PLbRHHHVcdT35fjezayWhMBSoc7rPO5Y0zgo9jKQt5rsIlEM72VssHy2H+dFkTCw2LbNy06oMoHpwXIDuQJSWXTu//G/DAuMIQ9hFDXh8hXJN5 + NCuesPF0tPqF4MbcGLREV2k6+MC7WZGsu2zcnr44Us0GZEq7F/h+hRGUeVGa/1Ve2oJmFqQIDAQABo1AwTjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFA + YIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSgpCZWuICzX6fIkpoBGmIRMVD3iDANBgkqhkiG9w0BAQsFAAOCAQEAAYGPkNJMnBQ44FEIc7uWBI1dy + 3qtSVX3oLIawt2qtRiy7QybJCrVFhh7L5P2wcJeQAKJCwc6kL+KzL1IUSrieNt2OK0FblcW6yqLE4RnJEaa30Uog5Cwji8EOXwo1SA6P6ltXMC3qULCNjsf + VivDE3urizDBDvA8qBnh7vaQooiIwwxA0i+lqeGjB4ySpIR4rjM7PNISOWctmdgoFydJkBsyjGfTilZWI2Y4duW+CULJtuIQtw/buY/Km+CcBbbLAbE+PGF + MpTynQ2Lh66QPFimLCldkgFBsy0ShM5zMHhd8zJP3iDZ46eO03Hw/NZK/GXya3gAzDxmzaEc6iiFSig==" + "issuer"= "CN=mscmdlet" + "issuerSki"= "A0A42656B880B35FA7C8929A011A62113150F788" + "Parameters" = $args + } + ) + } + } + $tenantObj = { + return @( + [PSCustomObject]@{ + TenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + ) + + } + + Mock -CommandName Get-MgContext -MockWith $tenantObj -ModuleName Microsoft.Entra.SignIns + + Mock -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} +Describe "Get-EntraTrustedCertificateAuthority"{ + It "Result should not be empty when no parameter passed" { + $result = Get-EntraTrustedCertificateAuthority + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Result should not be empty when parameters are empty" { + $result = Get-EntraTrustedCertificateAuthority -TrustedIssuer '' -TrustedIssuerSki '' + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraTrustedCertificateAuthority -Property TrustedIssuerSki + $result | Should -Not -BeNullOrEmpty + $result.TrustedIssuerSki | Should -Be 'A0A42656B880B35FA7C8929A011A62113150F788' + } + It "Should fail when TrustedIssuer is null" { + { Get-EntraTrustedCertificateAuthority -TrustedIssuer } | Should -Throw "Missing an argument for parameter*" + } + It "Should fail when TrustedIssuerSki is null" { + { Get-EntraTrustedCertificateAuthority -TrustedIssuerSki } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraTrustedCertificateAuthority" + Get-EntraTrustedCertificateAuthority + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraTrustedCertificateAuthority" + Should -Invoke -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraTrustedCertificateAuthority -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/SignIns/Invalid.Tests.ps1 b/test/Entra/SignIns/Invalid.Tests.ps1 new file mode 100644 index 0000000000..ea62cc52f6 --- /dev/null +++ b/test/Entra/SignIns/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.SignIns)){ + Import-Module Microsoft.Entra.SignIns +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.SignIns + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/SignIns/Module.Tests.ps1 b/test/Entra/SignIns/Module.Tests.ps1 new file mode 100644 index 0000000000..9311c9f32d --- /dev/null +++ b/test/Entra/SignIns/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.SignIns Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.SignIns + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.SignIns + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.SignIns + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.SignIns.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.SignIns + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.SignIns -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/SignIns/New-EntraConditionalAccessPolicy.Tests.ps1 b/test/Entra/SignIns/New-EntraConditionalAccessPolicy.Tests.ps1 new file mode 100644 index 0000000000..0473b2302a --- /dev/null +++ b/test/Entra/SignIns/New-EntraConditionalAccessPolicy.Tests.ps1 @@ -0,0 +1,177 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Conditions" = [PSCustomObject]@{ + "ClientAppTypes" = @("all") + "ServicePrincipalRiskLevels" = @() + "SignInRiskLevels" = @() + "UserRiskLevels" = @() + } + "CreatedDateTime" = "20-May-24 9:26:07 AM" + "Description" = "" + "DisplayName" = "MFA policy" + "GrantControls" = [PSCustomObject]@{ + "BuiltInControls" = @("mfa") + "CustomAuthenticationFactors" = @() + "Operator" = "OR" + "TermsOfUse" = @() + } + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "ModifiedDateTime" = "" + "SessionControls" = [PSCustomObject]@{ + "DisableResilienceDefaults" = $null + } + "State" = "enabled" + "TemplateId" = "" + "AdditionalProperties" = @{ + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#identity/conditionalAccess/policies/$entity" + } + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgIdentityConditionalAccessPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraConditionalAccessPolicy" { + Context "Test for New-EntraConditionalAccessPolicy" { + It "Should return created Conditional Access Policy Id" { + $conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition + $conditions.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" + $conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition + $conditions.Users.IncludeUsers = "all" + $controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $controls._Operator = "OR" + $controls.BuiltInControls = "mfa" + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State "Enabled" -Conditions $conditions -GrantControls $controls -SessionControls $SessionControls + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.DisplayName | Should -Be "MFA policy" + $result.State | Should -Be "enabled" + + + Should -Invoke -CommandName New-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when DisplayName parameter is empty" { + { New-EntraConditionalAccessPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + + It "Should fail when State parameter is empty" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Conditions parameter is empty" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -Conditions } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Conditions parameter is invalid" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -Conditions "" } | Should -Throw "Cannot process argument transformation on parameter 'Conditions'.*" + } + + It "Should fail when GrantControls parameter is empty" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -GrantControls } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when GrantControls parameter is invalid" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -GrantControls "" } | Should -Throw "Cannot process argument transformation on parameter 'GrantControls'.*" + } + + It "Should fail when SessionControls parameter is empty" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -SessionControls } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when SessionControls parameter is invalid" { + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -SessionControls "" } | Should -Throw "Cannot process argument transformation on parameter 'SessionControls'.*" + } + + It "Should contain IncludeUsers in parameters when passed Conditions to it" { + $conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition + $conditions.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" + $conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition + $conditions.Users.IncludeUsers = "all" + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State "Enabled" -Conditions $conditions -GrantControls $controls -SessionControls $SessionControls + $result | Should -Not -BeNullOrEmpty + $params = Get-Parameters -data $result.Parameters + $params.Conditions.Users.IncludeUsers | Should -Be "all" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should contain BuiltInControls in parameters when passed GrantControls to it" { + $conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition + $conditions.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" + $conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition + $conditions.Users.IncludeUsers = "all" + $controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $controls._Operator = "OR" + $controls.BuiltInControls = "mfa" + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State "Enabled" -Conditions $conditions -GrantControls $controls -SessionControls $SessionControls + $result | Should -Not -BeNullOrEmpty + $params = Get-Parameters -data $result.Parameters + $params.GrantControls.BuiltInControls | Should -Be "mfa" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraConditionalAccessPolicy" + $conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition + $conditions.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" + $conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition + $conditions.Users.IncludeUsers = "all" + $controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $controls._Operator = "OR" + $controls.BuiltInControls = "mfa" + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State "Enabled" -Conditions $conditions -GrantControls $controls -SessionControls $SessionControls + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraConditionalAccessPolicy" + Should -Invoke -CommandName New-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition + $conditions.Applications.IncludeApplications = "00000002-0000-0ff1-ce00-000000000000" + $conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition + $conditions.Users.IncludeUsers = "all" + $controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $controls._Operator = "OR" + $controls.BuiltInControls = "mfa" + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraConditionalAccessPolicy -DisplayName "MFA policy" -State "Enabled" -Conditions $conditions -GrantControls $controls -SessionControls $SessionControls -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraFeatureRolloutPolicy.Tests.ps1 b/test/Entra/SignIns/New-EntraFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..15e2560e89 --- /dev/null +++ b/test/Entra/SignIns/New-EntraFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "FeatureRolloutPolicy" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "IsEnabled" = "False" + "Description" = "FeatureRolloutPolicy" + "Feature" = "passwordHashSync" + "IsAppliedToOrganization" = "False" + "AppliesTo" = "" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraFeatureRolloutPolicy" { + Context "Test for New-EntraFeatureRolloutPolicy" { + It "Should return created FeatureRolloutPolicy" { + $result = New-EntraFeatureRolloutPolicy -Feature 'PasswordHashSync' -DisplayName 'FeatureRolloutPolicy1' -Description 'FeatureRolloutPolicy1' -IsEnabled $false + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "FeatureRolloutPolicy" + $result.IsAppliedToOrganization | should -Be "False" + $result.IsEnabled | should -Be "False" + $result.Description | should -Be "FeatureRolloutPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Feature are invalid" { + { New-EntraFeatureRolloutPolicy -Feature "" } | Should -Throw "Cannot bind argument to parameter 'Feature'*" + } + It "Should fail when Feature are empty" { + { New-EntraFeatureRolloutPolicy -Feature } | Should -Throw "Missing an argument for parameter 'Feature'*" + } + It "Should fail when DisplayName are invalid" { + { New-EntraFeatureRolloutPolicy -DisplayName "" } | Should -Throw "Cannot bind argument to parameter 'DisplayName'*" + } + It "Should fail when DisplayName are empty" { + { New-EntraFeatureRolloutPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when Description are empty" { + { New-EntraFeatureRolloutPolicy -Feature 'PasswordHashSync' -DisplayName 'FeatureRolloutPolicy1' -Description -IsEnabled $false } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when IsEnabled are invalid" { + { New-EntraFeatureRolloutPolicy -IsEnabled "" } | Should -Throw "Cannot process argument transformation on parameter 'IsEnabled'.*" + } + It "Should fail when IsEnabled are empty" { + { New-EntraFeatureRolloutPolicy -IsEnabled } | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraFeatureRolloutPolicy" + $result = New-EntraFeatureRolloutPolicy -Feature 'PasswordHashSync' -DisplayName 'FeatureRolloutPolicy1' -Description 'FeatureRolloutPolicy1' -IsEnabled $false + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraFeatureRolloutPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraFeatureRolloutPolicy -Feature 'PasswordHashSync' -DisplayName 'FeatureRolloutPolicy1' -Description 'FeatureRolloutPolicy1' -IsEnabled $false -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraIdentityProvider.Tests.ps1 b/test/Entra/SignIns/New-EntraIdentityProvider.Tests.ps1 new file mode 100644 index 0000000000..b3ad06f2a2 --- /dev/null +++ b/test/Entra/SignIns/New-EntraIdentityProvider.Tests.ps1 @@ -0,0 +1,110 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "Google-OAUTH" + "DisplayName" = "Mock-App" + "identityProviderType" = "Google" + "AdditionalProperties" = @{ + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#identity/identityProviders/$entity" + "@odata.type" = "#microsoft.graph.socialIdentityProvider" + "clientId" = "Google123" + "clientSecret" = "******" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgIdentityProvider -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraIdentityProvider" { +Context "Test for New-EntraIdentityProvider" { + It "Should return created identity provider" { + $result = New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "Google-OAUTH" + $result.DisplayName | Should -Be "Mock-App" + $result.identityProviderType | Should -Be "Google" + + Should -Invoke -CommandName New-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Type is empty" { + { New-EntraIdentityProvider -Type -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" } | Should -Throw "Missing an argument for parameter 'Type'*" + } + It "Should fail when Type is invalid" { + { New-EntraIdentityProvider -Type "" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" } | Should -Throw "Cannot bind argument to parameter 'Type' because it is an empty string." + } + It "Should fail when Name is empty" { + { New-EntraIdentityProvider -Type "Google" -Name -ClientId "Google123" -ClientSecret "GoogleId" } | Should -Throw "Missing an argument for parameter 'Name'*" + } + It "Should fail when ClientId is empty" { + { New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId -ClientSecret "GoogleId" } | Should -Throw "Missing an argument for parameter 'ClientId'*" + } + It "Should fail when ClientId is invalid" { + { New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "" -ClientSecret "GoogleId" } | Should -Throw "Cannot bind argument to parameter 'ClientId' because it is an empty string." + } + It "Should fail when ClientSecret is empty" { + { New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret } | Should -Throw "Missing an argument for parameter 'ClientSecret'*" + } + It "Should fail when ClientSecret is invalid" { + { New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "" } | Should -Throw "Cannot bind argument to parameter 'ClientSecret' because it is an empty string." + } + It "Result should contain Alias properties" { + $result = New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" + $result.ObjectId | should -Be "Google-OAUTH" + $result.Name | should -Be "Mock-App" + $result.Type | should -Be "Google" + } + It "Should contain displayName in parameters when passed Name to it" { + + $result = New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" + $params = Get-Parameters -data $result.Parameters + $Para = $params | convertTo-json -depth 10 | convertFrom-json + $Para.BodyParameter.displayName | Should -Be "Mock-App" + } + It "Should contain identityProviderType in parameters when passed Type to it" { + + $result = New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" + $Param= $result.Parameters | convertTo-json -depth 10 | convertFrom-json + $params = Get-Parameters -data $Param + $Para = $params | convertTo-json -depth 10 | convertFrom-json + $Para.BodyParameter.AdditionalProperties.identityProviderType | Should -Be "Google" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraIdentityProvider" + + New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraIdentityProvider" + + Should -Invoke -CommandName New-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraIdentityProvider -Type "Google" -Name "Mock-App" -ClientId "Google123" -ClientSecret "GoogleId" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraNamedLocationPolicy.Tests.ps1 b/test/Entra/SignIns/New-EntraNamedLocationPolicy.Tests.ps1 new file mode 100644 index 0000000000..a60b7ce957 --- /dev/null +++ b/test/Entra/SignIns/New-EntraNamedLocationPolicy.Tests.ps1 @@ -0,0 +1,122 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + "DisplayName" = "Mock-App policies" + "CreatedDateTime" = "14-05-2024 09:38:07" + "ModifiedDateTime" = "14-05-2024 09:38:07" + "AdditionalProperties" = @{ + "@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#identity/conditionalAccess/namedLocations/$entity" + "@odata.type" = "#microsoft.graph.ipNamedLocation" + "isTrusted" = $true + "ipRanges" = @{ + "@odata.type" = "#microsoft.graph.iPv4CidrRange" + "cidrAddress" = "6.5.4.1/30" + } + } + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgIdentityConditionalAccessNamedLocation -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraNamedLocationPolicy" { +Context "Test for New-EntraNamedLocationPolicy" { + It "Should return created Ms named location policy" { + $ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges.cidrAddress = "6.5.4.1/30" + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges $ipRanges -IsTrusted $true -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + $result.DisplayName | Should -Be "Mock-App policies" + $result.CreatedDateTime | Should -Be "14-05-2024 09:38:07" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when OdataType is empty" { + { New-EntraNamedLocationPolicy -OdataType } | Should -Throw "Missing an argument for parameter 'OdataType'*" + } + It "Should fail when DisplayName is empty" { + { New-EntraNamedLocationPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when IpRanges is empty" { + { New-EntraNamedLocationPolicy -IpRanges } | Should -Throw "Missing an argument for parameter 'IpRanges'*" + } + It "Should fail when IsTrusted is empty" { + { New-EntraNamedLocationPolicy -IsTrusted } | Should -Throw "Missing an argument for parameter 'IsTrusted'*" + } + It "Should fail when IsTrusted is invalid" { + { New-EntraNamedLocationPolicy -IsTrusted xy } | Should -Throw "Cannot process argument transformation on parameter 'IsTrusted'*" + } + It "Should fail when Id is empty" { + { New-EntraNamedLocationPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when CountriesAndRegions is empty" { + { New-EntraNamedLocationPolicy -CountriesAndRegions } | Should -Throw "Missing an argument for parameter 'CountriesAndRegions'*" + } + It "Should fail when CountriesAndRegions is invalid" { + { New-EntraNamedLocationPolicy -CountriesAndRegions xy } | Should -Throw "Cannot process argument transformation on parameter 'CountriesAndRegions'*" + } + It "Should fail when IncludeUnknownCountriesAndRegions is empty" { + { New-EntraNamedLocationPolicy -IncludeUnknownCountriesAndRegions } | Should -Throw "Missing an argument for parameter 'IncludeUnknownCountriesAndRegions'*" + } + It "Should fail when IncludeUnknownCountriesAndRegions is invalid" { + { New-EntraNamedLocationPolicy -IncludeUnknownCountriesAndRegions xyz } | Should -Throw "Cannot process argument transformation on parameter 'IncludeUnknownCountriesAndRegions'*" + } + It "Result should Contain ObjectId" { + $ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges.cidrAddress = "6.5.4.1/30" + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges $ipRanges -IsTrusted $true -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true + $result.ObjectId | should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + } + It "Should contain @odata.type in bodyparameters when passed OdataId to it" { + Mock -CommandName New-MgIdentityConditionalAccessNamedLocation -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + $ipRanges = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges.cidrAddress = "6.5.4.1/30" + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges $ipRanges -IsTrusted $true -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true + $params= $result | Convertto-json -Depth 10 | Convertfrom-json + $additionalProperties = $params[-1].AdditionalProperties + $additionalProperties."@odata.type" | Should -Be "#microsoft.graph.ipNamedLocation" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraNamedLocationPolicy" + + $result = New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges $ipRanges -IsTrusted $true -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraNamedLocationPolicy" + + Should -Invoke -CommandName New-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges $ipRanges -IsTrusted $true -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/SignIns/New-EntraOauth2PermissionGrant.Tests.ps1 b/test/Entra/SignIns/New-EntraOauth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..f0eb31b54d --- /dev/null +++ b/test/Entra/SignIns/New-EntraOauth2PermissionGrant.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [Microsoft.Graph.PowerShell.Models.MicrosoftGraphOAuth2PermissionGrant]@{ + "ClientId" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "ConsentType" = "AllPrincipals" + "PrincipalId" = $null + "ResourceId" = "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + "Scope" = "DelegatedPermissionGrant.ReadWrite.All" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraOauth2PermissionGrant" { + Context "Test for New-EntraOauth2PermissionGrant" { + It "Should return created Oauth2PermissionGrant" { + $result = New-EntraOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" + $result | Should -Not -BeNullOrEmpty + $result.ClientId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ConsentType | should -Be "AllPrincipals" + $result.ResourceId | should -Be "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + $result.Scope | should -Be "DelegatedPermissionGrant.ReadWrite.All" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when ClientId is invalid" { + { New-EntraOauth2PermissionGrant -ClientId "" } | Should -Throw "Cannot bind argument to parameter 'ClientId'*" + } + It "Should fail when ClientId is empty" { + { New-EntraOauth2PermissionGrant -ClientId } | Should -Throw "Missing an argument for parameter 'ClientId'.*" + } + It "Should fail when ConsentType is invalid" { + { New-EntraOauth2PermissionGrant -ConsentType "" } | Should -Throw "Cannot bind argument to parameter 'ConsentType'*" + } + It "Should fail when ConsentType is empty" { + { New-EntraOauth2PermissionGrant -ConsentType } | Should -Throw "Missing an argument for parameter 'ConsentType'.*" + } + It "Should fail when ResourceId is invalid" { + { New-EntraOauth2PermissionGrant -ResourceId "" } | Should -Throw "Cannot bind argument to parameter 'ResourceId'*" + } + It "Should fail when ResourceId is empty" { + { New-EntraOauth2PermissionGrant -ResourceId } | Should -Throw "Missing an argument for parameter 'ResourceId'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraOauth2PermissionGrant" + $result = New-EntraOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraOauth2PermissionGrant" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraPermissionGrantConditionSet.Tests.ps1 b/test/Entra/SignIns/New-EntraPermissionGrantConditionSet.Tests.ps1 new file mode 100644 index 0000000000..3e50ebacbc --- /dev/null +++ b/test/Entra/SignIns/New-EntraPermissionGrantConditionSet.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "ClientApplicationIds" = {"All"} + "ClientApplicationPublisherIds" = {"All"} + "ClientApplicationTenantIds" = {"All"} + "ClientApplicationsFromVerifiedPublisherOnly" = $true + "PermissionClassification" = "all" + "PermissionType" = "delegated" + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgPolicyPermissionGrantPolicyInclude -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + Mock -CommandName New-MgPolicyPermissionGrantPolicyExclude -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} +Describe "New-EntraPermissionGrantConditionSet"{ + It "Should not return empty object for condition set 'includes'"{ + $result = New-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -PermissionType "delegated" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should not return empty object for condition set 'excludes'"{ + $result = New-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "excludes" -PermissionType "delegated" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when parameters are empty" { + { New-EntraPermissionGrantConditionSet -PolicyId "" -ConditionSetType ""} | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when parameters are null" { + { New-EntraPermissionGrantConditionSet -PolicyId -ConditionSetType } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain PermissionGrantPolicyId in parameters when passed PolicyId to it" { + $result = New-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -PermissionType "delegated" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "test1" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantConditionSet" + $result = New-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -PermissionType "delegated" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantConditionSet" + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -PermissionType "delegated" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + +} + diff --git a/test/Entra/SignIns/New-EntraPermissionGrantPolicy.Tests.ps1 b/test/Entra/SignIns/New-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..32ec3c7812 --- /dev/null +++ b/test/Entra/SignIns/New-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "my_new_permission_grant_policy_id" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "My new permission grant policy" + "DisplayName" = "My new permission grant policy" + "Excludes" = @{} + "Includes" = @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa") + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraPermissionGrantPolicy" { + Context "Test for New-EntraPermissionGrantPolicy" { + It "Should return created PermissionGrantPolicy" { + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "my_new_permission_grant_policy_id" + $result.DisplayName | should -Be "My new permission grant policy" + $result.Description | should -Be "My new permission grant policy" + $result.Includes | should -Be @("22cc22cc-dd33-ee44-ff55-66aa66aa66aa") + $result.DeletedDateTime | should -Be "2/8/2024 6:39:16 AM" + + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { New-EntraPermissionGrantPolicy -Id -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when DisplayName is empty" { + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName -Description "My new permission grant policy" } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should fail when Description is empty" { + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Result should Contain ObjectId" { + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result.ObjectId | should -Be "my_new_permission_grant_policy_id" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantPolicy" + + $result = New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName New-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraPermissionGrantPolicy -Id "my_new_permission_grant_policy_id" -DisplayName "MyNewPermissionGrantPolicy" -Description "My new permission grant policy" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraPolicy.Tests.ps1 b/test/Entra/SignIns/New-EntraPolicy.Tests.ps1 new file mode 100644 index 0000000000..24f58874e4 --- /dev/null +++ b/test/Entra/SignIns/New-EntraPolicy.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + #Write-Host "Mocking New-EntraPolicy with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "DisplayName" = "demoClaimstest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "Type" = "claimsMappingPolicies" + "IsOrganizationDefault" = "False" + "Definition" = "definition-value" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "New-EntraPolicy" { + Context "Test for New-EntraPolicy" { + + It "Should return created policy" { + $result = New-EntraPolicy -Definition @( + "definition-value" + ) -DisplayName "Claimstest" -Type "claimsMappingPolicies" -IsOrganizationDefault $false -AlternativeIdentifier "1f587daa-d6fc-433f-88ee-ccccccccc111" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "demoClaimstest" + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.IsOrganizationDefault | should -Be "False" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when parameters are invalid" { + { New-EntraPolicy -Definition "" -DisplayName "" -Type "" -IsOrganizationDefault "" -AlternativeIdentifier "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when parameters are empty" { + { New-EntraPolicy -Definition -DisplayName -Type -IsOrganizationDefault -AlternativeIdentifier } | Should -Throw "Missing an argument for parameter*" + } + It "Result should Contain Id" { + $result = New-EntraPolicy -Definition @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://xyz.xmlsoap.org/ws/2005/05/pqr/claims/name\",\"JwtClaimType\":\"xyz\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://xxx.yyy.com/identity/claims/displayname\",\"JwtClaimType\":\"ppp\"}]}}" ], "displayName": "test Claims Issuance Policy", "isOrganizationDefault": false }') -DisplayName "Claimstest" -Type "claimsMappingPolicies" -IsOrganizationDefault $false -AlternativeIdentifier "1f587daa-d6fc-433f-88ee-ccccccccc111" + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPolicy" + $result = New-EntraPolicy -Definition @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://xyz.xmlsoap.org/ws/2005/05/pqr/claims/name\",\"JwtClaimType\":\"xyz\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://xxx.yyy.com/identity/claims/displayname\",\"JwtClaimType\":\"ppp\"}]}}" ], "displayName": "test Claims Issuance Policy", "isOrganizationDefault": false }') -DisplayName "Claimstest" -Type "claimsMappingPolicies" -IsOrganizationDefault $false -AlternativeIdentifier "1f587daa-d6fc-433f-88ee-ccccccccc111" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraPolicy -Definition @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://xyz.xmlsoap.org/ws/2005/05/pqr/claims/name\",\"JwtClaimType\":\"xyz\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://xxx.yyy.com/identity/claims/displayname\",\"JwtClaimType\":\"ppp\"}]}}" ], "displayName": "test Claims Issuance Policy", "isOrganizationDefault": false }') -DisplayName "Claimstest" -Type "claimsMappingPolicies" -IsOrganizationDefault $false -AlternativeIdentifier "1f587daa-d6fc-433f-88ee-ccccccccc111" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/New-EntraTrustedCertificateAuthority.Tests.ps1 b/test/Entra/SignIns/New-EntraTrustedCertificateAuthority.Tests.ps1 new file mode 100644 index 0000000000..d5b78a5908 --- /dev/null +++ b/test/Entra/SignIns/New-EntraTrustedCertificateAuthority.Tests.ps1 @@ -0,0 +1,150 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + $tenantObj = { + return @( + [PSCustomObject]@{ + TenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + ) + + } + + Mock -CommandName Get-MgContext -MockWith $tenantObj -ModuleName Microsoft.Entra.SignIns + + $scriptblock = { + return @( + @{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + "@odata.context" = $args + certificateAuthorities = @{ + IsRootAuthority = "RootAuthority" + CertificateRevocationListUrl = "https://example.crl" + DeltaCertificateRevocationListUrl = "" + Certificate = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + Issuer = "CN=mscmdlet" + IssuerSki = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + Parameters = $args + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + $scriptblock2 = { + return @( + [PSCustomObject]@{ + CertificateAuthorities = @{ + IsRootAuthority = "RootAuthority" + CertificateRevocationListUrl = "https://example.crl" + DeltaCertificateRevocationListUrl = "" + Certificate = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + Issuer = "CN=mscmdlet" + IssuerSki = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + } + ) + + } + + Mock -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -MockWith $scriptblock2 -ModuleName Microsoft.Entra.SignIns + +} + +Describe "New-EntraTrustedCertificateAuthority" { + Context "Test for New-EntraTrustedCertificateAuthority" { + It "Should return created one" { + $byteData = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + $new_ca=New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation + $new_ca.AuthorityType=0 + $new_ca.TrustedCertificate= $byteData + $new_ca.crlDistributionPoint="https://example.crl" + $new_ca.DeltaCrlDistributionPoint="https://test.crl" + + $result = New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca + + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.certificateAuthorities.TrustedIssuer| Should -Be "CN=mscmdlet" + $result.certificateAuthorities.CrlDistributionPoint| Should -Be "https://example.crl" + $result.certificateAuthorities.AuthorityType| Should -Be "RootAuthority" + $result.certificateAuthorities.TrustedIssuerSki| Should -Be "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when parameters are empty" { + { New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when parameters are Invalid values" { + { New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation "" } | Should -Throw "Cannot process argument transformation on parameter 'CertificateAuthorityInformation'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraTrustedCertificateAuthority" + + $byteData = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + $new_ca=New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation + $new_ca.AuthorityType=0 + $new_ca.TrustedCertificate= $byteData + $new_ca.crlDistributionPoint="https://example.crl" + $new_ca.DeltaCrlDistributionPoint="https://test.crl" + + $result = New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca + + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraTrustedCertificateAuthority" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should contain 'TenantId' " { + $byteData = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + $new_ca=New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation + $new_ca.AuthorityType=0 + $new_ca.TrustedCertificate= $byteData + $new_ca.crlDistributionPoint="https://example.crl" + $new_ca.DeltaCrlDistributionPoint="https://test.crl" + + $result = New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca + + $params = Get-Parameters -data $result."@odata.context" + + $params.uri | Should -Match "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $byteData = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + $new_ca=New-Object -TypeName Microsoft.Open.AzureAD.Model.CertificateAuthorityInformation + $new_ca.AuthorityType=0 + $new_ca.TrustedCertificate= $byteData + $new_ca.crlDistributionPoint="https://example.crl" + $new_ca.DeltaCrlDistributionPoint="https://test.crl" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {New-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $new_ca -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicy.Tests.ps1 b/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..3a64dd6bf0 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,53 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraFeatureRolloutPolicy" { + Context "Test for Remove-EntraFeatureRolloutPolicy" { + It "Should return empty object" { + $result = Remove-EntraFeatureRolloutPolicy -Id bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + { Remove-EntraFeatureRolloutPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Remove-EntraFeatureRolloutPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraFeatureRolloutPolicy" + $result = Remove-EntraFeatureRolloutPolicy -Id bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraFeatureRolloutPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraFeatureRolloutPolicy -Id bbbbbbbb-1111-2222-3333-cccccccccccc -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..91de0da971 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 @@ -0,0 +1,59 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraFeatureRolloutPolicyDirectoryObject" { + Context "Test for Remove-EntraFeatureRolloutPolicyDirectoryObject" { + It "Should return empty object" { + $result = Remove-EntraFeatureRolloutPolicyDirectoryObject -Id bbbbbbbb-1111-2222-3333-cccccccccccc -ObjectId bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + { Remove-EntraFeatureRolloutPolicyDirectoryObject -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Remove-EntraFeatureRolloutPolicyDirectoryObject -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when ObjectId is invalid" { + { Remove-EntraFeatureRolloutPolicyDirectoryObject -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + It "Should fail when ObjectId is empty" { + { Remove-EntraFeatureRolloutPolicyDirectoryObject -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraFeatureRolloutPolicyDirectoryObject" + $result = Remove-EntraFeatureRolloutPolicyDirectoryObject -Id bbbbbbbb-1111-2222-3333-cccccccccccc -ObjectId bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraFeatureRolloutPolicyDirectoryObject" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraFeatureRolloutPolicyDirectoryObject -Id bbbbbbbb-1111-2222-3333-cccccccccccc -ObjectId bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Remove-EntraIdentityProvider.Tests.ps1 b/test/Entra/SignIns/Remove-EntraIdentityProvider.Tests.ps1 new file mode 100644 index 0000000000..20d7070857 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraIdentityProvider.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgIdentityProvider -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraIdentityProvider" { +Context "Test for Remove-EntraIdentityProvider" { + It "Should return empty object" { + $result = Remove-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraIdentityProvider -Id "Google-OAUTH" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Remove-EntraIdentityProvider -IdentityProviderBaseId } | Should -Throw "Missing an argument for parameter 'IdentityProviderBaseId'*" + } + It "Should fail when IdentityProviderBaseId is invalid" { + { Remove-EntraIdentityProvider -IdentityProviderBaseId "" } | Should -Throw "Cannot bind argument to parameter 'IdentityProviderBaseId' because it is an empty string." + } + It "Should contain IdentityProviderBaseId in parameters when passed IdentityProviderBaseId to it" { + Mock -CommandName Remove-MgIdentityProvider -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + $params = Get-Parameters -data $result + $params.IdentityProviderBaseId | Should -Be "Google-OAUTH" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraIdentityProvider" + + Remove-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraIdentityProvider" + + Should -Invoke -CommandName Remove-MgIdentityProvider -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraIdentityProvider -IdentityProviderBaseId "Google-OAUTH" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/SignIns/Remove-EntraNamedLocationPolicy.Tests.ps1 b/test/Entra/SignIns/Remove-EntraNamedLocationPolicy.Tests.ps1 new file mode 100644 index 0000000000..51ed76a2a1 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraNamedLocationPolicy.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraNamedLocationPolicy" { + Context "Test for Remove-EntraNamedLocationPolicy" { + It "Should return empty object" { + $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when PolicyId is empty" { + { Remove-EntraNamedLocationPolicy -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + It "Should fail when PolicyId is invalid" { + { Remove-EntraNamedLocationPolicy -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string*" + } + It "Should contain NamedLocationId in parameters when passed PolicyId to it" { + Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + $params = Get-Parameters -data $result + $params.NamedLocationId | Should -Be "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" + + Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" + + Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/SignIns/Remove-EntraOAuth2PermissionGrant.Tests.ps1 b/test/Entra/SignIns/Remove-EntraOAuth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..ee0b53dbb4 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraOAuth2PermissionGrant.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraGroupAppRoleAssignment" { + Context "Test for Remove-EntraGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when ObjectId is empty" { + { Remove-EntraOAuth2PermissionGrant -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should fail when ObjectId is invalid" { + { Remove-EntraOAuth2PermissionGrant -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + It "Should contain OAuth2PermissionGrantId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.OAuth2PermissionGrantId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" + + Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" + + Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/SignIns/Remove-EntraPermissionGrantConditionSet.Tests.ps1 b/test/Entra/SignIns/Remove-EntraPermissionGrantConditionSet.Tests.ps1 new file mode 100644 index 0000000000..2772b6ee8c --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraPermissionGrantConditionSet.Tests.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgPolicyPermissionGrantPolicyInclude -MockWith {} -ModuleName Microsoft.Entra.SignIns + + Mock -CommandName Remove-MgPolicyPermissionGrantPolicyExclude -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraPermissionGrantConditionSet"{ + Context "Test for Remove-EntraPermissionGrantConditionSet" { + It "Should delete a permission grant condition set 'includes' from a policy"{ + $result = Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should delete a permission grant condition set 'excludes' from a policy"{ + $result = Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "excludes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when PolicyId parameter are invalid when ConditionSetType is includes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa"} | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string.*" + } + + It "Should fail when PolicyId parameter are empty when ConditionSetType is includes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when PolicyId parameter are invalid when ConditionSetType is excludes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "" -ConditionSetType "excludes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa"} | Should -Throw "Cannot bind argument to parameter*" + } + + It "Should fail when PolicyId parameter are empty when ConditionSetType is excludes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId -ConditionSetType "excludes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Id parameter are empty when ConditionSetType is includes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Id parameter are invalid when ConditionSetType is includes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when Id parameter are invalid when ConditionSetType is excludes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "excludes" -Id ""} | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + + It "Should fail when Id parameter are empty when ConditionSetType is excludes" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "excludes" -Id } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when ConditionSetType parameter are empty" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" -ConditionSetType } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when ConditionSetType parameter are invalid" { + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" -ConditionSetType "" } | Should -Throw "Cannot bind argument to parameter 'ConditionSetType' because it is an empty string." + } + + It "Should contain PermissionGrantPolicyId in parameters when passed PolicyId to it" { + Mock -CommandName Remove-MgPolicyPermissionGrantPolicyInclude -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $params = Get-Parameters -data $result + $params.PermissionGrantPolicyId | Should -Be "test1" + } + + It "Should contain PermissionGrantConditionSetId in parameters when passed Id to it" { + Mock -CommandName Remove-MgPolicyPermissionGrantPolicyInclude -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" + $params = Get-Parameters -data $result + $params.PermissionGrantConditionSetId | Should -Be "ccccdddd-2222-eeee-3333-ffff4444aaaa" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantConditionSet" + + Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantConditionSet" + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraPermissionGrantConditionSet -PolicyId "test1" -ConditionSetType "includes" -Id "ccccdddd-2222-eeee-3333-ffff4444aaaa"-Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Remove-EntraPermissionGrantPolicy.Tests.ps1 b/test/Entra/SignIns/Remove-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..10ebaf3fdd --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Remove-EntraPermissionGrantPolicy" { + Context "Test for Remove-EntraPermissionGrantPolicy" { + It "Should return empty object" { + $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Remove-EntraPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Remove-EntraPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string*" + } + It "Should contain PermissionGrantPolicyId in parameters when passed Id to it" { + Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result + $params.PermissionGrantPolicyId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" + + Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/Entra/SignIns/Remove-EntraPolicy.Tests.ps1 b/test/Entra/SignIns/Remove-EntraPolicy.Tests.ps1 new file mode 100644 index 0000000000..8f0cbf56d4 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraPolicy.Tests.ps1 @@ -0,0 +1,63 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $ScriptBlock = { + + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies/homeRealmDiscoveryPolicies/$entity' + } + + return $response + + } + Mock -CommandName Invoke-GraphRequest -MockWith $ScriptBlock -ModuleName Microsoft.Entra.SignIns +} +Describe "Test for Remove-EntraPolicy" { + It "Should return empty object" { + $result = Remove-EntraPolicy -Id bbbbbbbb-1111-1111-1111-cccccccccccc + #$result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 2 + } + It "Should fail when -Id is empty" { + { Remove-EntraPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { Remove-EntraPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraPolicy -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPolicy" + $result = Remove-EntraPolicy -Id bbbbbbbb-1111-1111-1111-cccccccccccc + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraPolicy -Id bbbbbbbb-1111-1111-1111-cccccccccccc -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + + diff --git a/test/Entra/SignIns/Remove-EntraTrustedCertificateAuthority.Tests.ps1 b/test/Entra/SignIns/Remove-EntraTrustedCertificateAuthority.Tests.ps1 new file mode 100644 index 0000000000..06938e5077 --- /dev/null +++ b/test/Entra/SignIns/Remove-EntraTrustedCertificateAuthority.Tests.ps1 @@ -0,0 +1,102 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + Parameters = $args + } + ) + + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + + $scriptblock2 = { + return @( + [PSCustomObject]@{ + CertificateAuthorities = @{ + IsRootAuthority = "RootAuthority" + CertificateRevocationListUrl = "https://example.crl" + DeltaCertificateRevocationListUrl = "" + Certificate = @(48, 130, 3, 0) + Issuer = "CN=mscmdlet" + IssuerSki = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + + } + ) + + } + + Mock -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -MockWith $scriptblock2 -ModuleName Microsoft.Entra.SignIns + + $scriptblock3 = { + return @( + [PSCustomObject]@{ + TenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + ) + + } + + Mock -CommandName Get-MgContext -MockWith $scriptblock3 -ModuleName Microsoft.Entra.SignIns + +} + +Describe "Remove-EntraTrustedCertificateAuthority" { + Context "Test for Remove-EntraTrustedCertificateAuthority" { + It "Should return object" { + $cer = Get-EntraTrustedCertificateAuthority + $result = Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] + + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when CertificateAuthorityInformation is empty" { + { Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation} | Should -Throw "Missing an argument for parameter 'CertificateAuthorityInformation'.*" + } + It "Should fail when ObjectId is empty string" { + { Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation "" } | Should -Throw "Cannot process argument transformation on parameter 'CertificateAuthorityInformation'.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraTrustedCertificateAuthority" + $cer = Get-EntraTrustedCertificateAuthority + $result = Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraTrustedCertificateAuthority" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $cer = Get-EntraTrustedCertificateAuthority + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer[0] -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraAuthorizationPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraAuthorizationPolicy.Tests.ps1 new file mode 100644 index 0000000000..f0558def5d --- /dev/null +++ b/test/Entra/SignIns/Set-EntraAuthorizationPolicy.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgPolicyAuthorizationPolicy -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Set-EntraAuthorizationPolicy" { + Context "Test for Set-EntraAuthorizationPolicy" { + It "Should update AuthorizationPolicy" { + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + $result = Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when AllowedToSignUpEmailBasedSubscriptions is invalid" { + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowedToSignUpEmailBasedSubscriptions'.*" + } + It "Should fail when AllowedToSignUpEmailBasedSubscriptions is empty" { + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions } | Should -Throw "Missing an argument for parameter 'AllowedToSignUpEmailBasedSubscriptions'.*" + } + It "Should fail when AllowedToUseSSPR is invalid" { + { Set-EntraAuthorizationPolicy -AllowedToUseSSPR 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowedToUseSSPR'*" + } + It "Should fail when AllowedToUseSSPR is empty" { + { Set-EntraAuthorizationPolicy -AllowedToUseSSPR } | Should -Throw "Missing an argument for parameter 'AllowedToUseSSPR'.*" + } + It "Should fail when AllowEmailVerifiedUsersToJoinOrganization is invalid" { + { Set-EntraAuthorizationPolicy -AllowEmailVerifiedUsersToJoinOrganization 'a' } | Should -Throw "Cannot process argument transformation on parameter 'AllowEmailVerifiedUsersToJoinOrganization'*" + } + It "Should fail when AllowEmailVerifiedUsersToJoinOrganization is empty" { + { Set-EntraAuthorizationPolicy -AllowEmailVerifiedUsersToJoinOrganization } | Should -Throw "Missing an argument for parameter 'AllowEmailVerifiedUsersToJoinOrganization'.*" + } + It "Should fail when BlockMsolPowerShell is invalid" { + { Set-EntraAuthorizationPolicy -BlockMsolPowerShell 'a' } | Should -Throw "Cannot process argument transformation on parameter 'BlockMsolPowerShell'*" + } + It "Should fail when BlockMsolPowerShell is empty" { + { Set-EntraAuthorizationPolicy -BlockMsolPowerShell } | Should -Throw "Missing an argument for parameter 'BlockMsolPowerShell'.*" + } + It "Should fail when DefaultUserRolePermissions is invalid" { + { Set-EntraAuthorizationPolicy -DefaultUserRolePermissions 'a' } | Should -Throw "Cannot process argument transformation on parameter 'DefaultUserRolePermissions'*" + } + It "Should fail when DefaultUserRolePermissions is empty" { + { Set-EntraAuthorizationPolicy -DefaultUserRolePermissions } | Should -Throw "Missing an argument for parameter 'DefaultUserRolePermissions'.*" + } + It "Should fail when Description is empty" { + { Set-EntraAuthorizationPolicy -Description } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Should fail when DisplayName is empty" { + { Set-EntraAuthorizationPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAuthorizationPolicy" + + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraAuthorizationPolicy" + + Should -Invoke -CommandName Update-MgPolicyAuthorizationPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $DefaultUserRolePermissions = New-Object -TypeName Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions + $DefaultUserRolePermissions.AllowedToCreateApps = $true + $DefaultUserRolePermissions.AllowedToCreateSecurityGroups = $true + $DefaultUserRolePermissions.AllowedToReadOtherUsers = $true + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraAuthorizationPolicy -AllowedToSignUpEmailBasedSubscriptions $false -AllowedToUseSSPR $false -AllowEmailVerifiedUsersToJoinOrganization $true -BlockMsolPowerShell $true -DefaultUserRolePermissions $DefaultUserRolePermissions -Description "test" -DisplayName "Authorization Policies" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraConditionalAccessPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraConditionalAccessPolicy.Tests.ps1 new file mode 100644 index 0000000000..113943f274 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraConditionalAccessPolicy.Tests.ps1 @@ -0,0 +1,139 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgIdentityConditionalAccessPolicy -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Set-EntraConditionalAccessPolicy" { + Context "Test for Set-EntraConditionalAccessPolicy" { + It "Should updates a conditional access policy in Microsoft Entra ID by PolicyId" { + $Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" -State enabled -Conditions $Condition -GrantControls $Controls -SessionControls $SessionControls + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when PolicyId parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + + It "Should fail when PolicyId parameter is invalid" { + { Set-EntraConditionalAccessPolicy -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string.*" + } + + It "Should fail when DisplayName parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when State parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -State } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Conditions parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Conditions } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when Conditions parameter is invalid" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Conditions "" } | Should -Throw "Cannot process argument transformation on parameter 'Conditions'.*" + } + + It "Should fail when GrantControls parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -GrantControls } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when GrantControls parameter is invalid" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -GrantControls "" } | Should -Throw "Cannot process argument transformation on parameter 'GrantControls'.*" + } + + It "Should fail when SessionControls parameter is empty" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -SessionControls } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when SessionControls parameter is invalid" { + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -SessionControls "" } | Should -Throw "Cannot process argument transformation on parameter 'SessionControls'.*" + } + + It "Should contain ConditionalAccessPolicyId in parameters when passed PolicyId to it" { + Mock -CommandName Update-MgIdentityConditionalAccessPolicy -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" + $params = Get-Parameters -data $result + $params.ConditionalAccessPolicyId | Should -Be "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + } + + It "Should contain ClientAppTypes in parameters when passed Conditions to it" { + Mock -CommandName Update-MgIdentityConditionalAccessPolicy -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $Condition.clientAppTypes = @("mobileAppsAndDesktopClients","browser") + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" -State enabled -Conditions $Condition -GrantControls $Controls -SessionControls $SessionControls + $params = Get-Parameters -data $result + $params.Conditions.ClientAppTypes | Should -Be @("mobileAppsAndDesktopClients","browser") + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should contain BuiltInControls in parameters when passed GrantControls to it" { + Mock -CommandName Update-MgIdentityConditionalAccessPolicy -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $Controls._Operator = "AND" + $Controls.BuiltInControls = @("mfa") + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + $result = Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" -State enabled -Conditions $Condition -GrantControls $Controls -SessionControls $SessionControls + $params = Get-Parameters -data $result + $params.GrantControls.BuiltInControls | Should -Be @("mfa") + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraConditionalAccessPolicy" + $Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $Controls._Operator = "AND" + $Controls.BuiltInControls = @("mfa") + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + + Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" -State enabled -Conditions $Condition -GrantControls $Controls -SessionControls $SessionControls + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraConditionalAccessPolicy" + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $Condition = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet + $Controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls + $Controls._Operator = "AND" + $Controls.BuiltInControls = @("mfa") + $SessionControls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraConditionalAccessPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName "test" -State enabled -Conditions $Condition -GrantControls $Controls -SessionControls $SessionControls -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraFeatureRolloutPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..a4ddff1f03 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Set-EntraFeatureRolloutPolicy" { + Context "Test for Set-EntraFeatureRolloutPolicy" { + It "Should return created FeatureRolloutPolicy" { + $result = Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -DisplayName 'Feature-Rollout-Policytest' -Description 'Feature-Rollout-test' -IsEnabled $false + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id are invalid" { + { Set-EntraFeatureRolloutPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id are empty" { + { Set-EntraFeatureRolloutPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Feature are empty" { + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -Feature } | Should -Throw "Missing an argument for parameter 'Feature'*" + } + It "Should fail when DisplayName are empty" { + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when Description are empty" { + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when IsEnabled are invalid" { + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -IsEnabled "" } | Should -Throw "Cannot process argument transformation on parameter 'IsEnabled'.*" + } + It "Should fail when IsEnabled are empty" { + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -IsEnabled } | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraFeatureRolloutPolicy" + + Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -DisplayName 'Feature-Rollout-Policytest' -Description 'Feature-Rollout-test' -IsEnabled $false + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraFeatureRolloutPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraFeatureRolloutPolicy -Id 7e22e9df-abf0-4ee2-bcf8-fd7b62eff2f5 -DisplayName 'Feature-Rollout-Policytest' -Description 'Feature-Rollout-test' -IsEnabled $false -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraNamedLocationPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraNamedLocationPolicy.Tests.ps1 new file mode 100644 index 0000000000..795b6393e6 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraNamedLocationPolicy.Tests.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgIdentityConditionalAccessNamedLocation -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Set-EntraNamedLocationPolicy" { + Context "Test for Set-EntraNamedLocationPolicy" { + It "Should return empty object" { + $ipRanges1 = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges1.cidrAddress = "6.5.4.1/30" + $ipRanges2 = New-Object -TypeName Microsoft.Open.MSGraph.Model.IpRange + $ipRanges2.cidrAddress = "6.5.4.2/30" + $result = Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -IpRanges @($ipRanges1,$ipRanges2) -IsTrusted $true -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -CountriesAndRegions @("US","ID","CA") -IncludeUnknownCountriesAndRegions $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when PolicyId is empty" { + { Set-EntraNamedLocationPolicy -PolicyId -OdataType "#microsoft.graph.ipNamedLocation" } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + It "Should fail when PolicyId is invalid" { + { Set-EntraNamedLocationPolicy -PolicyId "" -OdataType "#microsoft.graph.ipNamedLocation" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string*" + } + It "Should fail when OdataType is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType } | Should -Throw "Missing an argument for parameter 'OdataType'*" + } + It "Should fail when DisplayName is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when IpRanges is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -IpRanges } | Should -Throw "Missing an argument for parameter 'IpRanges'*" + } + It "Should fail when IsTrusted is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -IsTrusted } | Should -Throw "Missing an argument for parameter 'IsTrusted'*" + } + It "Should fail when IsTrusted is invalid" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -IsTrusted xy } | Should -Throw "Cannot process argument transformation on parameter 'IsTrusted'*" + } + It "Should fail when Id is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when CountriesAndRegions is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -CountriesAndRegions } | Should -Throw "Missing an argument for parameter 'CountriesAndRegions'*" + } + It "Should fail when CountriesAndRegions is invalid" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -CountriesAndRegions xy } | Should -Throw "Cannot process argument transformation on parameter 'CountriesAndRegions'*" + } + It "Should fail when IncludeUnknownCountriesAndRegions is empty" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -IncludeUnknownCountriesAndRegions } | Should -Throw "Missing an argument for parameter 'IncludeUnknownCountriesAndRegions'*" + } + It "Should fail when IncludeUnknownCountriesAndRegions is invalid" { + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -IncludeUnknownCountriesAndRegions xyz } | Should -Throw "Cannot process argument transformation on parameter 'IncludeUnknownCountriesAndRegions'*" + } + It "Should contain NamedLocationId in parameters when passed PolicyId to it" { + Mock -CommandName Update-MgIdentityConditionalAccessNamedLocation -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + + $result = Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" + $params = Get-Parameters -data $result + $params.NamedLocationId | Should -Be "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + } + + It "Should contain @odata.type in bodyparameters when passed OdataId to it" { + Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" + Should -Invoke -CommandName Update-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + Write-Host $BodyParameter.AdditionalProperties."@odata.type" | ConvertTo-Json + $BodyParameter.AdditionalProperties."@odata.type" | Should -Be "#microsoft.graph.ipNamedLocation" + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraNamedLocationPolicy" + + Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraNamedLocationPolicy" + + Should -Invoke -CommandName Update-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "Mock-App policies" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraPermissionGrantConditionSet.Tests.ps1 b/test/Entra/SignIns/Set-EntraPermissionGrantConditionSet.Tests.ps1 new file mode 100644 index 0000000000..2b10bfb249 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraPermissionGrantConditionSet.Tests.ps1 @@ -0,0 +1,68 @@ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgPolicyPermissionGrantPolicyInclude -MockWith {} -ModuleName Microsoft.Entra.SignIns + + Mock -CommandName Update-MgPolicyPermissionGrantPolicyExclude -MockWith {} -ModuleName Microsoft.Entra.SignIns +} +Describe "Set-EntraPermissionGrantConditionSet"{ + It "Should return empty object for condition set 'includes'"{ + $result = Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should return empty object for condition set 'excludes'"{ + $result = Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "excludes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when parameters are empty" { + { Set-EntraPermissionGrantConditionSet -PolicyId "" -ConditionSetType "" -Id ""} | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when parameters are null" { + { Set-EntraPermissionGrantConditionSet -PolicyId -ConditionSetType -Id } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain parameters for condition set 'includes'" { + Mock -CommandName Update-MgPolicyPermissionGrantPolicyInclude -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + $result = Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "includes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" + $params = Get-Parameters -data $result + $params.PermissionGrantPolicyId | Should -Be "policy1" + $params.PermissionGrantConditionSetId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicyInclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should contain parameters for condition set 'excludes'" { + Mock -CommandName Update-MgPolicyPermissionGrantPolicyExclude -MockWith {$args} -ModuleName Microsoft.Entra.SignIns + $result = Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "excludes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" + $params = Get-Parameters -data $result + $params.PermissionGrantPolicyId | Should -Be "policy1" + $params.PermissionGrantConditionSetId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantConditionSet" + $result = Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "excludes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantConditionSet" + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicyExclude -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraPermissionGrantConditionSet -PolicyId "policy1" -ConditionSetType "excludes" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PermissionClassification "Low" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraPermissionGrantPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..e0cf99e003 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.SignIns) -eq $null) { + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgPolicyPermissionGrantPolicy -MockWith {} -ModuleName Microsoft.Entra.SignIns +} + +Describe "Set-EntraPermissionGrantPolicy" { + Context "Test for Set-EntraPermissionGrantPolicy" { + It "Should return updated PermissionGrantPolicy" { + $result = Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Set-EntraPermissionGrantPolicy -Id -Description "test" -DisplayName "Test" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + It "Should fail when Id is invalid" { + { Set-EntraPermissionGrantPolicy -Id "" -Description "test" -DisplayName "Test" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + It "Should fail when Description is empty" { + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description -DisplayName "Test" } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + It "Should fail when DisplayName is empty" { + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantPolicy" + + Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Update-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraPermissionGrantPolicy -Id "permission_grant_policy" -Description "test" -DisplayName "Test" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/SignIns/Set-EntraPolicy.Tests.ps1 b/test/Entra/SignIns/Set-EntraPolicy.Tests.ps1 new file mode 100644 index 0000000000..cff8e1d017 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraPolicy.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + #Write-Host "Mocking set-EntraPolicy with parameters: $($args | ConvertTo-Json -Depth 3)" + + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies/homeRealmDiscoveryPolicies/$entity' + } + + return $response + } + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns +} + +Describe "Test for Set-EntraPolicy" { + + It "Should return empty object" { + $result = Set-EntraPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when id is empty" { + { Set-EntraPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id'*" + } + It "Should fail when Id is null" { + { Set-EntraPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when displaymane is null" { + { Set-EntraPolicy -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when AlternativeIdentifier is null" { + { Set-EntraPolicy -AlternativeIdentifier } | Should -Throw "Missing an argument for parameter 'AlternativeIdentifier'*" + } + It "Should fail when IsOrganizationDefault is null" { + { Set-EntraPolicy -IsOrganizationDefault } | Should -Throw "Missing an argument for parameter 'IsOrganizationDefault'*" + } + It "Should fail when invalid parameter is passed" { + { Set-EntraPolicy -xyz } | Should -Throw "A parameter cannot be found that matches parameter name 'xyz'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraPolicy" + + Set-EntraPolicy -Id "Engineering_Project" -type "HomeRealmDiscoveryPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + + diff --git a/test/Entra/SignIns/Set-EntraTrustedCertificateAuthority.Tests.ps1 b/test/Entra/SignIns/Set-EntraTrustedCertificateAuthority.Tests.ps1 new file mode 100644 index 0000000000..60ede51576 --- /dev/null +++ b/test/Entra/SignIns/Set-EntraTrustedCertificateAuthority.Tests.ps1 @@ -0,0 +1,136 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.SignIns) -eq $null){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + $tenantObj = { + return @( + [PSCustomObject]@{ + TenantId = "d5aec55f-2d12-4442-8d2f-ccca95d4390e" + } + ) + + } + + Mock -CommandName Get-MgContext -MockWith $tenantObj -ModuleName Microsoft.Entra.SignIns + + $scriptblock = { + return @( + @{ + Id = '29728ade-6ae4-4ee9-9103-412912537da5' + "@odata.context" = $args + certificateAuthorities = @{ + IsRootAuthority = "RootAuthority" + CertificateRevocationListUrl = "https://example.crl" + DeltaCertificateRevocationListUrl = "https://example2.crl" + Certificate = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + Issuer = "CN=ms-cmdlett" + IssuerSki = "E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A" + } + Parameters = $args + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.SignIns + + $scriptblock2 = { + return @( + [PSCustomObject]@{ + CertificateAuthorities = @{ + IsRootAuthority = "RootAuthority" + CertificateRevocationListUrl = "https://example.crl" + DeltaCertificateRevocationListUrl = "https://example2.crl" + Certificate = @(70, 57, 66, 65, 57, 49, 69, 55, 54, 68, 57, 51, 49, 48, 51, 49, 55, 49, 55, 49, 50, 54, 69, 55, 68, 52, 70, 56, 70, 54, 57, 70, 55, 52, 51, 52, 57, 56, 53, 51) + Issuer = "CN=ms-cmdlett" + IssuerSki = "E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A" + } + } + ) + + } + + Mock -CommandName Get-MgOrganizationCertificateBasedAuthConfiguration -MockWith $scriptblock2 -ModuleName Microsoft.Entra.SignIns + +} + +Describe "Set-EntraTrustedCertificateAuthority" { + Context "Test for Set-EntraTrustedCertificateAuthority" { + It "Should return created one" { + $cer = Get-EntraTrustedCertificateAuthority + $cer[0].CrlDistributionPoint = "https://example.crl" + $cer[0].DeltaCrlDistributionPoint = "https://example2.crl" + + $result = Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer + + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "29728ade-6ae4-4ee9-9103-412912537da5" + $result.certificateAuthorities.TrustedIssuer| Should -Be "CN=ms-cmdlett" + $result.certificateAuthorities.CrlDistributionPoint| Should -Be "https://example.crl" + $result.certificateAuthorities.AuthorityType| Should -Be "RootAuthority" + $result.certificateAuthorities.TrustedIssuerSki| Should -Be "E48DBC5D4AF447E9D9D4A5440D4096C70AF5352A" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + + It "Should fail when parameters are empty" { + { Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when parameters are Invalid values" { + { Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation "" } | Should -Throw "Cannot process argument transformation on parameter 'CertificateAuthorityInformation'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraTrustedCertificateAuthority" + $cer = Get-EntraTrustedCertificateAuthority + $cer[0].CrlDistributionPoint = "https://example.crl" + $cer[0].DeltaCrlDistributionPoint = "https://example2.crl" + + Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraTrustedCertificateAuthority" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $cer = Get-EntraTrustedCertificateAuthority + $cer[0].CrlDistributionPoint = "https://example.crl" + $cer[0].DeltaCrlDistributionPoint = "https://example2.crl" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + It "Should contain 'TenantId' " { + $cer = Get-EntraTrustedCertificateAuthority + $cer[0].CrlDistributionPoint = "https://example.crl" + $cer[0].DeltaCrlDistributionPoint = "https://example2.crl" + + $result = Set-EntraTrustedCertificateAuthority -CertificateAuthorityInformation $cer + + $params = Get-Parameters -data $result."@odata.context" + + $params.uri | Should -Match "d5aec55f-2d12-4442-8d2f-ccca95d4390e" + } + + } +} + diff --git a/test/Entra/SignIns/Valid.Tests.ps1 b/test/Entra/SignIns/Valid.Tests.ps1 new file mode 100644 index 0000000000..9b556c1fab --- /dev/null +++ b/test/Entra/SignIns/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.SignIns)){ + Import-Module Microsoft.Entra.SignIns + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.SignIns +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.SignIns + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.SignIns + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.SignIns -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.SignIns + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.SignIns -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.SignIns + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.SignIns -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/Entra/Users/Get-EntraUser.Tests.ps1 b/test/Entra/Users/Get-EntraUser.Tests.ps1 new file mode 100644 index 0000000000..ebecbf8659 --- /dev/null +++ b/test/Entra/Users/Get-EntraUser.Tests.ps1 @@ -0,0 +1,175 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + $valueObject = [PSCustomObject]@{ + "DisplayName" = "Mock-User" + "AccountEnabled" = $true + "Mail" = "User@aaabbbcccc.OnMicrosoft.com" + "userPrincipalName" = "User@aaabbbcccc.OnMicrosoft.com" + "DeletedDateTime" = $null + "CreatedDateTime" = $null + "EmployeeId" = $null + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "Surname" = $null + "MailNickName" = "User" + "OnPremisesDistinguishedName" = $null + "OnPremisesSecurityIdentifier" = $null + "OnPremisesUserPrincipalName" = $null + "OnPremisesSyncEnabled" = $false + "onPremisesImmutableId" = $null + "OnPremisesLastSyncDateTime" = $null + "JobTitle" = $null + "CompanyName" = $null + "Department" = $null + "Country" = $null + "BusinessPhones" = @{} + "OnPremisesProvisioningErrors" = @{} + "ImAddresses" = @{} + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "MobilePhone" = $null + } + + $response = @{ + '@odata.context' = 'Users()' + Value = $valueObject + } + + return @( + $response + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUser" { + Context "Test for Get-EntraUser" { + It "Should return specific user" { + $result = Get-EntraUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + Write-Verbose "Result : {$result}" -Verbose + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Get-EntraUser -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + Write-Verbose "Result : {$result}" -Verbose + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUser" + + $result = Get-EntraUser -Top 1 + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUser" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when ObjectId is empty string value" { + { Get-EntraUser -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when ObjectId is empty" { + { Get-EntraUser -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should return all contact" { + $result = Get-EntraUser -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUser -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should return top user" { + $result = Get-EntraUser -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUser -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUser -Top HH } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return specific user by filter" { + $result = Get-EntraUser -Filter "DisplayName eq 'Mock-User'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific user by search string" { + $result = Get-EntraUser -SearchString "Mock-User" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + + } + + It "Should fail when search string is empty" { + { Get-EntraUser -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'.*" + } + + It "Should fail when Missing an argument for parameter Filter" { + { Get-EntraUser -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Property parameter should work" { + $result = Get-EntraUser -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUser -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Get-EntraUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserAppRoleAssignment.Tests.ps1 b/test/Entra/Users/Get-EntraUserAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..5efb3ede3f --- /dev/null +++ b/test/Entra/Users/Get-EntraUserAppRoleAssignment.Tests.ps1 @@ -0,0 +1,134 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + AppRoleId = "00000000-0000-0000-0000-000000000000" + CreatedDateTime = "29-02-2024 05:53:00" + DeletedDateTime = "" + PrincipalDisplayName = "demo" + PrincipalId = "aaaaaaaa-bbbb-cccc-1111-222222222222" + PrincipalType = "Group" + ResourceDisplayName = "M365 License Manager" + ResourceId = "bbbbbbbb-cccc-dddd-2222-333333333333" + AdditionalProperties = @{} + Parameters = $args + } + ) + + } + + Mock -CommandName Get-MgUserAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserAppRoleAssignment" { + Context "Test for Get-EntraUserAppRoleAssignment" { + It "Should return specific User" { + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.AppRoleId | Should -Be "00000000-0000-0000-0000-000000000000" + $result.CreatedDateTime | Should -Be "29-02-2024 05:53:00" + $result.DeletedDateTime | Should -Be "" + $result.PrincipalDisplayName | Should -Be "demo" + $result.PrincipalId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalType | Should -Be "Group" + $result.ResourceDisplayName | Should -Be "M365 License Manager" + $result.ResourceId | Should -Be "bbbbbbbb-cccc-dddd-2222-333333333333" + + Should -Invoke -CommandName Get-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when ObjectId is empty string value" { + { Get-EntraUserAppRoleAssignment -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when ObjectId is empty" { + { Get-EntraUserAppRoleAssignment -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'. Specify a parameter of type 'System.String' and try again." + } + + + It "Should return all contact" { + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top user" { + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top HH } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should contain UserId in parameters when passed ObjectId to it" { + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserAppRoleAssignment" + + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserAppRoleAssignment" + + Should -Invoke -CommandName Get-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + + It "Property parameter should work" { + $result = Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property PrincipalDisplayName + $result | Should -Not -BeNullOrEmpty + $result.PrincipalDisplayName | Should -Be "demo" + + Should -Invoke -CommandName Get-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Get-EntraUserCreatedObject.Tests.ps1 b/test/Entra/Users/Get-EntraUserCreatedObject.Tests.ps1 new file mode 100644 index 0000000000..8ac5a81dd0 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserCreatedObject.Tests.ps1 @@ -0,0 +1,154 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + '@odata.type' = '#microsoft.graph.servicePrincipal' + accountEnabled = $true + alternativeNames = @{} + appDisplayName = "Microsoft Graph Command Line Tools" + appId = "44445555-eeee-6666-ffff-7777aaaa8888" + appOwnerOrganizationId = "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" + appRoleAssignmentRequired = $false + createdDateTime = "2023-07-12T10:09:17Z" + displayName = "Microsoft Graph Command Line Tools" + homepage = "https://docs.microsoft.com/en-us/graph/powershell/get-started" + notificationEmailAddresses = @{} + replyUrls = @("https://login.microsoftonline.com/common/oauth2/nativeclient", "http://localhost", "ms-appx-web://microsoft.aad.brokerplugin/14d82eec-204b-4c2f-b7e8-296a70dab67e") + servicePrincipalNames = @("11112222-bbbb-3333-cccc-4444dddd5555") + servicePrincipalType = "Application" + signInAudience = "AzureADandPersonalMicrosoftAccount" + tags = @("WindowsAzureActiveDirectoryIntegratedApp") + addIns = @{} + appRoles = @{} + info = @{ + 'logoUrl' = 'https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/appbranding/ougaobwb9usxq2odcg5mrmppjemia-kwnvjaepk6x3k/1033/bannerlogo?ts=637363922849342280' + 'privacyStatementUrl' = 'https://privacy.microsoft.com/en-us/privacystatement' + 'termsOfServiceUrl' = 'https://docs.microsoft.com/en-us/legal/microsoft-apis/terms-of-use?context=graph/context' + } + oauth2PermissionScopes = @{} + resourceSpecificApplicationPermissions = @{} + verifiedPublisher = @{} + keyCredentials = @{} + passwordCredentials = @{} + DeletedDateTime = "" + AdditionalProperties = @{ + "test" = "joel" + } + Parameters = $args + } + ) + + } + + Mock -CommandName Get-MgUserCreatedObject -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserCreatedObject" { + Context "Test for Get-EntraUserCreatedObject" { + It "Should return specific User" { + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific User with alias" { + $result = Get-EntraUserCreatedObject -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Get-EntraUserCreatedObject -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraUserCreatedObject -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should return all contact" { + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top user" { + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top HH } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserCreatedObject" + + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserCreatedObject" + + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property appDisplayName + $result | Should -Not -BeNullOrEmpty + $result.appDisplayName | Should -Be "Microsoft Graph Command Line Tools" + + Should -Invoke -CommandName Get-MgUserCreatedObject -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserCreatedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Get-EntraUserDirectReport.Tests.ps1 b/test/Entra/Users/Get-EntraUserDirectReport.Tests.ps1 new file mode 100644 index 0000000000..3ab3292900 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserDirectReport.Tests.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + value = @( + @{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "DisplayName" = "Mock-User" + "OnPremisesImmutableId" = $null + "DeletedDateTime" = $null + "OnPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "OnPremisesProvisioningErrors" = @{} + "MobilePhone" = "425-555-0100" + "BusinessPhones" = @("425-555-0100") + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "Parameters" = $args + } + ) + } + } + + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + + + +Describe "Get-EntraUserDirectReport" { + Context "Test for Get-EntraUserDirectReport" { + It "Should return specific user direct report" { + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should return specific user direct report with alias" { + $result = Get-EntraUserDirectReport -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Get-EntraUserDirectReport -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + { Get-EntraUserDirectReport -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" + } + It "Should return all user direct reports" { + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 user direct report" { + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when top is empty" { + { Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when top is invalid" { + { Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock-User" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Result should contain Properties" { + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DeletionTimestamp | Should -Be $null + $result.DirSyncEnabled | Should -Be $null + $result.ImmutableId | Should -Be $null + $result.LastDirSyncTime | Should -Be $null + $result.Mobile | Should -Be "425-555-0100" + $result.ProvisioningErrors | Should -BeNullOrEmpty + $result.TelephoneNumber | Should -Be "425-555-0100" + $result.UserState | Should -Be $null + $result.UserStateChangedOn | Should -Be $null + + } + It "Should contain UserId in parameters when passed UserId to it" { + + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $para= $params | ConvertTo-json | ConvertFrom-Json + $para.URI | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserDirectReport" + $result = Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserDirectReport" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserDirectReport -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } + +} + diff --git a/test/Entra/Users/Get-EntraUserExtension.Tests.ps1 b/test/Entra/Users/Get-EntraUserExtension.Tests.ps1 new file mode 100644 index 0000000000..ec4c17dae0 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserExtension.Tests.ps1 @@ -0,0 +1,82 @@ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + "employeeId" = $null + "createdDateTime" = $null + "onPremisesDistinguishedName" = $null + "identities" = @("testuser@contoso.com") + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} +Describe "Get-EntraUserExtension" { + Context "Test for Get-EntraUserExtension" { + It "Should return user extensions" { + $result = Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserExtension" + $result = Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when UserId is empty string value" { + { Get-EntraUserExtension -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraUserExtension -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Property parameter should work" { + $result = Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Get-EntraUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserLicenseDetail.Tests.ps1 b/test/Entra/Users/Get-EntraUserLicenseDetail.Tests.ps1 new file mode 100644 index 0000000000..e0c9481cef --- /dev/null +++ b/test/Entra/Users/Get-EntraUserLicenseDetail.Tests.ps1 @@ -0,0 +1,104 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraUserLicenseDetail with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + Id = "X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8" + ServicePlans = @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + SkuId = "00001111-aaaa-2222-bbbb-3333cccc4444" + SkuPartNumber = "ENTERPRISEPREMIUM" + AdditionalProperties = @{} + parameters = $args + } + ) + + } + + Mock -CommandName Get-MgUserLicenseDetail -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserLicenseDetail" { + Context "Test for Get-EntraUserLicenseDetail" { + It "Should return specific User" { + $result = Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8" + $result.ServicePlans | Should -Be @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + $result.SkuId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.SkuPartNumber | Should -Be "ENTERPRISEPREMIUM" + $result.AdditionalProperties | Should -BeOfType [System.Collections.Hashtable] + + should -Invoke -CommandName Get-MgUserLicenseDetail -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should return specific User with alias" { + $result = Get-EntraUserLicenseDetail -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8" + $result.ServicePlans | Should -Be @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + $result.SkuId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.SkuPartNumber | Should -Be "ENTERPRISEPREMIUM" + $result.AdditionalProperties | Should -BeOfType [System.Collections.Hashtable] + + should -Invoke -CommandName Get-MgUserLicenseDetail -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Get-EntraUserLicenseDetail -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraUserLicenseDetail -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'X8Wu1RItQkSNL8zKldQ5DmAn38eBLPdOtXhbU5K1cd8' + + Should -Invoke -CommandName Get-MgUserLicenseDetail -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserLicenseDetail" + + $result = Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserLicenseDetail" + + Should -Invoke -CommandName Get-MgUserLicenseDetail -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserManager.Tests.ps1 b/test/Entra/Users/Get-EntraUserManager.Tests.ps1 new file mode 100644 index 0000000000..db66707353 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserManager.Tests.ps1 @@ -0,0 +1,131 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraUserManager with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + Id = '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + ageGroup = $null + onPremisesLastSyncDateTime = $null + creationType = $null + imAddresses = @("test@contoso.com") + preferredLanguage = $null + mail = "test@contoso.com" + securityIdentifier = "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + identities = @( + @{ + signInType = "userPrincipalName" + issuer = "contoso.com" + issuerAssignedId = "test@contoso.com" + } + ) + Parameters = $args + } + ) + + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserManager" { + Context "Test for Get-EntraUserManager" { + It "Should return specific User" { + $result = Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.ageGroup | Should -BeNullOrEmpty + $result.onPremisesLastSyncDateTime | Should -BeNullOrEmpty + $result.creationType | Should -BeNullOrEmpty + $result.imAddresses | Should -Be @("test@contoso.com") + $result.preferredLanguage | Should -BeNullOrEmpty + $result.mail | Should -Be "test@contoso.com" + $result.securityIdentifier | Should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result.identities | Should -HaveCount 1 + $result.identities[0].signInType | Should -Be "userPrincipalName" + $result.identities[0].issuer | Should -Be "contoso.com" + $result.identities[0].issuerAssignedId | Should -Be "test@contoso.com" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific User wit alias" { + $result = Get-EntraUserManager -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.ageGroup | Should -BeNullOrEmpty + $result.onPremisesLastSyncDateTime | Should -BeNullOrEmpty + $result.creationType | Should -BeNullOrEmpty + $result.imAddresses | Should -Be @("test@contoso.com") + $result.preferredLanguage | Should -BeNullOrEmpty + $result.mail | Should -Be "test@contoso.com" + $result.securityIdentifier | Should -Be "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + $result.identities | Should -HaveCount 1 + $result.identities[0].signInType | Should -Be "userPrincipalName" + $result.identities[0].issuer | Should -Be "contoso.com" + $result.identities[0].issuerAssignedId | Should -Be "test@contoso.com" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Get-EntraUserManager -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraUserManager -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.Uri | Should -Match "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserManager" + + $result = Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserManager" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserManager -UserId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserMembership.Tests.ps1 b/test/Entra/Users/Get-EntraUserMembership.Tests.ps1 new file mode 100644 index 0000000000..b335f89709 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserMembership.Tests.ps1 @@ -0,0 +1,129 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DeletedDateTime" = "" + "Id" = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + "AdditionalProperties" = @{ + '@odata.type' = '#microsoft.graph.administrativeUnit' + 'displayName' = "NEW2" + 'description' = "TEST221" + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgUserMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserMembership" { + Context "Test for Get-EntraUserMembership" { + It "Should return specific user membership" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific user membership with alias" { + $result = Get-EntraUserMembership -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty" { + { Get-EntraUserMembership -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + + It "Should fail when UserId is invalid" { + { Get-EntraUserMembership -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should return all user membership" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top user membership" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 5 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Property parameter should work" { + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserMembership" + + $result = Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserMembership" + + Should -Invoke -CommandName Get-MgUserMemberOf -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserMembership -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 b/test/Entra/Users/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..0ba340eacb --- /dev/null +++ b/test/Entra/Users/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 @@ -0,0 +1,135 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "ClientId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "ConsentType" = "Principal" + "Id" = "Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2" + "PrincipalId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "ResourceId" = "bbbbbbbb-cccc-dddd-2222-333333333333" + "Scope" = "User.Read openid profile offline_access" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgUserOAuth2PermissionGrant -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserOAuth2PermissionGrant" { + Context "Test for Get-EntraUserOAuth2PermissionGrant" { + It "Should return specific UserOAuth2PermissionGrant" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | should -Contain 'aaaaaaaa-bbbb-cccc-1111-222222222222' + $result.Id | Should -Contain 'Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2' + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific UserOAuth2PermissionGrant with alias" { + $result = Get-EntraUserOAuth2PermissionGrant -ObjectId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + $result.PrincipalId | should -Contain 'aaaaaaaa-bbbb-cccc-1111-222222222222' + $result.Id | Should -Contain 'Aa1Bb2Cc3.-Dd4Ee5Ff6Gg7Hh8Ii9_~Jj0Kk1Ll2' + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty" { + { Get-EntraUserOAuth2PermissionGrant -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + + It "Should fail when UserId is invalid" { + { Get-EntraUserOAuth2PermissionGrant -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should return all User OAuth2Permission Grant" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top User OAuth2Permission Grant" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain PrincipalId" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalId | should -Contain "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + } + + + It "Property parameter should work" { + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property ConsentType + $result | Should -Not -BeNullOrEmpty + $result.ConsentType | Should -Be "Principal" + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOAuth2PermissionGrant" + + $result = Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOAuth2PermissionGrant" + + Should -Invoke -CommandName Get-MgUserOAuth2PermissionGrant -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserOAuth2PermissionGrant -UserId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Get-EntraUserOwnedDevice.Tests.ps1 b/test/Entra/Users/Get-EntraUserOwnedDevice.Tests.ps1 new file mode 100644 index 0000000000..8b0bd96449 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserOwnedDevice.Tests.ps1 @@ -0,0 +1,144 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.device" + "accountEnabled" = $true + "createdDateTime" = "2024-01-18T08:50:28Z" + "deviceId" = "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + "deviceMetadata" = "MetaData" + "deviceVersion" = "2" + "displayName" = "Sawyer Miller" + "isCompliant" = $false + "isManaged" = $true + "operatingSystem" = "WINDOWS" + "operatingSystemVersion" = "10.0.22621.1700" + "physicalIds" = @( + "[HWID]:h:6825786449406074" + "[USER-HWID]:7f08336b-29ed-4297-bb1f-60520d34577f:6825786449406074" + "[GID]:g:6966518641169130" + ) + "systemLabels" = @{} + "extensionAttributes" = $null + "alternativeSecurityIds" = @( + @{ + "type" = 2 + "key" = "dGVzdA==" + } + ) + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgUserOwnedDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserOwnedDevice" { +Context "Test for Get-EntraUserOwnedDevice" { + It "Should get devices owned by a user" { + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + $result.AdditionalProperties.displayName | Should -Be "Sawyer Miller" + + Should -Invoke -CommandName Get-MgUserOwnedDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should get devices owned by a user with alias" { + $result = Get-EntraUserOwnedDevice -ObjectId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + $result.AdditionalProperties.displayName | Should -Be "Sawyer Miller" + + Should -Invoke -CommandName Get-MgUserOwnedDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Property DisplayName + $result.Id | Should -Be 'aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb' + } + + It "Should fail when ObjectlId is empty" { + { Get-EntraUserOwnedDevice -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + + It "Should fail when ObjectlId is invalid" { + { Get-EntraUserOwnedDevice -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should get all devices owned by a user" { + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Contain "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + + Should -Invoke -CommandName Get-MgUserOwnedDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraGroup -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should get top one device owned by a user" { + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-3333-4444-5555-bbbbbbbbbbbb" + $result.AdditionalProperties.displayName | Should -Be "Sawyer Miller" + + Should -Invoke -CommandName Get-MgUserOwnedDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Top is empty" { + { Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is invalid" { + { Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top "XCX" } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOwnedDevice" + $result = Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOwnedDevice" + Should -Invoke -CommandName Get-MgUserOwnedDevice -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserOwnedDevice -UserId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Get-EntraUserOwnedObject.Tests.ps1 b/test/Entra/Users/Get-EntraUserOwnedObject.Tests.ps1 new file mode 100644 index 0000000000..34fba69210 --- /dev/null +++ b/test/Entra/Users/Get-EntraUserOwnedObject.Tests.ps1 @@ -0,0 +1,142 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraUserOwnedObject with parameters: $($args | ConvertTo-Json -Depth 3)" + + return @{ + value = @( + @{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + applicationTemplateId = "00001111-aaaa-2222-bbbb-3333cccc4444" + appId = "11112222-bbbb-3333-cccc-4444dddd5555" + displayName = "ToGraph_443DEM" + signInAudience = "AzureADMyOrg" + publisherDomain = "contoso.com" + Parameters = $args + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserOwnedObject" { + Context "Test for Get-EntraUserOwnedObject" { + It "Should return specific User" { + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.applicationTemplateId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.appId | Should -Be "11112222-bbbb-3333-cccc-4444dddd5555" + $result.signInAudience | Should -Be "AzureADMyOrg" + $result.publisherDomain | Should -Be "contoso.com" + $result.DisplayName | Should -Be "ToGraph_443DEM" + + + should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should return specific User with alias" { + $result = Get-EntraUserOwnedObject -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.applicationTemplateId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.appId | Should -Be "11112222-bbbb-3333-cccc-4444dddd5555" + $result.signInAudience | Should -Be "AzureADMyOrg" + $result.publisherDomain | Should -Be "contoso.com" + $result.DisplayName | Should -Be "ToGraph_443DEM" + + + should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserId is empty string value" { + { Get-EntraUserOwnedObject -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraUserOwnedObject -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should return top user" { + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return all contact" { + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.Uri | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOwnedObject" + + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserOwnedObject" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property displayName + $result | Should -Not -BeNullOrEmpty + $result.displayName | Should -Be "ToGraph_443DEM" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserOwnedObject -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Get-EntraUserRegisteredDevice.Tests.ps1 b/test/Entra/Users/Get-EntraUserRegisteredDevice.Tests.ps1 new file mode 100644 index 0000000000..490659d36a --- /dev/null +++ b/test/Entra/Users/Get-EntraUserRegisteredDevice.Tests.ps1 @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.device" + "accountEnabled" = $true + "deviceId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "displayName" = "Mock-App" + "isCompliant" = $false + "isManaged" = $true + "operatingSystem" = "WINDOWS" + "operatingSystemVersion" = "10.0.22621.1700" + "systemLabels" = @{} + "extensionAttributes" = $null + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgUserRegisteredDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Get-EntraUserRegisteredDevice" { +Context "Test for Get-EntraUserRegisteredDevice" { + It "Should return specific user registered device" { + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + $result.AdditionalProperties.deviceId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should return specific user registered device with alias" { + $result = Get-EntraUserRegisteredDevice -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + $result.AdditionalProperties.deviceId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when ObjectlId is empty" { + { Get-EntraUserRegisteredDevice -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when ObjectlId is invalid" { + { Get-EntraUserRegisteredDevice -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should return All user registered devices" { + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + $result.AdditionalProperties.deviceId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 user registered device" { + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "ffffffff-5555-6666-7777-aaaaaaaaaaaa" + $result.AdditionalProperties.deviceId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserRegisteredDevice" + $result = Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraUserRegisteredDevice" + Should -Invoke -CommandName Get-MgUserRegisteredDevice -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraUserRegisteredDevice -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + + diff --git a/test/Entra/Users/Invalid.Tests.ps1 b/test/Entra/Users/Invalid.Tests.ps1 new file mode 100644 index 0000000000..0fd0ae696b --- /dev/null +++ b/test/Entra/Users/Invalid.Tests.ps1 @@ -0,0 +1,105 @@ +if($null -eq (Get-Module -Name Microsoft.Entra.Users)){ + Import-Module Microsoft.Entra.Users +} + +Describe "Invalid Tests"{ + It "Should fail when parameters are invalid"{ + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object{ + $command = Get-Command $_ + { Invoke-Command $command -demo "" } | Should -Throw "A parameter cannot be found that matches parameter name 'demo'." + } + } + It "Should fail with 'TenantId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'TenantId'){ + $commandScriptBlock = [scriptblock]::Create("$command -TenantId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'TenantId'.*" + } + } + } + It "Should fail with 'Id' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Id'){ + $commandScriptBlock = [scriptblock]::Create("$command -Id $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + } + } + It "Should fail with 'ObjectId' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'ObjectId'){ + $commandScriptBlock = [scriptblock]::Create("$command -ObjectId $objectId") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'ObjectId'.*" + } + } + } + It "Should fail with 'All' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'All'){ + $commandScriptBlock = [scriptblock]::Create("$command -All `$True") + if('Find-EntraPermission' -eq $command){ + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'*" + } + else { + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + } + } + } + It "Should fail with 'Top' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Top'){ + $commandScriptBlock = [scriptblock]::Create("$command -Top ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Top'*" + } + } + } + It "Should fail with 'Filter' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'Filter'){ + $commandScriptBlock = [scriptblock]::Create("$command -Filter ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + } + } + It "Should fail with 'SearchString' parameter" { + $module = Get-Module -Name Microsoft.Entra.Users + $module.ExportedCommands.Keys | ForEach-Object { + $command = Get-Command $_ + if ($command.ParameterSets.Parameters.Name -contains 'SearchString'){ + $commandScriptBlock = [scriptblock]::Create("$command -SearchString ") + { Invoke-Command -ScriptBlock $commandScriptBlock } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + } + } + It "Should fail with exception when no parameter is passed" { + $cmdlets = @( + @{ CmdletName = 'Enable-EntraDirectoryRole'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + @{ CmdletName = 'New-EntraConditionalAccessPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraNamedLocationPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" }, + @{ CmdletName = 'New-EntraPermissionGrantPolicy'; Exception = "Authentication needed. Please call Connect-MgGraph.*" } + ) + $cmdlets | ForEach-Object { + $commandName = $_.CmdletName + $Exception = $_.Exception + $commandScriptBlock = [scriptblock]::Create("$commandName -ErrorAction Stop") + try { + Invoke-Command -ScriptBlock $commandScriptBlock + } + catch { $_ -match $Exception | Should -BeTrue } + } + } +} \ No newline at end of file diff --git a/test/Entra/Users/Module.Tests.ps1 b/test/Entra/Users/Module.Tests.ps1 new file mode 100644 index 0000000000..f489e7aa1f --- /dev/null +++ b/test/Entra/Users/Module.Tests.ps1 @@ -0,0 +1,52 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +Describe "Microsoft.Entra.Users Module" { + Context "On module import" { + BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + } + + It "Should have exported commands" { + $PSModuleInfo = Get-Module Microsoft.Entra.Users + $PSModuleInfo | Should -Not -BeNullOrEmpty + $PSModuleInfo.ExportedFunctions.Count | Should -Not -Be 0 + + } + + It 'Should be compatible with PS core and desktop' { + $PSModuleInfo = Get-Module Microsoft.Entra.Users + $PSModuleInfo.CompatiblePSEditions | Should -BeIn @("Core", "Desktop") + } + + It 'Should point to script module' { + $PSModuleInfo = Get-Module Microsoft.Entra.Users + $PSModuleInfo.RootModule | Should -BeLikeExactly "*Microsoft.Entra.Users.psm1" + } + + It 'Should lock GUID' { + $PSModuleInfo = Get-Module Microsoft.Entra.Users + $PSModuleInfo.Guid | Should -Be "742dccd1-bf4b-46a0-a3f2-14e0bb508233" + } + + It "Module import should not write to error and information streams" { + $ps = [powershell]::Create() + $ps.AddScript("Import-Module Microsoft.Entra.Users -ErrorAction SilentlyContinue").Invoke() + "Checking Information stream" | Out-Host + $ps.Streams.Information.Count | Should -Be 0 + "Checking Error stream" | Out-Host + $ps.Streams.Error.Count | Should -Be 0 + "Checking Verbose stream" | Out-Host + $ps.Streams.Verbose.Count | Should -Be 0 + "Checking Debug stream" | Out-Host + $ps.Streams.Warning.Count | Should -Be 0 + "Checking Progress stream" | Out-Host + $ps.Streams.Progress.Count | Should -Be 0 + + $ps.Dispose() + } + } +} diff --git a/test/Entra/Users/New-EntraUser.Tests.ps1 b/test/Entra/Users/New-EntraUser.Tests.ps1 new file mode 100644 index 0000000000..ca51989aa0 --- /dev/null +++ b/test/Entra/Users/New-EntraUser.Tests.ps1 @@ -0,0 +1,229 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + + #Write-Host "Mocking New-EntraUser with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + DisplayName = "demo004" + Id = "sdjfksd-2343-n21kj" + UserPrincipalName = "SawyerM@contoso.com" + AccountEnabled = "True" + MailNickname = "demoUser" + AgeGroup = "adult" + Parameters = $args + City = "New York" + ExternalUserStateChangeDateTime = "2024-05-02" + CompanyName = "ABC Inc" + PreferredLanguage = "English" + FacsimileTelephoneNumber = "123456789" + GivenName = "John" + mobilePhone = "987654321" + UsageLocation = "US" + PostalCode = "10001" + CreationType = "Manual" + ConsentProvidedForMinor = "Yes" + onPremisesImmutableId = "1234567890" + Country = "USA" + Department = "IT" + PasswordPolicies = "Default" + JobTitle = "Engineer" + IsCompromised = $false + ExternalUserState = "Active" + UserType = "Member" + OtherMails = @("alternate@email.com") + PhysicalDeliveryOfficeName = "Office A" + State = "NY" + StreetAddress = "123 Main St" + BusinessPhones = "987654321" + Surname = "Doe" + ShowInAddressList = $true + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "New-EntraUser" { + Context "Test for New-EntraUser" { + + It "Should return created User" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + $result = New-EntraUser ` + -DisplayName "demo004" ` + -PasswordProfile $PasswordProfile ` + -UserPrincipalName "SawyerM@contoso.com" ` + -AccountEnabled $true ` + -MailNickName "demoUser" ` + -AgeGroup "adult" ` + -City "New York" ` + -UserStateChangedOn "2024-05-02" ` + -CompanyName "ABC Inc" ` + -PreferredLanguage "English" ` + -FacsimileTelephoneNumber "123456789" ` + -GivenName "John" ` + -Mobile "987654321" ` + -UsageLocation "US" ` + -PostalCode "10001" ` + -CreationType "Manual" ` + -ConsentProvidedForMinor "Yes" ` + -ImmutableId "1234567890" ` + -Country "USA" ` + -Department "IT" ` + -PasswordPolicies "Default" ` + -JobTitle "Engineer" ` + -IsCompromised $false ` + -UserState "Active" ` + -UserType "Member" ` + -OtherMails @("alternate@email.com") ` + -PhysicalDeliveryOfficeName "Office A" ` + -State "NY" ` + -StreetAddress "123 Main St" ` + -TelephoneNumber "987654321" ` + -Surname "Doe" ` + -ShowInAddressList $true + + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "demo004" + $result.AccountEnabled | Should -Be $true + $result.UserPrincipalName | Should -Be "SawyerM@contoso.com" + $result.MailNickName | Should -Be "demoUser" + $result.AgeGroup | Should -Be "adult" + $result.City | Should -Be "New York" + $result.UserStateChangedOn | Should -Be "2024-05-02" + $result.CompanyName | Should -Be "ABC Inc" + $result.PreferredLanguage | Should -Be "English" + $result.FacsimileTelephoneNumber | Should -Be "123456789" + $result.GivenName | Should -Be "John" + $result.Mobile | Should -Be "987654321" + $result.UsageLocation | Should -Be "US" + $result.PostalCode | Should -Be "10001" + $result.CreationType | Should -Be "Manual" + $result.ConsentProvidedForMinor | Should -Be "Yes" + $result.ImmutableId | Should -Be "1234567890" + $result.Country | Should -Be "USA" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when parameters are empty" { + { New-EntraUser -DisplayName "" -AgeGroup "" -AccountEnabled -MailNickName "" -UserPrincipalName "" } | Should -Throw "Missing an argument for parameter*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraUser" + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + $result = New-EntraUser -DisplayName "demo002" -PasswordProfile $PasswordProfile -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraUser" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should contain MobilePhone in parameters when passed Mobile to it" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + $result = New-EntraUser -DisplayName "demo002" -PasswordProfile $PasswordProfile -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" -Mobile "1234567890" + $params = Get-Parameters -data $result.Parameters + ($params.Body | ConvertFrom-Json ).MobilePhone | Should -Be "1234567890" + } + + It "Should contain Identities in parameters when passed SignInNames to it" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + # Create SignInName objects + $signInName1 = [Microsoft.Open.AzureAD.Model.SignInName]::new() + $signInName1.Type = "emailAddress" + $signInName1.Value = "example1@example.com" + + $result = New-EntraUser -DisplayName "demo002" -PasswordProfile $PasswordProfile ` + -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true ` + -MailNickName "demo002NickName" -AgeGroup "adult" -SignInNames @($signInName1) + + $params = Get-Parameters -data $result.Parameters + + # Check the request body for Identities + $requestBody = $params.Body | ConvertFrom-Json + + # Assert that the Identities in the request body match the SignInName objects + $requestBody.Identities[0].Type | Should -Be "emailAddress" + $requestBody.Identities[0].Value | Should -Be "example1@example.com" + } + + It "Should contain ExternalUserState, OnPremisesImmutableId, ExternalUserStateChangeDateTime, BusinessPhones" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + # format like "yyyy-MM-dd HH:mm:ss" + $userStateChangedOn = [System.DateTime]::Parse("2015-12-08 15:15:19") + + + $result = New-EntraUser -DisplayName "demo002" -PasswordProfile $PasswordProfile ` + -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true ` + -MailNickName "demo002NickName" -AgeGroup "adult" ` + -UserState "PendingAcceptance" ` + -UserStateChangedOn $userStateChangedOn ` + -ImmutableId "djkjsajsa-e32j2-2i32" ` + -TelephoneNumber "1234567890" + + $params = Get-Parameters -data $result.Parameters + + $requestBody = $params.Body | ConvertFrom-Json + + $requestBody.BusinessPhones[0] | Should -Be "1234567890" + + $requestBody.ExternalUserState | Should -Be "PendingAcceptance" + + $requestBody.OnPremisesImmutableId | Should -Be "djkjsajsa-e32j2-2i32" + + $requestBody.ExternalUserStateChangeDateTime | Should -Be $userStateChangedOn + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + # format like "yyyy-MM-dd HH:mm:ss" + $userStateChangedOn = [System.DateTime]::Parse("2015-12-08 15:15:19") + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraUser -DisplayName "demo002" -PasswordProfile $PasswordProfile ` + -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true ` + -MailNickName "demo002NickName" -AgeGroup "adult" ` + -UserState "PendingAcceptance" ` + -UserStateChangedOn $userStateChangedOn ` + -ImmutableId "djkjsajsa-e32j2-2i32" ` + -TelephoneNumber "1234567890" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/New-EntraUserAppRoleAssignment.Tests.ps1 b/test/Entra/Users/New-EntraUserAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..aa65d255de --- /dev/null +++ b/test/Entra/Users/New-EntraUserAppRoleAssignment.Tests.ps1 @@ -0,0 +1,118 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + #Write-Host "Mocking New-EntraUserAppRoleAssignment with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + AppRoleId = "44445555-eeee-6666-ffff-7777aaaa8888" + CreatedDateTime = "08-05-2024 11:26:59" + DeletedDateTime = $null + PrincipalDisplayName = "Test One Updated" + PrincipalId = "aaaaaaaa-bbbb-cccc-1111-222222222222" + PrincipalType = "User" + ResourceDisplayName = "Box" + ResourceId = "bbbbbbbb-cccc-dddd-2222-333333333333" + AdditionalProperties = @( + @{ + Name = "@odata.context" + Value = "https://graph.microsoft.com/v1.0/$metadata#users('aaaa0000-bb11-2222-33cc-444444dddddd')/appRoleAssignments/$entity" + } + ) + } + ) + } + + Mock -CommandName New-MgUserAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "New-EntraUserAppRoleAssignment" { + Context "Test for New-EntraUserAppRoleAssignment" { + It "Should return created Group" { + $expectedResult = @{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + AppRoleId = "44445555-eeee-6666-ffff-7777aaaa8888" + CreatedDateTime = "08-05-2024 11:26:59" + DeletedDateTime = $null + PrincipalDisplayName = "Test One Updated" + PrincipalId = "aaaaaaaa-bbbb-cccc-1111-222222222222" + PrincipalType = "User" + ResourceDisplayName = "Box" + ResourceId = "bbbbbbbb-cccc-dddd-2222-333333333333" + AdditionalProperties = @( + @{ + Name = "@odata.context" + Value = "https://graph.microsoft.com/v1.0/$metadata#users('aaaa0000-bb11-2222-33cc-444444dddddd')/appRoleAssignments/$entity" + } + ) + } + + $result = New-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -PrincipalId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -ResourceId 'bbbbbbbb-cccc-dddd-2222-333333333333' -Id '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be $expectedResult.Id + $result.AppRoleId | Should -Be $expectedResult.AppRoleId + $result.CreatedDateTime | Should -Be $expectedResult.CreatedDateTime + $result.DeletedDateTime | Should -Be $expectedResult.DeletedDateTime + $result.PrincipalDisplayName | Should -Be $expectedResult.PrincipalDisplayName + $result.PrincipalId | Should -Be $expectedResult.PrincipalId + $result.PrincipalType | Should -Be $expectedResult.PrincipalType + $result.ResourceDisplayName | Should -Be $expectedResult.ResourceDisplayName + $result.ResourceId | Should -Be $expectedResult.ResourceId + + Should -Invoke -CommandName New-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when parameters are empty" { + { New-EntraUserAppRoleAssignment -ObjectId -PrincipalId } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when parameters are Invalid values" { + { New-EntraUserAppRoleAssignment -ObjectId "" -PrincipalId "" } | Should -Throw "Cannot bind argument to parameter*" + } + + It "Should contain UserId in parameters" { + Mock -CommandName New-MgUserAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Users + + $result = New-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -PrincipalId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -ResourceId 'bbbbbbbb-cccc-dddd-2222-333333333333' -Id '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $params = Get-Parameters -data $result + + $params.UserId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraUserAppRoleAssignment" + + $result = New-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -PrincipalId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -ResourceId 'bbbbbbbb-cccc-dddd-2222-333333333333' -Id '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraUserAppRoleAssignment" + + Should -Invoke -CommandName New-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraUserAppRoleAssignment -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -PrincipalId 'aaaaaaaa-bbbb-cccc-1111-222222222222' -ResourceId 'bbbbbbbb-cccc-dddd-2222-333333333333' -Id '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Remove-EntraUser.Tests.ps1 b/test/Entra/Users/Remove-EntraUser.Tests.ps1 new file mode 100644 index 0000000000..6846fd0a12 --- /dev/null +++ b/test/Entra/Users/Remove-EntraUser.Tests.ps1 @@ -0,0 +1,67 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgUser -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Remove-EntraUser" { + Context "Test for Remove-EntraUser" { + It "Should return empty object" { + $result = Remove-EntraUser -UserId "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgUser -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraUser -ObjectId "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgUser -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserId is empty string" { + { Remove-EntraUser -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should fail when UserId is empty" { + { Remove-EntraUser -UserId } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain Id in parameters when passed UserId to it" { + Mock -CommandName Remove-MgUser -MockWith { $args } -ModuleName Microsoft.Entra.Users + + $result = Remove-EntraUser -UserId "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.userId | Should -Be "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUser" + + Remove-EntraUser -UserId "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUser" + + Should -Invoke -CommandName Remove-MgUser -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraUser -UserId "aaaaaaaa-2222-3333-4444-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Remove-EntraUserAppRoleAssignment.Tests.ps1 b/test/Entra/Users/Remove-EntraUserAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..5bea5a93e8 --- /dev/null +++ b/test/Entra/Users/Remove-EntraUserAppRoleAssignment.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgUserAppRoleAssignment -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Remove-EntraUserAppRoleAssignment" { + Context "Test for Remove-EntraUserAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when ObjectId is invalid" { + { Remove-EntraUserAppRoleAssignment -ObjectId "" AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when ObjectId is empty" { + { Remove-EntraUserAppRoleAssignment -ObjectId -AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb"} | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" AppRoleAssignmentId "" } | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter*" + } + + It "Should contain UserId in parameters" { + Mock -CommandName Remove-MgUserAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Users + + $result = Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" + $params = Get-Parameters -data $result + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUserAppRoleAssignment" + + + Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUserAppRoleAssignment" + + Should -Invoke -CommandName Remove-MgUserAppRoleAssignment -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraUserAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "33dd33dd-ee44-ff55-aa66-77bb77bb77bb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Remove-EntraUserManager.Tests.ps1 b/test/Entra/Users/Remove-EntraUserManager.Tests.ps1 new file mode 100644 index 0000000000..b2f01b6125 --- /dev/null +++ b/test/Entra/Users/Remove-EntraUserManager.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgUserManagerByRef -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Remove-EntraUserManager" { + Context "Test for Remove-EntraUserManager" { + It "Should return empty object" { + $result = Remove-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraUserManager -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserId is empty string" { + { Remove-EntraUserManager -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should fail when UserId is empty" { + { Remove-EntraUserManager -UserId } | Should -Throw "Missing an argument for parameter*" + } + It "Should contain UserId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgUserManagerByRef -MockWith { $args } -ModuleName Microsoft.Entra.Users + + $result = Remove-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.userId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUserManager" + + + Remove-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraUserManager" + + Should -Invoke -CommandName Remove-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Set-EntraUser.Tests.ps1 b/test/Entra/Users/Set-EntraUser.Tests.ps1 new file mode 100644 index 0000000000..e5c3159519 --- /dev/null +++ b/test/Entra/Users/Set-EntraUser.Tests.ps1 @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgUser -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Set-EntraUser" { + Context "Test for Set-EntraUser" { + It "Should return empty object" { + $result = Set-EntraUser -UserId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "demo002" -UserPrincipalName "demo001@M365x99297270.OnMicrosoft.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" -PostalCode "10001" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty" { + { Set-EntraUser -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is no value" { + { Set-EntraUser -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + + It "Should contain userId in parameters when passed UserId to it" { + Mock -CommandName Update-MgUser -MockWith { $args } -ModuleName Microsoft.Entra.Users + $result = Set-EntraUser -UserId bbbbbbbb-1111-2222-3333-cccccccccccc -Mobile "1234567890" + $params = Get-Parameters -data $result + $params.userId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params.MobilePhone | Should -Be "1234567890" + + } + + It "Should contain MobilePhone in parameters when passed Mobile to it" { + Mock -CommandName Update-MgUser -MockWith { $args } -ModuleName Microsoft.Entra.Users + $result = Set-EntraUser -UserId bbbbbbbb-1111-2222-3333-cccccccccccc -Mobile "1234567890" + $params = Get-Parameters -data $result + $params.MobilePhone | Should -Be "1234567890" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUser" + + Set-EntraUser -UserId bbbbbbbb-1111-2222-3333-cccccccccccc -Mobile "1234567890" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUser" + + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUser -UserId bbbbbbbb-1111-2222-3333-cccccccccccc -Mobile "1234567890" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should contain ExternalUserState, OnPremisesImmutableId, ExternalUserStateChangeDateTime, BusinessPhones" { + Mock -CommandName Update-MgUser -MockWith { $args } -ModuleName Microsoft.Entra.Users + + # format like "yyyy-MM-dd HH:mm:ss" + $userStateChangedOn = [System.DateTime]::Parse("2015-12-08 15:15:19") + + $result = Set-EntraUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" ` + -UserState "PendingAcceptance" ` + -UserStateChangedOn $userStateChangedOn ` + -ImmutableId "djkjsajsa-e32j2-2i32" ` + -TelephoneNumber "1234567890" + + $params = Get-Parameters -data $result + + $params.BusinessPhones[0] | Should -Be "1234567890" + + $params.ExternalUserState | Should -Be "PendingAcceptance" + + $params.OnPremisesImmutableId | Should -Be "djkjsajsa-e32j2-2i32" + + $params.ExternalUserStateChangeDateTime | Should -Be $userStateChangedOn + + } + } + +} + diff --git a/test/Entra/Users/Set-EntraUserLicense.Tests.ps1 b/test/Entra/Users/Set-EntraUserLicense.Tests.ps1 new file mode 100644 index 0000000000..04ed6d4d1b --- /dev/null +++ b/test/Entra/Users/Set-EntraUserLicense.Tests.ps1 @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Set-EntraUserLicense with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + userPrincipalName = "test122@M365x99297270.OnMicrosoft.com" + preferredLanguage = "EN" + mobilePhone = "9984534564" + displayName = "SNEHALtest" + givenName = "test12" + mail = "test122@M365x99297270.OnMicrosoft.com" + '@odata.context' = "https://graph.microsoft.com/v1.0/$metadata#users/$entity" + id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + jobTitle = "testqa" + officeLocation = "test" + businessPhones = @("8976546787") + surname = "KTETSs" + Parameters = $args + } + ) + + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Users +} + +Describe "Set-EntraUserLicense" { + Context "Test for Set-EntraUserLicense" { + It "Should return specific User" { + $addLicensesArray = [PSCustomObject]@{ + skuId = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + $Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses + $Licenses.AddLicenses =$addLicensesArray + $result = Set-EntraUserLicense -UserId 1139c016-f606-45f0-83f7-40eb2a552a6f -AssignedLicenses $Licenses + + $result | Should -Not -BeNullOrEmpty + $result.userPrincipalName | Should -Be "test122@M365x99297270.OnMicrosoft.com" + $result.preferredLanguage | Should -Be "EN" + $result.mobilePhone | Should -Be "9984534564" + $result.displayName | Should -Be "SNEHALtest" + $result.givenName | Should -Be "test12" + $result.mail | Should -Be "test122@M365x99297270.OnMicrosoft.com" + $result.'@odata.context' | Should -Be "https://graph.microsoft.com/v1.0/$metadata#users/$entity" + $result.id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.jobTitle | Should -Be "testqa" + $result.officeLocation | Should -Be "test" + $result.businessPhones | Should -Be @("8976546787") + $result.surname | Should -Be "KTETSs" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Set-EntraUserLicense -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Set-EntraUserLicense -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should fail when AssignedLicenses is empty" { + { Set-EntraUserLicense -UserId '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' -AssignedLicenses } | Should -Throw "Missing an argument for parameter 'AssignedLicenses'. Specify a parameter of type 'Microsoft.Open.AzureAD.Model.AssignedLicenses' and try again." + } + + It "Should contain UserId in parameters when passed UserId to it" { + $addLicensesArray = [PSCustomObject]@{ + skuId = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + $Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses + $Licenses.AddLicenses =$addLicensesArray + $result = Set-EntraUserLicense -UserId '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' -AssignedLicenses $Licenses + + $params = Get-Parameters -data $result.Parameters + $params.Uri | Should -Match "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserLicense" + $addLicensesArray = [PSCustomObject]@{ + skuId = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + $Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses + $Licenses.AddLicenses =$addLicensesArray + + Set-EntraUserLicense -UserId '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' -AssignedLicenses $Licenses + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserLicense" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $addLicensesArray = [PSCustomObject]@{ + skuId = "66aa66aa-bb77-cc88-dd99-00ee00ee00ee" + } + $Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses + $Licenses.AddLicenses =$addLicensesArray + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUserLicense -UserId '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' -AssignedLicenses $Licenses -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Set-EntraUserManager.Tests.ps1 b/test/Entra/Users/Set-EntraUserManager.Tests.ps1 new file mode 100644 index 0000000000..d211b3a77e --- /dev/null +++ b/test/Entra/Users/Set-EntraUserManager.Tests.ps1 @@ -0,0 +1,78 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Set-MgUserManagerByRef -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Set-EntraUserManager" { + Context "Test for Set-EntraUserManager" { + It "Should return specific User" { + $result = Set-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Set-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific User with alias" { + $result = Set-EntraUserManager -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Set-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Set-EntraUserManager -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Set-EntraUserManager -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should fail when RefObjectId is invalid" { + { Set-EntraUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" RefObjectId ""} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + Mock -CommandName Set-MgUserManagerByRef -MockWith { $args } -ModuleName Microsoft.Entra.Users + + $result = Set-EntraUserManager -UserId "00001111-aaaa-2222-bbbb-3333cccc4444" -RefObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.UserId | Should -Match "00001111-aaaa-2222-bbbb-3333cccc4444" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserManager" + + Set-EntraUserManager -UserId "00001111-aaaa-2222-bbbb-3333cccc4444" -RefObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserManager" + + Should -Invoke -CommandName Set-MgUserManagerByRef -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUserManager -UserId "00001111-aaaa-2222-bbbb-3333cccc4444" -RefObjectId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Set-EntraUserPassword.Tests.ps1 b/test/Entra/Users/Set-EntraUserPassword.Tests.ps1 new file mode 100644 index 0000000000..c0d216ac8f --- /dev/null +++ b/test/Entra/Users/Set-EntraUserPassword.Tests.ps1 @@ -0,0 +1,127 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgUser -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Set-EntraUserPassword" { + Context "Test for Set-EntraUserPassword" { + It "Should return empty object" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserId is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId -Password $secPassword } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId "" -Password $secPassword } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string*" + } + It "Should fail when Password is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password } | Should -Throw "Missing an argument for parameter 'Password'*" + } + It "Should fail when Password is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password "" } | Should -Throw "Cannot process argument transformation on parameter 'Password'*" + } + It "Should fail when ForceChangePasswordNextLogin is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin } | Should -Throw "Missing an argument for parameter 'ForceChangePasswordNextLogin'*" + } + It "Should fail when ForceChangePasswordNextLogin is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin xyz } | Should -Throw "Cannot process argument transformation on parameter 'ForceChangePasswordNextLogin'*" + } + It "Should fail when EnforceChangePasswordPolicy is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy } | Should -Throw "Missing an argument for parameter 'EnforceChangePasswordPolicy'*" + } + It "Should fail when EnforceChangePasswordPolicy is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy xyz } | Should -Throw "Cannot process argument transformation on parameter 'EnforceChangePasswordPolicy'*" + } + It "Should contain ForceChangePasswordNextSignIn in parameters when passed ForceChangePasswordNextLogin to it" { + Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Entra.Users + + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $params = Get-Parameters -data $result + $params.PasswordProfile.ForceChangePasswordNextSignIn | Should -Be $true + } + It "Should contain ForceChangePasswordNextSignInWithMfa in parameters when passed EnforceChangePasswordPolicy to it" { + Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Entra.Users + + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $params = Get-Parameters -data $result + $params.PasswordProfile.ForceChangePasswordNextSignInWithMfa | Should -Be $true + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/Entra/Users/Set-EntraUserThumbnailPhoto.Tests.ps1 b/test/Entra/Users/Set-EntraUserThumbnailPhoto.Tests.ps1 new file mode 100644 index 0000000000..db2832612e --- /dev/null +++ b/test/Entra/Users/Set-EntraUserThumbnailPhoto.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Users) -eq $null) { + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Set-MgUserPhotoContent -MockWith {} -ModuleName Microsoft.Entra.Users +} + +Describe "Set-EntraUserThumbnailPhoto" { + Context "Test for Set-EntraUserThumbnailPhoto" { + It "Should return specific User" { + $result = Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg' + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Set-MgUserPhotoContent -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should return specific User with alias" { + $result = Set-EntraUserThumbnailPhoto -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg' + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Set-MgUserPhotoContent -ModuleName Microsoft.Entra.Users -Times 1 + } + + It "Should fail when UserId is empty string value" { + { Set-EntraUserThumbnailPhoto -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Set-EntraUserThumbnailPhoto -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should fail when RefObjectId is invalid" { + { Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" RefObjectId ""} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + + It "Should contain UserId in parameters when passed ObjectId to it" { + Mock -CommandName Set-MgUserPhotoContent -MockWith { $args } -ModuleName Microsoft.Entra.Users + + $result = Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg' + $params = Get-Parameters -data $result + $params.UserId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain InFile in parameters" { + Mock -CommandName Set-MgUserPhotoContent -MockWith { $args } -ModuleName Microsoft.Entra.Users + + $result = Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg' + $params = Get-Parameters -data $result + $params.InFile | Should -Match "UserThumbnailPhoto.jpg" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserThumbnailPhoto" + + Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg' + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserThumbnailPhoto" + + Should -Invoke -CommandName Set-MgUserPhotoContent -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUserThumbnailPhoto -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -FilePath 'D:\UserThumbnailPhoto.jpg'-Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Update-EntraSignedInUserPassword.Tests.ps1 b/test/Entra/Users/Update-EntraSignedInUserPassword.Tests.ps1 new file mode 100644 index 0000000000..488c8ccb0f --- /dev/null +++ b/test/Entra/Users/Update-EntraSignedInUserPassword.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll{ + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Users + + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force +} +Describe "Tests for Update-EntraSignedInUserPassword"{ + Context "Test for Update-EntraSignedInUserPassword" { + It "should return empty object"{ + $result = Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when CurrentPassword is null" { + { Update-EntraSignedInUserPassword -CurrentPassword } | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" + } + It "Should fail when CurrentPassword is empty" { + { Update-EntraSignedInUserPassword -CurrentPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" + } + It "Should fail when NewPassword is null" { + { Update-EntraSignedInUserPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" + } + It "Should fail when NewPassword is empty" { + { Update-EntraSignedInUserPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" + + Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/Entra/Users/Update-EntraUserFromFederated.Tests.ps1 b/test/Entra/Users/Update-EntraUserFromFederated.Tests.ps1 new file mode 100644 index 0000000000..2cd6aa2a65 --- /dev/null +++ b/test/Entra/Users/Update-EntraUserFromFederated.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Users) -eq $null){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblockForAuthenticationMethod = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + $scriptblockForMgUser= { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + ) + } + + Mock -CommandName Get-MgUserAuthenticationMethod -MockWith $scriptblockForAuthenticationMethod -ModuleName Microsoft.Entra.Users + Mock -CommandName Get-MgUser -MockWith $scriptblockForMgUser -ModuleName Microsoft.Entra.Users + Mock -CommandName Reset-MgUserAuthenticationMethodPassword -MockWith {} -ModuleName Microsoft.Entra.Users +} + + Describe "Update-EntraUserFromFederated" { + Context "Test for Update-EntraUserFromFederated" { + It "Should sets identity synchronization features for a tenant." { + $result = Update-EntraUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Reset-MgUserAuthenticationMethodPassword -ModuleName Microsoft.Entra.Users -Times 1 + } + It "Should fail when UserPrincipalName is empty" { + {Update-EntraUserFromFederated -UserPrincipalName } | Should -Throw "Missing an argument for parameter 'UserPrincipalName'. Specify a parameter*" + } + It "Should fail when UserPrincipalName is invalid" { + {Update-EntraUserFromFederated -UserPrincipalName ""} | Should -Throw "Cannot bind argument to parameter 'UserPrincipalName' because it is an empty string*" + } + It "Should fail when NewPassword is empty" { + { Update-EntraUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'. Specify a parameter*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraUserFromFederated" + + Update-EntraUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraUserFromFederated" + + Should -Invoke -CommandName Reset-MgUserAuthenticationMethodPassword -ModuleName Microsoft.Entra.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Update-EntraUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/Entra/Users/Valid.Tests.ps1 b/test/Entra/Users/Valid.Tests.ps1 new file mode 100644 index 0000000000..56cdbe01cb --- /dev/null +++ b/test/Entra/Users/Valid.Tests.ps1 @@ -0,0 +1,109 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll{ + if($null -eq (Get-Module -Name Microsoft.Entra.Users)){ + Import-Module Microsoft.Entra.Users + } + Import-Module (Join-Path $psscriptroot "..\EntraCmdletsMap.ps1") -Force + + $module = Get-Module -Name Microsoft.Entra.Users +} + +Describe "Valid parameter Tests"{ + Context "Test for valid parameters"{ + It "Should return empty object with Id parameter"{ + Write-Host "--------Start mock remove cmdlets with Id parameter only--------" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | Select-Object -expand Name) + if(($params -eq 'Id') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'Id')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -Id 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Users + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Users + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Users -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "---------End mock remove cmdlets with Id parameter only---------" + } + It "Should return empty object with ObjectId param"{ + Write-Host "-----Start mock remove cmdlets with ObjectId parameter only-----" + $count=0 + $module.ExportedCommands.Keys | ForEach-Object{ + $commandName = $_ + $command = Get-Command $_ + if($command.Name.StartsWith('Remove')){ + $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + if(($params -eq 'ObjectId') -or ($params -is [array] -and $params.count -eq 1 -and $params -eq 'ObjectId')){ + $filter = $cmdlets | Where-Object { $_.SourceName -eq $command } + if($null -ne $filter){ + try { + Write-Host "$command" + $commandScriptBlock = [scriptblock]::Create("$commandName -ObjectId 056b2531-005e-4f3e-be78-01a71ea30a04") + if($filter.IsApi){ + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Users + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Users -Times 1 + } + else { + Mock -CommandName $filter.TargetName -MockWith {} -ModuleName Microsoft.Entra.Users + $result = Invoke-Command -ScriptBlock $commandScriptBlock + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName $filter.TargetName -ModuleName Microsoft.Entra.Users -Times 1 + } + } + catch { + Write-Host "Exception in cmdlet" $command + } + $count++ + } + } + } + } + Write-Host "Cmdlets count: $count" + Write-Host "------End mock remove cmdlets with ObjectId parameter only------" + } + # It "Should pass with 'Id' or 'ObjectId' parameter" { + # $count=0 + # $module.ExportedCommands.Keys | ForEach-Object { + + # $command = Get-Command $_ + # if ($command.Name.StartsWith('Remove')) + # { + # $params = ($command.ParameterSets.Parameters | Where-Object {$_.IsMandatory -eq $true} | select -expand Name) + # if($params.count -eq 1 -and ($params -eq 'ObjectId' -or $params-eq 'Id')){ + # $stringParams = $params -join ',' + # Write-Host "$command | $stringParams" + # $count++ + # } + # } + # } + # Write-Host $count + # } + } +} \ No newline at end of file diff --git a/test/EntraBeta/Applications/Add-EntraBetaApplicationPolicy.Tests.ps1 b/test/EntraBeta/Applications/Add-EntraBetaApplicationPolicy.Tests.ps1 new file mode 100644 index 0000000000..21e8e720d6 --- /dev/null +++ b/test/EntraBeta/Applications/Add-EntraBetaApplicationPolicy.Tests.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Add-EntraBetaApplicationPolicy" { +Context "Test for Add-EntraBetaApplicationPolicy" { + It "Should return empty object" { + $result = Add-EntraBetaApplicationPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when Id is empty" { + { Add-EntraBetaApplicationPolicy -Id -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Add-EntraBetaApplicationPolicy -Id "" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff"} | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaApplicationPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaApplicationPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaApplicationPolicy" + + Add-EntraBetaApplicationPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaApplicationPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaApplicationPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaApplication.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaApplication.Tests.ps1 new file mode 100644 index 0000000000..4fbe4683eb --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaApplication.Tests.ps1 @@ -0,0 +1,162 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-MgBetaApplication with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "AppId" = "5f783237-3457-45d8-93e7-a0edb1cfbfd1" + "AppRoles" = $null + "DeletedDateTime" = $null + "Id" = "aaaaaaaa-1111-1111-1111-000000000000" + "DisplayName" = "Mock-App" + "Info" = @{LogoUrl=""; MarketingUrl=""; PrivacyStatementUrl=""; SupportUrl=""; TermsOfServiceUrl=""} + "IsDeviceOnlyAuthSupported" = $True + "IsFallbackPublicClient" = $true + "KeyCredentials" = @{CustomKeyIdentifier = @(211, 174, 247);DisplayName =""; Key="";KeyId="d903c7a3-75ea-4772-8935-5c0cf82068a7";Type="Symmetric";Usage="Sign"} + "OptionalClaims" = @{AccessToken=""; IdToken=""; Saml2Token=""} + "ParentalControlSettings" = @{CountriesBlockedForMinors=$null; LegalAgeGroupRule="Allow"} + "PasswordCredentials" = @{} + "PublicClient" = @{RedirectUris=$null} + "PublisherDomain" = "M365x99297270.onmicrosoft.com" + "SignInAudience" = "AzureADandPersonalMicrosoftAccount" + "Web" = @{HomePageUrl="https://localhost/demoapp"; ImplicitGrantSettings=""; LogoutUrl="";} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaApplication" { + Context "Test for Get-EntraBetaApplication" { + It "Should return specific application" { + $result = Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('aaaaaaaa-1111-1111-1111-000000000000') + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraBetaApplication -ObjectId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Get-EntraBetaApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should return all applications" { + $result = Get-EntraBetaApplication -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when All has argument" { + { Get-EntraBetaAuditDirectoryLog -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + It "Should fail when invalid parameter is passed" { + { Get-EntraBetaApplication -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should return specific application by searchstring" { + $result = Get-EntraBetaApplication -SearchString 'Mock-App' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should return specific application by filter" { + $result = Get-EntraBetaApplication -Filter "DisplayName -eq 'Mock-App'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-App' + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should return top application" { + $result = Get-EntraBetaApplication -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Result should Contain ApplicationId" { + $result = Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result.ObjectId | should -Be "aaaaaaaa-1111-1111-1111-000000000000" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + $result = Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationId | Should -Be "aaaaaaaa-1111-1111-1111-000000000000" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraBetaApplication -SearchString 'Mock-App' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-App" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplication" + $result = Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplication" + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Property parameter should work" { + $result = Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should support minimum set of parameter sets" { + $GetAzureADApplication = Get-Command Get-EntraBetaApplication + $GetAzureADApplication.ParameterSets.Name | Should -BeIn @("GetQuery", "GetVague", "GetById") + $GetAzureADApplication.Visibility | Should -Be "Public" + $GetAzureADApplication.CommandType | Should -Be "Function" + } + + It "Should return a list of applications by default" { + $GetAzureADApplication = Get-Command Get-EntraBetaApplication + $GetAzureADApplication.ModuleName | Should -Be "Microsoft.Entra.Beta.Applications" + $GetAzureADApplication.DefaultParameterSet | Should -Be "GetQuery" + } + It 'Should have List parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraBetaApplication + $ListParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetQuery" + $ListParameterSet.Parameters.Name | Should -Contain All + $ListParameterSet.Parameters.Name | Should -Contain Filter + $ListParameterSet.Parameters.Name | Should -Contain Top + } + It 'Should have Get parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraBetaApplication + $GetParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetById" + $GetParameterSet.Parameters.Name | Should -Contain ApplicationId + } + It 'Should have GetViaIdentity parameterSet' { + $GetAzureADApplication = Get-Command Get-EntraBetaApplication + $GetViaIdentityParameterSet = $GetAzureADApplication.ParameterSets | Where-Object Name -eq "GetVague" + $GetViaIdentityParameterSet.Parameters.Name | Should -Contain SearchString + $GetViaIdentityParameterSet.Parameters.Name | Should -Contain All + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaApplicationLogo.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaApplicationLogo.Tests.ps1 new file mode 100644 index 0000000000..b6cccc0dc0 --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaApplicationLogo.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + @{ + "Info" = @( + @{ + "logoUrl" = "" + "Parameters" = $args + }) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaApplicationLogo" { + It "Should return empty" { + $result = Get-EntraBetaApplicationLogo -ApplicationId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -FilePath "D:\image.jpg" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Get-EntraBetaApplicationLogo -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Get-EntraBetaApplicationLogo -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationLogo" + $result = Get-EntraBetaApplicationLogo -ApplicationId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -FilePath "D:\image.jpg" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationLogo" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationLogo -ApplicationId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -FilePath "D:\image.jpg" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 new file mode 100644 index 0000000000..92ac28bea9 --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null) { + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + @{ + "startDateTime" = "11/24/2023 6:28:39 AM" + "keyId" = "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + "hint" = "123" + "secretText" = "" + "endDateTime" = "11/24/2024 6:28:39 AM" + "CustomKeyIdentifier" = "dGVzdA==" + "DisplayName" = "test" + + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} +Describe "Get-EntraBetaApplicationPasswordCredential" { + Context "Test for Get-EntraBetaApplicationPasswordCredential" { + It "Should return specific credential" { + $result = Get-EntraBetaApplicationPasswordCredential -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.keyId | Should -Be "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + $result.DisplayName | Should -Be "test" + $result.CustomKeyIdentifier.gettype().name | Should -Be 'Byte[]' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should return specific credential with Alias" { + $result = Get-EntraBetaApplicationPasswordCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is invalid" { + { Get-EntraBetaApplicationPasswordCredential -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ApplicationId is empty" { + { Get-EntraBetaApplicationPasswordCredential -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationPasswordCredential" + + $result = Get-EntraBetaApplicationPasswordCredential -ApplicationId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationPasswordCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaApplicationPolicy.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaApplicationPolicy.Tests.ps1 new file mode 100644 index 0000000000..7a291ec963 --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaApplicationPolicy.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + +$scriptblock = { + return @{ + value = @( + @{ + "Id" = "bbbbbbbb-7777-8888-9999-cccccccccccc" + "DeletedDateTime" = $null + "@odata.type" = "#microsoft.graph.policy" + "keyCredentials" = $null + "alternativeIdentifier" = $null + "displayName" = "Mock application policy" + "type" = "HomeRealmDiscoveryPolicy" + "isOrganizationDefault" = $false + "createdDateTime" = "16-08-2023 08:25:02" + "Parameters" = $args + } + + ) + + } + + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaApplicationPolicy" { + Context "Test for Get-EntraBetaApplicationPolicy" { + It "Should return specific application policy" { + $result = Get-EntraBetaApplicationPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + write-host $result + $result.Id | Should -Be "bbbbbbbb-7777-8888-9999-cccccccccccc" + $result.displayName | Should -Be "Mock application policy" + $result.type | Should -be "HomeRealmDiscoveryPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaApplicationPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Get-EntraBetaApplicationPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Result should Contain @odata.type" { + $result = Get-EntraBetaApplicationPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result."@odata.type" | should -Be "#microsoft.graph.policy" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationPolicy" + + $result = Get-EntraBetaApplicationPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaApplicationTemplate.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaApplicationTemplate.Tests.ps1 new file mode 100644 index 0000000000..3e8b434b29 --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaApplicationTemplate.Tests.ps1 @@ -0,0 +1,114 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Categories" = "businessMgmt" + "Description" = "Capture and manage your ESG data from across the organization in an integrated, cloud-based platform that connects organizational strategy, automates reporting, and simplifies stakeholder engagement." + "DisplayName" = "FigBytes" + "HomePageUrl" = "https://figbytes.biz/" + "Id" = "bbbbcccc-1111-dddd-2222-eeee3333ffff" + "LogoUrl" = "https://galleryapplogos1.azureedge.net/app-logo/figbytes_AAA12D0E_215.png" + "Publisher" = "Figbytes" + "SupportedClaimConfiguration" = [PSCustomObject]@{ + "NameIdPolicyFormat" = $null + } + "SupportedProvisioningTypes" = @() + "SupportedSingleSignOnModes" = @("saml", "external") + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/beta/`$metadata#applicationTemplates/`$entity"} + "InformationalUrls" = [PSCustomObject]@{ + "AppSignUpUrl" = "https://go.microsoft.com/fwlink/?linkid=2190589" + "SingleSignOnDocumentationUrl" = $null + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaApplicationTemplate -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaApplicationTemplate" { + Context "Test for Get-EntraBetaApplicationTemplate" { + It "Should get a specific application template" { + $result = Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'FigBytes' + $result.Description | should -Be "Capture and manage your ESG data from across the organization in an integrated, cloud-based platform that connects organizational strategy, automates reporting, and simplifies stakeholder engagement." + + Should -Invoke -CommandName Get-MgBetaApplicationTemplate -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Id is empty" { + { Get-EntraBetaApplicationTemplate -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Get-EntraBetaApplicationTemplate -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should get a list of all the application templates" { + $result = Get-EntraBetaApplicationTemplate + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaApplicationTemplate -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain Id in result" { + $result = Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result.Id | should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + + Should -Invoke -CommandName Get-MgBetaApplicationTemplate -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain ApplicationTemplateId in parameters when passed Id to it" { + $result = Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result.Parameters + $params.ApplicationTemplateId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationTemplate" + $result = Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationTemplate" + Should -Invoke -CommandName Get-MgBetaApplicationTemplate -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'FigBytes' + + Should -Invoke -CommandName Get-MgBetaApplicationTemplate -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationTemplate -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 new file mode 100644 index 0000000000..9f8afb0b7f --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 @@ -0,0 +1,100 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Credentials" = @( + [PSCustomObject]@{ + "Value" = "test420" + "Type" = "text" + "FieldId" = "param_emailOrUserName" + }, + [PSCustomObject]@{ + "Value" = "test420" + "Type" = "password" + "FieldId" = "param_password" + } + ) + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "AdditionalProperties" = @{"@odata.context"="https://graph.microsoft.com/beta/`$metadata#microsoft.graph.passwordSingleSignOnCredentialSet"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaPasswordSingleSignOnCredential" { + Context "Test for Get-EntraBetaPasswordSingleSignOnCredential" { + It "Should gets the password sso credentials for the given ObjectId and PasswordSSOObjectId." { + $result = Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName Get-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when ObjectId is Invalid" { + { Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55"} | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when PasswordSSOObjectId parameter are empty" { + { Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId } | Should -Throw "Missing an argument for parameter 'PasswordSSOObjectId'*" + } + + It "Should contain ObjectId in result" { + $result = Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + + Should -Invoke -CommandName Get-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain BodyParameter in parameters when passed PasswordSSOObjectId to it" { + $result = Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Credentials[0].Value | should -Be 'test420' + + Should -Invoke -CommandName Get-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPasswordSingleSignOnCredential" + $result= Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPasswordSingleSignOnCredential" + Should -Invoke -CommandName Get-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOObjectId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaServicePrincipal.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..bc083eae7b --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaServicePrincipal.Tests.ps1 @@ -0,0 +1,258 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AccountEnabled" = $true + "AddIns" = @() + "AlternativeNames" = @() + "AppDescription" = '' + "AppDisplayName" = 'demo1' + "AppId" = 'bbbbbbbb-1111-2222-3333-cccccccccc55' + "AppManagementPolicies" = @() + "AppOwnerOrganizationId" = 'bbbbbbbb-1111-2222-3333-cccccccccc56' + "AppRoleAssignedTo" = @() + "AppRoleAssignmentRequired" = $true + "AppRoleAssignments" = @() + "AppRoles" = @('bbbbbbbb-1111-2222-3333-cccccccccc57') + "ApplicationTemplateId" = 'bbbbbbbb-1111-2222-3333-cccccccccc58' + "ClaimsMappingPolicies" = @() + "CreatedObjects" = @() + "DelegatedPermissionClassifications" = @() + "DeletedDateTime" = '' + "Description" = '' + "DisabledByMicrosoftStatus" = '' + "DisplayName" = 'demo1' + "Endpoints" = @() + "ErrorUrl" = '' + "FederatedIdentityCredentials" = '' + "HomeRealmDiscoveryPolicies" = @() + "Homepage" = 'https://*.e-days.com/SSO/SAML2/SP/AssertionConsumer.aspx?metadata=e-days|ISV9.2|primary|z' + "Id" = 'bbbbbbbb-1111-2222-3333-cccccccccc59' + "KeyCredentials" = @() + "LicenseDetails" = '' + "LoginUrl" = '' + "LogoutUrl" = '' + "MemberOf" = @() + "Notes" = '' + "NotificationEmailAddresses" = @() + "Oauth2PermissionGrants" = @() + "OwnedObjects" = @() + "Owners" = @() + "PasswordCredentials" = @() + "PreferredSingleSignOnMode" = '' + "PreferredTokenSigningKeyEndDateTime" = '' + "PreferredTokenSigningKeyThumbprint" = '' + "PublishedPermissionScopes" = @('bbbbbbbb-1111-2222-3333-cccccccccc60') + "PublisherName" = 'Contoso' + "ReplyUrls" = @() + "SamlMetadataUrl" = '' + "ServicePrincipalNames" = @('bbbbbbbb-1111-2222-3333-cccccccccc55') + "ServicePrincipalType" = 'Application' + "SignInAudience" = 'AzureADMyOrg' + "Tags" = @('WindowsAzureActiveDirectoryIntegratedApp') + "TokenEncryptionKeyId" = '' + "TokenIssuancePolicies" = @() + "TokenLifetimePolicies" = @() + "TransitiveMemberOf" = '' + "AdditionalProperties" = @{ + "@odata.context" = 'https://graph.microsoft.com/beta/$metadata#servicePrincipals/$entity' + "createdDateTime" = '2023-09-26T16:09:16Z' + "isAuthorizationServiceEnabled" = $false + "samlSLOBindingType" = 'httpRedirect' + "api" = @{ + "resourceSpecificApplicationPermissions" = @() + } + "resourceSpecificApplicationPermissions" = @{} + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaServicePrincipal -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaServicePrincipal" { + Context "Test for Get-EntraBetaServicePrincipal" { + It "Should get all service principal by query" { + $result = Get-EntraBetaServicePrincipal + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraBetaServicePrincipal -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result.ServicePrincipalNames | Should -Be @('bbbbbbbb-1111-2222-3333-cccccccccc55') + $result.DisplayName | Should -Be "demo1" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AppOwnerOrganizationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.SignInAudience | Should -Be "AzureADMyOrg" + $result.ServicePrincipalType | Should -Be "Application" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should get all service principal" { + $result = Get-EntraBetaServicePrincipal -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaServicePrincipal -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should get service principal by ObjectId" { + $result = Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result.ServicePrincipalNames | Should -Be @('bbbbbbbb-1111-2222-3333-cccccccccc55') + $result.DisplayName | Should -Be "demo1" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AppOwnerOrganizationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.SignInAudience | Should -Be "AzureADMyOrg" + $result.ServicePrincipalType | Should -Be "Application" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when ServicePrincipalId is empty" { + { Get-EntraBetaServicePrincipal -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + + It "Should fail when ServicePrincipalId is Invalid" { + { Get-EntraBetaServicePrincipal -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + + It "Should get top service principal" { + $result = Get-EntraBetaServicePrincipal -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Top are empty" { + { Get-EntraBetaServicePrincipal -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is Invalid" { + { Get-EntraBetaServicePrincipal -Top XYZ } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should get a specific service principal by filter" { + $result = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'demo1'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result.ServicePrincipalNames | Should -Be @('bbbbbbbb-1111-2222-3333-cccccccccc55') + $result.DisplayName | Should -Be "demo1" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AppOwnerOrganizationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.SignInAudience | Should -Be "AzureADMyOrg" + $result.ServicePrincipalType | Should -Be "Application" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Filter are empty" { + { Get-EntraBetaServicePrincipal -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should select all service principal by displayname" { + $result = Get-EntraBetaServicePrincipal -Property "DisplayName" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Select are empty" { + { Get-EntraBetaServicePrincipal -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should get a specific service principal by SearchString" { + $result = Get-EntraBetaServicePrincipal -SearchString "demo1" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result.ServicePrincipalNames | Should -Be @('bbbbbbbb-1111-2222-3333-cccccccccc55') + $result.DisplayName | Should -Be "demo1" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AppOwnerOrganizationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.SignInAudience | Should -Be "AzureADMyOrg" + $result.ServicePrincipalType | Should -Be "Application" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when SearchString are empty" { + { Get-EntraBetaServicePrincipal -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + + It "Should contain ObjectId in result" { + $result = Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + } + + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc59" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain filter in parameters when passed SearchString to it" { + $result = Get-EntraBetaServicePrincipal -SearchString "demo1" + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Be "publisherName eq 'demo1' or (displayName eq 'demo1' or startswith(displayName,'demo1'))" + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipal" + $result= Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipal" + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when Property is empty" { + { Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Property parameter should work" { + $result = Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" -Property AppDisplayName + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be 'demo1' + + Should -Invoke -CommandName Get-MgBetaServicePrincipal -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaServicePrincipal -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc59" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 b/test/EntraBeta/Applications/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 new file mode 100644 index 0000000000..f69d544f4e --- /dev/null +++ b/test/EntraBeta/Applications/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 @@ -0,0 +1,207 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + '@odata.type' = '#microsoft.graph.servicePrincipal' + 'accountEnabled' = $true + 'alternativeNames' = @{} + 'createdDateTime' = '2023-09-21T15:31:24Z' + 'appDisplayName' = 'ToGraph_443democc3c' + 'appId' = 'bbbbbbbb-1111-2222-3333-cccccccccc55' + 'applicationTemplateId' = 'bbbbbbbb-1111-2222-3333-cccccccccc56' + 'appOwnerOrganizationId' = 'bbbbbbbb-1111-2222-3333-cccccccccc57' + 'appRoleAssignmentRequired' = $true + 'displayName' = 'ToGraph_443democc3c' + 'homepage' = 'https://*.time2work.com/Security/ADFS.aspx?metadata=nimbus|ISV9.2|primary|z' + 'isAuthorizationServiceEnabled' = $false + 'notificationEmailAddresses' = @{} + 'publisherName' = 'Contoso' + 'replyUrls' = @{} + 'samlSLOBindingType' = 'httpRedirect' + 'servicePrincipalNames' = @('bbbbbbbb-1111-2222-3333-cccccccccc55') + 'servicePrincipalType' = 'Application' + 'signInAudience' = 'AzureADMyOrg' + 'tags' = @('WindowsAzureActiveDirectoryIntegratedApp') + 'addIns' = @{} + 'api' = @{ 'resourceSpecificApplicationPermissions' = @() } + 'appRoles' = @( + @{ + 'allowedMemberTypes' = @('User') + 'description' = 'msiam_access' + 'displayName' = 'msiam_access' + 'id' = '643985ce-3eaf-4a67-9550-ecca25cb6814' + 'isEnabled' = $true + 'origin' = 'Application' + 'isPreAuthorizationRequired' = $false + 'isPrivate' = $false + } + ) + 'info' = @{ 'logoUrl' = 'https://aadcdn.msftauthimages.net/c1c6b6c8-to49lv6wypmt9nbj9h-yeqnpoxuawhueygc1g-lkdu4/appbranding/wpnyxydq3vlekihhtujmmyy8n-0-4cx9y7wm-d9z4q/1033/bannerlogo?ts=638493625239351699' } + 'keyCredentials' = @{} + 'publishedPermissionScopes' = @{} + 'passwordCredentials' = @{} + 'resourceSpecificApplicationPermissions' = @{} + 'verifiedPublisher' = @{} + 'ObjectId' = 'bbbbbbbb-1111-2222-3333-cccccccccc58' + 'DeletedDateTime' = $null + 'Id' = 'bbbbbbbb-1111-2222-3333-cccccccccc58' + 'AdditionalProperties' = @{ + '@odata.type' = '#microsoft.graph.servicePrincipal' + 'accountEnabled' = $true + 'alternativeNames' = @{} + 'createdDateTime' = '2023-09-21T15:31:24Z' + 'appDisplayName' = 'ToGraph_443democc3c' + 'appId' = 'bbbbbbbb-1111-2222-3333-cccccccccc55' + 'applicationTemplateId' = 'bbbbbbbb-1111-2222-3333-cccccccccc56' + 'appOwnerOrganizationId' = 'bbbbbbbb-1111-2222-3333-cccccccccc57' + 'appRoleAssignmentRequired' = $true + 'displayName' = 'ToGraph_443democc3c' + 'homepage' = 'https://*.time2work.com/Security/ADFS.aspx?metadata=nimbus|ISV9.2|primary|z' + 'isAuthorizationServiceEnabled' = $false + 'notificationEmailAddresses' = @{} + 'publisherName' = 'Contoso' + 'replyUrls' = @{} + 'samlSLOBindingType' = 'httpRedirect' + 'servicePrincipalNames' = @('bbbbbbbb-1111-2222-3333-cccccccccc55') + 'servicePrincipalType' = 'Application' + 'signInAudience' = 'AzureADMyOrg' + 'tags' = @('WindowsAzureActiveDirectoryIntegratedApp') + 'addIns' = @{} + 'api' = @{ 'resourceSpecificApplicationPermissions' = @() } + 'appRoles' = @{} + 'info' = @{ 'logoUrl' = 'https://aadcdn.msftauthimages.net/c1c6b6c8-to49lv6wypmt9nbj9h-yeqnpoxuawhueygc1g-lkdu4/appbranding/wpnyxydq3vlekihhtujmmyy8n-0-4cx9y7wm-d9z4q/1033/bannerlogo?ts=638493625239351699' } + 'keyCredentials' = @{} + 'publishedPermissionScopes' = @{} + 'passwordCredentials' = @{} + 'resourceSpecificApplicationPermissions' = @{} + 'verifiedPublisher' = @{} + } + "Parameters" = $args + } + } + Mock -CommandName Get-MgBetaServicePrincipalOwnedObject -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Get-EntraBetaServicePrincipalOwnedObject" { + Context "Test for Get-EntraBetaServicePrincipalOwnedObject" { + It "Should retrieve the owned objects of a service principal" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" + $result | Should -Not -BeNullOrEmpty + $result.AdditionalProperties | Should -Not -BeNullOrEmpty + $result.displayName | Should -Be "ToGraph_443democc3c" + $result.appDisplayName | Should -Be "ToGraph_443democc3c" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc58" + $result.appId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AdditionalProperties.appDisplayName | Should -Be "ToGraph_443democc3c" + $result.AdditionalProperties.tags | Should -Be @('WindowsAzureActiveDirectoryIntegratedApp') + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should return specific device with Alias" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc40" + $result | Should -Not -BeNullOrEmpty + $result.AdditionalProperties | Should -Not -BeNullOrEmpty + $result.displayName | Should -Be "ToGraph_443democc3c" + $result.appDisplayName | Should -Be "ToGraph_443democc3c" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc58" + $result.appId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.AdditionalProperties.appDisplayName | Should -Be "ToGraph_443democc3c" + $result.AdditionalProperties.tags | Should -Be @('WindowsAzureActiveDirectoryIntegratedApp') + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ServicePrincipalId are empty" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + + It "Should fail when ServicePrincipalId is Invalid" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + + It "Should return top service principal" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Top are empty" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is Invalid" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Top XYZ } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return all service principal" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should contain Id in result" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc58" + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain ServicePrincipalId in parameters when passed Id to it" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc40" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipalOwnedObject" + + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipalOwnedObject" + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Property parameter should work" { + $result = Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Property appDisplayName + $result | Should -Not -BeNullOrEmpty + $result.appDisplayName | Should -Be 'ToGraph_443democc3c' + + Should -Invoke -CommandName Get-MgBetaServicePrincipalOwnedObject -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaServicePrincipalOwnedObject -ServicePrincipalId "bbbbbbbb-1111-2222-3333-cccccccccc40" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/New-EntraBetaApplication.Tests.ps1 b/test/EntraBeta/Applications/New-EntraBetaApplication.Tests.ps1 new file mode 100644 index 0000000000..8a96c641eb --- /dev/null +++ b/test/EntraBeta/Applications/New-EntraBetaApplication.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking New-MgBetaApplication with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + "AppId" = "5f783237-3457-45d8-93e7-a0edb1cfbfd1" + "DeletedDateTime" = $null + "Id" = "111cc9b5-fce9-485e-9566-c68debafac5f" + "DisplayName" = "Mock-App" + "Info" = @{LogoUrl=""; MarketingUrl=""; PrivacyStatementUrl=""; SupportUrl=""; TermsOfServiceUrl=""} + "IsDeviceOnlyAuthSupported" = $True + "IsFallbackPublicClient" = $true + "KeyCredentials" = @{CustomKeyIdentifier = @(211, 174, 247);DisplayName =""; Key="";KeyId="d903c7a3-75ea-4772-8935-5c0cf82068a7";Type="Symmetric";Usage="Sign"} + "OptionalClaims" = @{AccessToken=""; IdToken=""; Saml2Token=""} + "ParentalControlSettings" = @{CountriesBlockedForMinors=$null; LegalAgeGroupRule="Allow"} + "PasswordCredentials" = @{} + "PublicClient" = @{RedirectUris=$null} + "PublisherDomain" = "M365x99297270.onmicrosoft.com" + "SignInAudience" = "AzureADandPersonalMicrosoftAccount" + "Web" = @{HomePageUrl="https://localhost/demoapp"; ImplicitGrantSettings=""; LogoutUrl="";} + "Parameters" = $args + "AdditionalProperties" = @{CountriesBlockedForMinors = $null; LegalAgeGroupRule = "Allow" } + } + ) + } + + Mock -CommandName New-MgBetaApplication -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "New-EntraBetaApplication"{ + Context "Test for New-EntraBetaApplication" { + It "Should return created Application"{ + $result = New-EntraBetaApplication -DisplayName "Mock-App" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "Mock-App" + $result.IsDeviceOnlyAuthSupported | should -Be "True" + $result.IsFallbackPublicClient | should -Be "True" + $result.SignInAudience | should -Be "AzureADandPersonalMicrosoftAccount" + Should -Invoke -CommandName New-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when DisplayName is empty" { + { New-EntraBetaApplication -DisplayName "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when invalid parameter is passed" { + { New-EntraBetaApplication -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaApplication" + $result = New-EntraBetaApplication -DisplayName "Mock-App" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaApplication" + Should -Invoke -CommandName New-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaApplication -DisplayName "Mock-App" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test/EntraBeta/Applications/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 new file mode 100644 index 0000000000..b5f242351d --- /dev/null +++ b/test/EntraBeta/Applications/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 @@ -0,0 +1,233 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Credentials" = @( + [PSCustomObject]@{ + "Value" = "test1" + "Type" = "text" + "FieldId" = "param_emailOrUserName" + }, + [PSCustomObject]@{ + "Value" = "test1" + "Type" = "password" + "FieldId" = "param_password" + } + ) + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "AdditionalProperties" = @{"@odata.context"='https://graph.microsoft.com/beta/$metadata#microsoft.graph.passwordSingleSignOnCredentialSet'} + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "New-EntraBetaPasswordSingleSignOnCredential" { + Context "Test for New-EntraBetaPasswordSingleSignOnCredential" { + It "Should creates the password sso credentials for the given ObjectId and PasswordSSOObjectId." { + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + $result = New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName New-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when ObjectId is empty" { + { $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + New-EntraBetaPasswordSingleSignOnCredential -ObjectId -PasswordSSOCredential $params} | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is Invalid" { + { $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + New-EntraBetaPasswordSingleSignOnCredential -ObjectId "" -PasswordSSOCredential $params} | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when PasswordSSOCredential parameter are empty" { + { New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential } | Should -Throw "Missing an argument for parameter 'PasswordSSOCredential'*" + } + + It "Should fail when PasswordSSOCredential parameter are Invalid" { + { New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential "" } | Should -Throw "Cannot process argument transformation on parameter 'PasswordSSOCredential'*" + } + + It "Should contain ObjectId in result" { + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + $result = New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + $result = New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params + $params = Get-Parameters -data $result.Parameters + $params.ServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + + Should -Invoke -CommandName New-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain BodyParameter in parameters when passed PasswordSSOCredential to it" { + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + $result = New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params + $value = $params.credentials | ConvertTo-Json + $result | Should -Not -BeNullOrEmpty + $value | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaPasswordSingleSignOnCredential" + + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + $result = New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaPasswordSingleSignOnCredential" + + Should -Invoke -CommandName New-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $params = @{ + id = "bbbbbbbb-1111-2222-3333-cccccccccc55" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test1" + } + @{ + fieldId = "param_password" + type = "password" + value = "test1" + } + ) + } + + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaPasswordSingleSignOnCredential -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccc56" -PasswordSSOCredential $params -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Remove-EntraBetaApplication.Tests.ps1 b/test/EntraBeta/Applications/Remove-EntraBetaApplication.Tests.ps1 new file mode 100644 index 0000000000..5b6d2b1d7b --- /dev/null +++ b/test/EntraBeta/Applications/Remove-EntraBetaApplication.Tests.ps1 @@ -0,0 +1,62 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaApplication -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Remove-EntraBetaApplication" { + Context "Test for Remove-EntraBetaApplication" { + It "Should return empty object" { + $result = Remove-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaApplication -ObjectId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraBetaApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraBetaApplication -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Remove-MgBetaApplication -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + $result = Remove-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-1111-1111-1111-000000000000" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaApplication" + $result = Remove-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaApplication" + Should -Invoke -CommandName Remove-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Remove-EntraBetaApplicationPolicy.Tests.ps1 b/test/EntraBeta/Applications/Remove-EntraBetaApplicationPolicy.Tests.ps1 new file mode 100644 index 0000000000..5f66f094ef --- /dev/null +++ b/test/EntraBeta/Applications/Remove-EntraBetaApplicationPolicy.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Remove-EntraBetaApplicationPolicy" { + Context "Test for Remove-EntraBetaApplicationPolicy" { + It "Should removes an application policy from Azure Active Directory (AD)" { + $result = Remove-EntraBetaApplicationPolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaApplicationPolicy -Id -PolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaApplicationPolicy -Id "" -PolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when PolicyId is empty" { + { Remove-EntraBetaApplicationPolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + + It "Should fail when PolicyId is invalid" { + { Remove-EntraBetaApplicationPolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string." + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaApplicationPolicy" + + $result = Remove-EntraBetaApplicationPolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaApplicationPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaApplicationPolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PolicyId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test/EntraBeta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 new file mode 100644 index 0000000000..91c0b969e4 --- /dev/null +++ b/test/EntraBeta/Applications/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 @@ -0,0 +1,77 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Remove-EntraBetaPasswordSingleSignOnCredential" { + Context "Test for Remove-EntraBetaPasswordSingleSignOnCredential" { + It "Should remove password single-sign-on credentials" { + $result = Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when ObjectId is empty" { + { Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is invalid" { + { Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when PasswordSSOObjectId is empty" { + { Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId } | Should -Throw "Missing an argument for parameter 'PasswordSSOObjectId'*" + } + + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + + $result = Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain Id in parameters when passed PasswordSSOObjectId to it" { + Mock -CommandName Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + + $result = Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.Id | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaPasswordSingleSignOnCredential" + $result = Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaPasswordSingleSignOnCredential" + Should -Invoke -CommandName Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaPasswordSingleSignOnCredential -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -PasswordSSOObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Set-EntraBetaApplication.Tests.ps1 b/test/EntraBeta/Applications/Set-EntraBetaApplication.Tests.ps1 new file mode 100644 index 0000000000..67b899d44c --- /dev/null +++ b/test/EntraBeta/Applications/Set-EntraBetaApplication.Tests.ps1 @@ -0,0 +1,62 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaApplication -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Set-EntraBetaApplication"{ + Context "Test for Set-EntraBetaApplication" { + It "Should return empty object"{ + $result = Set-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraBetaApplication -ObjectId "aaaaaaaa-1111-1111-1111-000000000000" -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Set-EntraBetaApplication -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when invalid parameter is passed" { + { Set-EntraBetaApplication -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Update-MgBetaApplication -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + $result = Set-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-1111-1111-1111-000000000000" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaApplication" + $result = Set-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaApplication" + Should -Invoke -CommandName Update-MgBetaApplication -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Set-EntraBetaApplication -ApplicationId "aaaaaaaa-1111-1111-1111-000000000000" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Set-EntraBetaApplicationLogo.Tests.ps1 b/test/EntraBeta/Applications/Set-EntraBetaApplicationLogo.Tests.ps1 new file mode 100644 index 0000000000..325d90e992 --- /dev/null +++ b/test/EntraBeta/Applications/Set-EntraBetaApplicationLogo.Tests.ps1 @@ -0,0 +1,55 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Set-EntraBetaApplicationLogo"{ + Context "Test for Set-EntraBetaApplicationLogo" { + It "Should return empty object"{ + $result = Set-EntraBetaApplicationLogo -ApplicationId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -FilePath "https://th.bing.com/th?q=Perennial+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Set-EntraBetaApplicationLogo -ApplicationId "" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is null" { + { Set-EntraBetaApplicationLogo -ApplicationId } | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when filepath invalid"{ + { Set-EntraBetaApplicationLogo -ApplicationId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -FilePath "sdd" } | Should -Throw "FilePath is invalid" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaApplicationLogo" + $result = Set-EntraBetaApplicationLogo -ApplicationId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -FilePath "https://th.bing.com/th?q=Perennial+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaApplicationLogo" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaApplicationLogo -ApplicationId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -FilePath "https://th.bing.com/th?q=Perennial+Garden+Ideas&w=138&h=138&c=7&o=5&dpr=1.3&pid=1.7&mkt=en-IN&cc=IN&setlang=en&adlt=moderate" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test/EntraBeta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 new file mode 100644 index 0000000000..e92dd22aa8 --- /dev/null +++ b/test/EntraBeta/Applications/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 @@ -0,0 +1,197 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Set-EntraBetaPasswordSingleSignOnCredential" { + Context "Test for Set-EntraBetaPasswordSingleSignOnCredential" { + It "Should sets the password sso credentials for the given ObjectId and PasswordSSOObjectId." { + $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + $result = Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential $params + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + + It "Should fail when ObjectId is empty" { + { $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + Set-EntraBetaPasswordSingleSignOnCredential -ObjectId -PasswordSSOCredential $params} | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is Invalid" { + { $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "" -PasswordSSOCredential $params} | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should fail when PasswordSSOCredential parameter are empty" { + { Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential } | Should -Throw "Missing an argument for parameter 'PasswordSSOCredential'*" + } + + It "Should fail when PasswordSSOCredential parameter are Invalid" { + { Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential "" } | Should -Throw "Cannot process argument transformation on parameter 'PasswordSSOCredential'*" + } + + It "Should contain ServicePrincipalId in parameters when passed ObjectId to it" { + Mock -CommandName Update-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + + $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + $result = Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential $params + $params = Get-Parameters -data $result + $params.ServicePrincipalId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain BodyParameter in parameters when passed PasswordSSOCredential to it" { + Mock -CommandName Update-MgBetaServicePrincipalPasswordSingleSignOnCredential -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Applications + + $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + $result = Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential $params + $value = $params.credentials | ConvertTo-Json + $resultParams = Get-Parameters -data $result + $expectedObject = $value | ConvertFrom-Json + $actualObject = ($resultParams.BodyParameter.Credentials | ConvertTo-Json -Depth 10 | ConvertFrom-Json) + $expectedObject | ForEach-Object { + $property = $_ + $actualProperty = $actualObject | Where-Object { $_.fieldId -eq $property.fieldId } + $actualProperty | Should -Not -BeNullOrEmpty + $actualProperty | Should -BeLike "*$($property.value)*" + $actualProperty | Should -BeLike "*$($property.type)*" + $actualProperty | Should -BeLike "*$($property.fieldId)*" + } + } + + It "Should contain 'User-Agent' header" { + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPasswordSingleSignOnCredential" + $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + $result = Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential $params + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPasswordSingleSignOnCredential" + Should -Invoke -CommandName Update-MgBetaServicePrincipalPasswordSingleSignOnCredential -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $params = @{ + id = "11bb11bb-cc22-dd33-ee44-55ff55ff55ff" + credentials = @( + @{ + fieldId = "param_emailOrUserName" + type = "text" + value = "test420" + } + @{ + fieldId = "param_password" + type = "password" + value = "test2420" + } + ) + } + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaPasswordSingleSignOnCredential -ObjectId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PasswordSSOCredential $params -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/Applications/Set-EntraBetaServicePrincipal.Tests.ps1 b/test/EntraBeta/Applications/Set-EntraBetaServicePrincipal.Tests.ps1 new file mode 100644 index 0000000000..f869efbff1 --- /dev/null +++ b/test/EntraBeta/Applications/Set-EntraBetaServicePrincipal.Tests.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Applications) -eq $null){ + Import-Module Microsoft.Entra.Beta.Applications + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Applications +} + +Describe "Set-EntraBetaServicePrincipal"{ + Context "Test for Set-EntraBetaServicePrincipal" { + It "Should return empty object"{ + $result = Set-EntraBetaServicePrincipal -ServicePrincipalId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should return empty object with Alias" { + $result = Set-EntraBetaServicePrincipal -ServicePrincipalId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 + } + It "Should fail when ServicePrincipalId is invalid" { + { Set-EntraBetaServicePrincipal -ServicePrincipalId "" } | Should -Throw "Cannot bind argument to parameter 'ServicePrincipalId' because it is an empty string." + } + It "Should fail when ServicePrincipalId is empty" { + { Set-EntraBetaServicePrincipal -ServicePrincipalId } | Should -Throw "Missing an argument for parameter 'ServicePrincipalId'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaServicePrincipal" + Set-EntraBetaServicePrincipal -ServicePrincipalId bbbbbbbb-1111-2222-3333-cccccccccccc | Out-Null + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaServicePrincipal" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Applications -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaServicePrincipal -ServicePrincipalId bbbbbbbb-1111-2222-3333-cccccccccccc -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 b/test/EntraBeta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 new file mode 100644 index 0000000000..0d42a59a66 --- /dev/null +++ b/test/EntraBeta/Authentication/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Authentication) -eq $null){ + Import-Module Microsoft.Entra.Beta.Authentication + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.passwordAuthenticationMethod"; + createdDateTime= "2023-11-21T12:43:51Z"; + } + } + ) + } + Mock -CommandName Get-MgBetaUserAuthenticationMethod -MockWith {} -ModuleName Microsoft.Entra.Beta.Authentication +} + +Describe "Reset-EntraBetaStrongAuthenticationMethodByUpn" { + Context "Test for Reset-EntraBetaStrongAuthenticationMethodByUpn" { + It "Should Resets the strong authentication method" { + $result = Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso.com#EXT#@M365x99297270.onmicrosoft.com' + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaUserAuthenticationMethod -ModuleName Microsoft.Entra.Beta.Authentication -Times 1 + } + It "Should fail when UserPrincipalName is empty" { + { Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName } | Should -Throw "Missing an argument for parameter 'UserPrincipalName'*" + } + + It "Should fail when Id is invalid" { + { Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName "" } | Should -Throw "Cannot bind argument to parameter 'UserPrincipalName' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Reset-EntraBetaStrongAuthenticationMethodByUpn" + + Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' | Out-Null + Should -Invoke -CommandName Get-MgBetaUserAuthenticationMethod -ModuleName Microsoft.Entra.Beta.Authentication -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should contain 'User-Agent' header" { + Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' | Out-Null + Should -Invoke -CommandName Get-MgBetaUserAuthenticationMethod -ModuleName Microsoft.Entra.Beta.Authentication -Times 1 -ParameterFilter { + $userId | Should -Be 'Test_contoso@M365x99297270.onmicrosoft.com' + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Reset-EntraBetaStrongAuthenticationMethodByUpn -UserPrincipalName 'Test_contoso@M365x99297270.onmicrosoft.com' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} +} + diff --git a/test/EntraBeta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..b70eb47b61 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName New-MgBetaAdministrativeUnitMemberByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Add-EntraBetaAdministrativeUnitMember" { + Context "Test for Add-EntraBetaAdministrativeUnitMember" { + It "Should return empty object" { + $result = Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return empty object with alias" { + $result = Add-EntraBetaAdministrativeUnitMember -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff"} | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId ""} | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + Mock -CommandName New-MgBetaAdministrativeUnitMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + $result = Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + $params = Get-Parameters -data $result + $params.AdministrativeUnitId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaAdministrativeUnitMember" + + Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaAdministrativeUnitMember" + + Should -Invoke -CommandName New-MgBetaAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "eeeeeeee-4444-5555-6666-ffffffffffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..d6e517bd5d --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Add-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,91 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "IsActive" = $true + "AdditionalProperties" = @{"@odata.context"="https://graph.microsoft.com/beta/`$metadata#directory/customSecurityAttributeDefinitions('Engineering_Projectt')/allowedValues/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue" { + Context "Test for Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue" { + It "Should update a specific value for the Id" { + $result = Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.IsActive | Should -Be $true + + Should -Invoke -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when CustomSecurityAttributeDefinitionId are empty" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'*" + } + + It "Should fail when CustomSecurityAttributeDefinitionId is Invalid" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId' because it is an empty string." + } + + It "Should fail when Id are empty" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id -IsActive $true } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is Invalid" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "" -IsActive $true } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when IsActive are empty" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive } | Should -Throw "Missing an argument for parameter 'IsActive'*" + } + + It "Should fail when IsActive are invalid" { + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive dffg } | Should -Throw "Cannot process argument transformation on parameter 'IsActive'*" + } + + It "Result should Contain ObjectId" { + $result = Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true + $result.ObjectId | should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue" + + Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue" + Should -Invoke -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsActive $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..dd7b953926 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,86 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgBetaDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Add-EntraBetaDeviceRegisteredOwner" { + Context "Test for Add-EntraBetaDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Add-EntraBetaDeviceRegisteredOwner -DeviceId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DeviceId'.*" + } + It "Should fail when DeviceId is invalid" { + { Add-EntraBetaDeviceRegisteredOwner -DeviceId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain DeviceId in parameters when passed ObjectId to it" { + Mock -CommandName New-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "412be9d1-1460-4061-8eed-cca203fcb215" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $value = @{ + "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbbbbb-1111-2222-3333-cccccccccccc"} + Should -Invoke -CommandName New-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaDeviceRegisteredOwner" + + Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaDeviceRegisteredOwner" + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Add-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..3f7aa8ee17 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgBetaDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Add-EntraBetaDeviceRegisteredUser" { + Context "Test for Add-EntraBetaDeviceRegisteredUser" { + It "Should return empty object" { + $result = Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Add-EntraBetaDeviceRegisteredUser -DeviceId -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'DeviceId'.*" + } + It "Should fail when DeviceId is invalid" { + { Add-EntraBetaDeviceRegisteredUser -DeviceId "" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should execute successfully with Alias" { + $result = Add-EntraBetaDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should contain DeviceId in parameters when passed DeviceId to it" { + Mock -CommandName New-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $value = @{ + "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbbbbb-1111-2222-3333-cccccccccccc"} + Should -Invoke -CommandName New-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaDeviceRegisteredUser" + + Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaDeviceRegisteredUser" + + Should -Invoke -CommandName New-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } + +} + diff --git a/test/EntraBeta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..0c7fd19f99 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Add-EntraBetaScopedRoleMembership.Tests.ps1 @@ -0,0 +1,131 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "zTVcE8KFQ0W4bI9tvt6kz-5AOA62QHJLgnvAbh9Z0r7uQTWi6U_yTLYoEC66749-U" + "RoleId" = "cccccccc-85c2-4543-b86c-cccccccccccc" + "AdministrativeUnitId" = "dddddddd-7902-4be2-a25b-dddddddddddd" + + "RoleMemberInfo" = @{ + "DisplayName" = "Conf Room Adams" + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "AdditionalProperties" = @{"userPrincipalName" = "SawyerM@contoso.com" } + } + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#scopedRoleMemberships/$entity]'} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgBetaDirectoryAdministrativeUnitScopedRoleMember -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Add-EntraBetaScopedRoleMembership" { + Context "Test for Add-EntraBetaScopedRoleMembership" { + It "Should add a user to the specified role within the specified administrative unit" { + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = "a23541ee-4fe9-4cf2-b628-102ebaef8f7e" + $result = Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -RoleMemberInfo $RoleMember + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "zTVcE8KFQ0W4bI9tvt6kz-5AOA62QHJLgnvAbh9Z0r7uQTWi6U_yTLYoEC66749-U" + $result.RoleId | Should -Be "cccccccc-85c2-4543-b86c-cccccccccccc" + $result.AdministrativeUnitId | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + + Should -Invoke -CommandName New-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should add a user to the specified role within the specified administrative unit with alias" { + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = "a23541ee-4fe9-4cf2-b628-102ebaef8f7e" + $result = Add-EntraBetaScopedRoleMembership -ObjectId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -RoleMemberInfo $RoleMember + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "zTVcE8KFQ0W4bI9tvt6kz-5AOA62QHJLgnvAbh9Z0r7uQTWi6U_yTLYoEC66749-U" + $result.RoleId | Should -Be "cccccccc-85c2-4543-b86c-cccccccccccc" + $result.AdministrativeUnitId | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + + Should -Invoke -CommandName New-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when RoleAdministrativeUnitId is empty" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId } | Should -Throw "Missing an argument for parameter 'RoleObjectId'*" + } + It "Should fail when AdministrativeUnitObjectId is empty" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -AdministrativeUnitObjectId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitObjectId'*" + } + It "Should fail when RoleMemberInfo is empty" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleMemberInfo } | Should -Throw "Missing an argument for parameter 'RoleMemberInfo'*" + } + It "Should fail when RoleMemberInfo is invalid" { + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleMemberInfo "" } | Should -Throw "Cannot process argument transformation on parameter 'RoleMemberInfo'*" + } + It "Result should contain Alias properties"{ + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = "a23541ee-4fe9-4cf2-b628-102ebaef8f7e" + $result = Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -RoleMemberInfo $RoleMember + $result.ObjectId | should -Be "zTVcE8KFQ0W4bI9tvt6kz-5AOA62QHJLgnvAbh9Z0r7uQTWi6U_yTLYoEC66749-U" + $result.RoleObjectId | should -Be "cccccccc-85c2-4543-b86c-cccccccccccc" + $result.AdministrativeUnitObjectId | should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + + $result = Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" + $params = Get-Parameters -data $result.Parameters + $params.AdministrativeUnitId | Should -Be "0e3840ee-40b6-4b72-827b-c06e1f59d2be" + } + It "Should contain AdministrativeUnitId1 in parameters when passed AdministrativeUnitObjectId to it" { + + $result = Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -AdministrativeUnitObjectId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" + $params = Get-Parameters -data $result.Parameters + $params.AdministrativeUnitId1 | Should -Be "0e3840ee-40b6-4b72-827b-c06e1f59d2be" + } + It "Should contain RoleId in parameters when passed RoleObjectId to it" { + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = "a23541ee-4fe9-4cf2-b628-102ebaef8f7e" + + $result = Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -RoleMemberInfo $RoleMember + $params = Get-Parameters -data $result.Parameters + $params.RoleId | Should -Be "135c35cd-85c2-4543-b86c-8f6dbedea4cf" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaScopedRoleMembership" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaScopedRoleMembership" + $RoleMember = New-Object -TypeName Microsoft.Open.MSGraph.Model.MsRoleMemberInfo + $RoleMember.Id = "a23541ee-4fe9-4cf2-b628-102ebaef8f7e" + + Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -RoleMemberInfo $RoleMember + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaScopedRoleMembership" + + Should -Invoke -CommandName New-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaScopedRoleMembership -AdministrativeUnitId "0e3840ee-40b6-4b72-827b-c06e1f59d2be" -RoleObjectId "135c35cd-85c2-4543-b86c-8f6dbedea4cf" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Confirm-EntraBetaDomain.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Confirm-EntraBetaDomain.Tests.ps1 new file mode 100644 index 0000000000..3baa7c4a9a --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Confirm-EntraBetaDomain.Tests.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Confirm-EntraBetaDomain" { + Context "Test for Confirm-EntraBetaDomain" { + It "Should return empty object" { + $result = Confirm-EntraBetaDomain -DomainName "Contoso.com" -ForceTakeover $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DomainName is invalid" { + { Confirm-EntraBetaDomain -DomainName "" } | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + It "Should fail when DomainName is empty" { + { Confirm-EntraBetaDomain -DomainName } | Should -Throw "Missing an argument for parameter 'DomainName'*" + } + It "Should fail when ForceTakeover is invalid" { + { Confirm-EntraBetaDomain -DomainName "Contoso.com" -ForceTakeover "XY" } | Should -Throw "Cannot process argument transformation on parameter 'ForceTakeover'*" + } + It "Should fail when ForceTakeover is empty" { + { Confirm-EntraBetaDomain -DomainName "Contoso.com" -ForceTakeover } | Should -Throw "Missing an argument for parameter 'ForceTakeover'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Confirm-EntraBetaDomain" + + Confirm-EntraBetaDomain -DomainName "Contoso.com" -ForceTakeover $true + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Confirm-EntraBetaDomain -DomainName "Contoso.com" -ForceTakeover $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaAccountSku.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAccountSku.Tests.ps1 new file mode 100644 index 0000000000..1224c5420c --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAccountSku.Tests.ps1 @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "PrepaidUnits" = @{Enabled=20;LockedOut= 0; Suspended= 0;Warning =0} + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + "ConsumedUnits" = "20" + "AccountName" = "M365x99297270" + "CapabilityStatus" = "Enabled" + "AccountId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AppliesTo" = "User" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaSubscribedSku -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaAccountSku" { + Context "Test for Get-EntraBetaAccountSku" { + It "Returns all the SKUs for a company." { + $result = Get-EntraBetaAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444_11112222-bbbb-3333-cccc-4444dddd5555" + $result.ConsumedUnits | should -Be "20" + $result.AccountName | should -Be "M365x99297270" + $result.CapabilityStatus | should -Be "Enabled" + $result.AccountId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.AppliesTo | should -Be "User" + + Should -Invoke -CommandName Get-MgBetaSubscribedSku -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraBetaAccountSku -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Get-EntraBetaAccountSku -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAccountSku" + + $result = Get-EntraBetaAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAccountSku" + + Should -Invoke -CommandName Get-MgBetaSubscribedSku -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAccountSku -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..f495b20d37 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnit.Tests.ps1 @@ -0,0 +1,136 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DisplayName" = "Mock-Administrative-unit" + "Description" = "NewAdministrativeUnit" + "DeletedDateTime" = $null + "IsMemberManagementRestricted" = $null + "Members" = $null + "ScopedRoleMembers" = $null + "Visibility" = $null + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#scopedRoleMemberships/$entity]'} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaAdministrativeUnit -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaAdministrativeUnit" { + Context "Test for Get-EntraBetaAdministrativeUnit" { + It "Should return specific administrative unit" { + $result = Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-Administrative-unit" + $result.Description | Should -Be "NewAdministrativeUnit" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific administrative unit with alias" { + $result = Get-EntraBetaAdministrativeUnit -ObjectId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-Administrative-unit" + $result.Description | Should -Be "NewAdministrativeUnit" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraBetaAdministrativeUnit -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should return all administrative units" { + $result = Get-EntraBetaAdministrativeUnit -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaAdministrativeUnit -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top administrative unit" { + $result = Get-EntraBetaAdministrativeUnit -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaAdministrativeUnit -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaAdministrativeUnit -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific administrative unit by filter" { + $result = Get-EntraBetaAdministrativeUnit -Filter "DisplayName eq 'Mock-Administrative-unit'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-Administrative-unit' + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaAdministrativeUnit -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Result should contain AdministrativeUnitId"{ + $result = Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.ObjectId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + + $result = Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.AdministrativeUnitId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Property parameter should work" { + $result = Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-Administrative-unit' + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaAdministrativeUnit -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAdministrativeUnit" + + $result = Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAdministrativeUnit" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..2af9026d35 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.user" + "displayName" = "Mock-UnitMember" + "mailEnabled" = $True + "isManagementRestricted"= $False + "renewedDateTime" = "2023-10-18T07:21:48Z" + "mobilePhone" = "425-555-0101" + "businessPhones" = {"425-555-0101"} + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaAdministrativeUnitMember -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaAdministrativeUnitMember" { + Context "Test for Get-EntraBetaAdministrativeUnitMember" { + It "Should return specific administrative unit member" { + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.AdditionalProperties.DisplayName | Should -Be "Mock-UnitMember" + $result.AdditionalProperties."@odata.type" | Should -Be "#microsoft.graph.user" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific administrative unit member with alias" { + $result = Get-EntraBetaAdministrativeUnitMember -ObjectId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.AdditionalProperties.DisplayName | Should -Be "Mock-UnitMember" + $result.AdditionalProperties."@odata.type" | Should -Be "#microsoft.graph.user" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should return all administrative unit members" { + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top 1 administrative unit member" { + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain AdministrativeUnitId" { + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + $params = Get-Parameters -data $result.Parameters + $params.AdministrativeUnitId | Should -Be "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + } + It "Property parameter should work" { + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Property ID + $result | Should -Not -BeNullOrEmpty + $result.ID | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAdministrativeUnitMember" + + $result = Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAdministrativeUnitMember" + + Should -Invoke -CommandName Get-MgBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "pppppppp-1111-1111-1111-aaaaaaaaaaaa" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaAttributeSet.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..4231d6ac25 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaAttributeSet.Tests.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbcccc-1111-dddd-2222-eeee3333ffff" + "Description" = "new test" + "MaxAttributesPerSet" = 22 + "AdditionalProperties" = @{"[@odata.context" = "https://graph.microsoft.com/beta/`$metadata#directory/attributeSets/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaDirectoryAttributeSet -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaAttributeSet" { + Context "Test for Get-EntraBetaAttributeSet" { + It "Should get attribute set by AttributeSetId" { + $result = Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbcccc-1111-dddd-2222-eeee3333ffff' + $result.Description | should -Be "new test" + $result.MaxAttributesPerSet | should -Be 22 + + Should -Invoke -CommandName Get-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should get attribute set using alias" { + $result = Get-EntraBetaAttributeSet -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbcccc-1111-dddd-2222-eeee3333ffff' + $result.Description | should -Be "new test" + $result.MaxAttributesPerSet | should -Be 22 + + Should -Invoke -CommandName Get-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when AttributeSetId is empty" { + { Get-EntraBetaAttributeSet -AttributeSetId } | Should -Throw "Missing an argument for parameter 'AttributeSetId'*" + } + + It "Should fail when AttributeSetId is invalid" { + { Get-EntraBetaAttributeSet -AttributeSetId "" } | Should -Throw "Cannot bind argument to parameter 'AttributeSetId' because it is an empty string." + } + + It "Result should Contain ObjectId" { + $result = Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result.ObjectId | should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain AttributeSetId in parameters when passed Id to it" { + $result = Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result.Parameters + $params.AttributeSetId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAttributeSet" + $result = Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAttributeSet" + Should -Invoke -CommandName Get-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Property parameter should work" { + $result = Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'bbbbcccc-1111-dddd-2222-eeee3333ffff' + + Should -Invoke -CommandName Get-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAttributeSet -AttributeSetId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..b9cd82363f --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AllowedValues" = "" + "AttributeSet" = "Test" + "Description" = "Target completion date" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "IsCollection" = $false + "IsSearchable" = $true + "Name" = "Date" + "Status" = "Available" + "Type" = "String" + "UsePreDefinedValuesOnly" = $true + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/beta/`$metadata#directory/customSecurityAttributeDefinitions/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinition -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaCustomSecurityAttributeDefinition" { + Context "Test for Get-EntraBetaCustomSecurityAttributeDefinition" { + It "Should get custom security attribute definition by Id" { + $result = Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.AllowedValues | should -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.AttributeSet | should -Be 'Test' + $result.Description | should -Be 'Target completion date' + $result.Name | should -Be 'Date' + $result.Status | should -Be 'Available' + $result.Type | should -Be 'String' + $result.IsCollection | should -Be $false + $result.IsSearchable | should -Be $true + $result.UsePreDefinedValuesOnly | should -Be $true + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { Get-EntraBetaCustomSecurityAttributeDefinition -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Get-EntraBetaCustomSecurityAttributeDefinition -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Result should Contain ObjectId" { + $result = Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain CustomSecurityAttributeDefinitionId in parameters when passed Id to it" { + $result = Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.CustomSecurityAttributeDefinitionId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Property parameter should work" { + $result = Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property Description + $result | Should -Not -BeNullOrEmpty + $result.Description | Should -Be 'Target completion date' + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaCustomSecurityAttributeDefinition" + $result = Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaCustomSecurityAttributeDefinition" + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaCustomSecurityAttributeDefinition -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..cb6ca3d3ab --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,132 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "IsActive" = $true + "AdditionalProperties" = @{"@odata.context"="https://graph.microsoft.com/beta/`$metadata#directory/customSecurityAttributeDefinitions('Engineering_Projectt')/allowedValues/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" { + Context "Test for Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" { + It "Should get query for given CustomSecurityAttributeDefinitionId" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when CustomSecurityAttributeDefinitionId are empty" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'*" + } + + It "Should fail when CustomSecurityAttributeDefinitionId is Invalid" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId' because it is an empty string." + } + + It "Should get a specific value for the Id" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.IsActive | Should -Be $true + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id are empty" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is Invalid" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should get a specific value by filter" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Filter "Id eq 'bbbbbbbb-1111-2222-3333-cccccccccc55'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.IsActive | Should -Be $true + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Filter are empty" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should contain ObjectId in result" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain AllowedValueId in parameters when passed Id to it" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.AllowedValueId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should contain value in parameters when passed Filter to it" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Filter "Id eq 'bbbbbbbb-1111-2222-3333-cccccccccc55'" + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Not -BeNullOrEmpty + $expectedFilter = "Id eq 'bbbbbbbb-1111-2222-3333-cccccccccc55'" + $params.Filter | Should -Be $expectedFilter + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" + $result = Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" + Should -Invoke -CommandName Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDevice.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDevice.Tests.ps1 new file mode 100644 index 0000000000..352b5bf2ad --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDevice.Tests.ps1 @@ -0,0 +1,160 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "OnPremisesSyncEnabled" = $null + "TrustType" = $null + "OperatingSystemVersion" = "10.0.22621.1700" + "PhysicalIds" = "[HWID]:h:6825786449406074" + "ComplianceExpirationDateTime" = $null + "DeviceVersion" = "2" + "ApproximateLastSignInDateTime" = $null + "OnPremisesLastSyncDateTime" = $null + "OperatingSystem" = "WINDOWS" + "DeletedDateTime" = $null + "DisplayName" = "Mock-Device" + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDevice" { + Context "Test for Get-EntraBetaDevice" { + It "Should return specific device" { + $result = Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | should -Be "Mock-Device" + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific device with Alias" { + $result = Get-EntraBetaDevice -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Get-EntraBetaDevice -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when DeviceId is invalid" { + { Get-EntraBetaDevice -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should return all applications" { + $result = Get-EntraBetaDevice -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaDevice -All xy } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'*" + } + + It "Should fail when invalid parameter is passed" { + { Get-EntraBetaDevice -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should return specific application by searchstring" { + $result = Get-EntraBetaDevice -SearchString 'Mock-Device' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when searchstring is empty" { + { Get-EntraBetaDevice -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Should return specific application by filter" { + $result = Get-EntraBetaDevice -Filter "DisplayName -eq 'Mock-Device'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaDevice -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should return top application" { + $result = Get-EntraBetaDevice -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaDevice -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaDevice -Top xy } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain Alias properties" { + $result = Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DevicePhysicalIds | should -Be "[HWID]:h:6825786449406074" + $result.DeviceObjectVersion | should -Be "2" + $result.DeviceOSType | should -Be "WINDOWS" + $result.DeviceOSVersion | should -Be "10.0.22621.1700" + $result.DirSyncEnabled | should -BeNullOrEmpty + $result.DeviceTrustType | should -BeNullOrEmpty + + } + It "Should contain DeviceId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraBetaDevice -SearchString 'Mock-Device' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match 'Mock-Device' + } + It "Property parameter should work" { + $result = Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-Device' + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDevice" + + $result = Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDevice" + + Should -Invoke -CommandName Get-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDevice -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..65bdf104aa --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "BusinessPhones" = @("425-555-0100") + "onPremisesImmutableId" = $null + "deletedDateTime" = $null + "onPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "onPremisesProvisioningErrors" = @{} + "mobilePhone" = "425-555-0100" + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "Parameters" = $args + "AdditionalProperties" = @{ + "DisplayName" = "demo" + } + } + } + + + Mock -CommandName Get-MgBetaDeviceRegisteredOwner -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDeviceRegisteredOwner" { + Context "Test for Get-EntraBetaDeviceRegisteredOwner" { + It "Should return specific device registered owner" { + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific device registered owner with alias" { + $result = Get-EntraBetaDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when DeviceId is invalid" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" + } + It "Should return all device registered owner" { + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when All is invalid" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All XY } | Should -Throw "A positional parameter cannot be found that accepts argument 'xy'.*" + } + It "Should return top device registered owner" { + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when top is empty" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when top is invalid" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain DeviceId in parameters when passed Name to it" { + + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $para= $params | ConvertTo-json | ConvertFrom-Json + $para.DeviceId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeviceRegisteredOwner" + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Property parameter should work" { + $result = Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property mobilePhone + $result | Should -Not -BeNullOrEmpty + $result.mobilePhone | Should -Be '425-555-0100' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredOwner -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } + +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..1e5017a215 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,130 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null) { + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + $scriptblock = { + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "onPremisesImmutableId" = $null + "deletedDateTime" = $null + "onPremisesSyncEnabled" = $null + "OnPremisesLastSyncDateTime" = $null + "onPremisesProvisioningErrors" = @{} + "mobilePhone" = "425-555-0100" + "BusinessPhones" = @("425-555-0100") + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "Parameters" = $args + "AdditionalProperties" = @{ + "DisplayName" = "Demo" + } + } + } + + Mock -CommandName Get-MgBetaDeviceRegisteredUser -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + + + +Describe "Get-EntraBetaDeviceRegisteredUser" { + Context "Test for Get-EntraBetaDeviceRegisteredUser" { + It "Should return specific device registered User" { + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "8542ebd1-3d49-4073-9dce-30f197c67755" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredUser -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific device registered User with alias" { + $result = Get-EntraBetaDeviceRegisteredUser -ObjectId "8542ebd1-3d49-4073-9dce-30f197c67755" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredUser -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Get-EntraBetaDeviceRegisteredUser -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should fail when DeviceId is invalid" { + { Get-EntraBetaDeviceRegisteredUser -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" + } + It "Should return all device registered owner" { + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredUser -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should return top device registered owner" { + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredUser -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when top is empty" { + { Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when top is invalid" { + { Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain DeviceId in parameters when passed Name to it" { + + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $Para= $params | ConvertTo-json | ConvertFrom-Json + $para.DeviceId | Should -Match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeviceRegisteredUser" + + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.headers.'User-Agent' | Should -Be $userAgentHeaderValue + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeviceRegisteredUser" + + $result = Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeviceRegisteredUser" + + Should -Invoke -CommandName Get-MgBetaDeviceRegisteredUser -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when Property is empty" { + { Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + + } + +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.Tests.ps1 new file mode 100644 index 0000000000..c6b5a9aed2 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncConfiguration.Tests.ps1 @@ -0,0 +1,71 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @{ + configuration = [PSCustomObject]@{ + AccidentalDeletionPrevention = [PSCustomObject]@{ + AlertThreshold = 50 + SynchronizationPreventionType = @{SynchronizationPreventionType="Threshold"; Parameters =$args} + } + } + } + } + Mock -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Get-EntraBetaDirSyncConfiguration" { + Context "Test for Get-EntraBetaDirSyncConfiguration" { + It "Get irectory synchronization settings" { + $result = Get-EntraBetaDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraBetaDirSyncConfiguration -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + + It "Should fail when TenantId is invalid" { + { Get-EntraBetaDirSyncConfiguration -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should contain in OnPremisesDirectorySynchronizationId parameters when passed TenantId to it" { + $result = Get-EntraBetaDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result.DeletionPreventionType.parameters + $params.OnPremisesDirectorySynchronizationId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirSyncConfiguration" + + $result = Get-EntraBetaDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirSyncConfiguration" + + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDirSyncConfiguration -TenantId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncFeature.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncFeature.Tests.ps1 new file mode 100644 index 0000000000..7e64421e34 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirSyncFeature.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Features" = @{ + "BlockCloudObjectTakeoverThroughHardMatchEnabled" = $false; + "BlockSoftMatchEnabled" = $false; + "BypassDirSyncOverridesEnabled" = $false; + "CloudPasswordPolicyForPasswordSyncedUsersEnabled" = $false; + "ConcurrentCredentialUpdateEnabled" = $false; + "ConcurrentOrgIdProvisioningEnabled" = $true; + "DeviceWritebackEnabled" = $false; + "DirectoryExtensionsEnabled" = $false; + "FopeConflictResolutionEnabled" = $false; + "GroupWriteBackEnabled" = $true; + "PasswordSyncEnabled" = $false; + "PasswordWritebackEnabled" = $false; + "QuarantineUponProxyAddressesConflictEnabled" = $true; + "QuarantineUponUpnConflictEnabled" = $true; + "SoftMatchOnUpnEnabled" = $true; + "SynchronizeUpnForManagedUsersEnabled" = $true; + "UnifiedGroupWritebackEnabled" = $true; + "UserForcePasswordChangeOnLogonEnabled" = $false; + "UserWritebackEnabled" = $false; + } + } + ) + } + Mock -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDirSyncFeature" { + Context "Test for Get-EntraBetaDirSyncFeature" { + It "Returns all the sync features" { + $result = Get-EntraBetaDirSyncFeature + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Returns specific sync feature" { + $result = Get-EntraBetaDirSyncFeature -Feature PasswordSync + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Returns sync feature" { + $result = Get-EntraBetaDirSyncFeature -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraBetaDirSyncFeature -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Get-EntraBetaDirSyncFeature -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'*" + } + It "Should fail when Feature is empty" { + { Get-EntraBetaDirSyncFeature -Feature } | Should -Throw "Missing an argument for parameter 'Feature'*" + } + It "Should fail when invalid paramter is passed"{ + { Get-EntraBetaDirSyncFeature -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirSyncFeature" + + $result = Get-EntraBetaDirSyncFeature -Feature PasswordSync + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirSyncFeature" + + Should -Invoke -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDirSyncFeature -Feature PasswordSync -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 new file mode 100644 index 0000000000..fb298bcc67 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 @@ -0,0 +1,58 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDirectoryObjectOnPremisesProvisioningError" { + Context "Test for Get-EntraBetaDirectoryObjectOnPremisesProvisioningError" { + It "Should return empty object" { + $result = Get-EntraBetaDirectoryObjectOnPremisesProvisioningError + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return empty object when TenantId is passed" { + $result = Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectoryObjectOnPremisesProvisioningError" + + Get-EntraBetaDirectoryObjectOnPremisesProvisioningError + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectoryObjectOnPremisesProvisioningError" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDirectoryObjectOnPremisesProvisioningError -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySetting.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySetting.Tests.ps1 new file mode 100644 index 0000000000..d3e7577708 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySetting.Tests.ps1 @@ -0,0 +1,116 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Application" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "TemplateId" = "bbbbbbbb-1111-2222-3333-cccccccccc56" + "Values" = @("EnableAccessCheckForPrivilegedApplicationUpdates") + "AdditionalProperties" = @{"[@odata.context" = "https://graph.microsoft.com/beta/`$metadata#settings/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaDirectorySetting -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDirectorySetting" { + Context "Test for Get-EntraBetaDirectorySetting" { + It "Should gets a directory setting from Azure Active Directory (AD)" { + $result = Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.DisplayName | should -Be "Application" + $result.TemplateId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.Values | should -Be @("EnableAccessCheckForPrivilegedApplicationUpdates") + + Should -Invoke -CommandName Get-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { Get-EntraBetaDirectorySetting -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Get-EntraBetaDirectorySetting -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should return all group" { + $result = Get-EntraBetaDirectorySetting -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaDirectorySetting -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should return top group" { + $result = Get-EntraBetaDirectorySetting -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaDirectorySetting -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaDirectorySetting -Top y } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should contain DirectorySettingId in parameters when passed Id to it" { + $result = Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.DirectorySettingId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Property parameter should work" { + $result = Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Application' + + Should -Invoke -CommandName Get-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectorySetting" + $result= Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectorySetting" + Should -Invoke -CommandName Get-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDirectorySetting -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 new file mode 100644 index 0000000000..98d9d2bf12 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Group.Unified.Guest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "Settings for a specific Unified Group" + "Parameters" = $args + "Values" = @( + [PSCustomObject]@{ + "Name" = "AllowToAddGuests" + "Description" = "" + "Type" = "" + "DefaultValue" = $true + } + ) + } + ) + } + Mock -CommandName Get-MgBetaDirectorySettingTemplate -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDirectorySettingTemplate" { + Context "Test for Get-EntraBetaDirectorySettingTemplate" { + It "Should gets a directory setting template from Azure Active Directory (AD)." { + $result = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.DisplayName | should -Be "Group.Unified.Guest" + $result.Description | should -Be "Settings for a specific Unified Group" + + Should -Invoke -CommandName Get-MgBetaDirectorySettingTemplate -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { Get-EntraBetaDirectorySettingTemplate -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Get-EntraBetaDirectorySettingTemplate -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain DirectorySettingTemplateId in parameters when passed Id to it" { + $result = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDirectorySettingTemplate -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $DirectorySettingTemplateId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $true + } + } + It "Property parameter should work" { + $result = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Group.Unified.Guest' + + Should -Invoke -CommandName Get-MgBetaDirectorySettingTemplate -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectorySettingTemplate" + $result = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDirectorySettingTemplate" + Should -Invoke -CommandName Get-MgBetaDirectorySettingTemplate -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.Tests.ps1 new file mode 100644 index 0000000000..277348a46b --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaDomainFederationSettings.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "Contoso" + "FederatedIdpMfaBehavior" = "rejectMfaByFederatedIdp" + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "IsSignedAuthenticationRequestRequired" = "" + "IssuerUri" = "http://contoso.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.contoso.com/adfs/services/trust/mex" + "NextSigningCertificate" = "MIIC3jCCAcagAwIBAgIQEt0T0G5GPZ9" + "PassiveSignInUri" = "https://sts.contoso.com/adfs/ls/" + "PreferredAuthenticationProtocol" = "wsFed" + "PromptLoginBehavior" = "" + "SignOutUri" = "https://sts.deverett.info/adfs/ls/" + "SigningCertificate" = "MIIC3jCCAcagAwIBAgIQFsO0R8deG4h" + "SigningCertificateUpdateStatus" = @{ + "CertificateUpdateResult" = "success"; + } + } + ) + } + Mock -CommandName Get-MgBetaDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaDomainFederationSettings" { + Context "Test for Get-EntraBetaDomainFederationSettings" { + It "Should return federation settings" { + $result = Get-EntraBetaDomainFederationSettings -DomainName "test.com" + $result | Should -Not -BeNullOrEmpty + $result.FederationBrandName | Should -Be "Contoso" + $result.ActiveLogOnUri | Should -Be "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + Should -Invoke -CommandName Get-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Returns federation settings" { + $result = Get-EntraBetaDomainFederationSettings -DomainName "test.com" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when TenantId is empty" { + { Get-EntraBetaDomainFederationSettings -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invalid" { + { Get-EntraBetaDomainFederationSettings -TenantId "" } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'.*" + } + It "Should fail when DomainName is empty" { + { Get-EntraBetaDomainFederationSettings -DomainName } | Should -Throw "Missing an argument for parameter 'DomainName'*" + } + It "Should fail when DomainName is inavlid" { + { Get-EntraBetaDomainFederationSettings -DomainName "" } | Should -Throw "Cannot bind argument to parameter 'DomainName'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDomainFederationSettings" + + $result = Get-EntraBetaDomainFederationSettings -DomainName "test.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDomainFederationSettings" + + Should -Invoke -CommandName Get-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDomainFederationSettings -DomainName "test.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaFederationProperty.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaFederationProperty.Tests.ps1 new file mode 100644 index 0000000000..c552c065a8 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaFederationProperty.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "ADFS HYPER-V LAB" + "IssuerUri" = "http://anmaji.myworkspace.microsoft.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/mex" + "PassiveSignInUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + "SignOutUri" = "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + "Parameters" =$args + } + ) + } + Mock -CommandName Get-MgBetaDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Get-EntraFederationProperty" { + Context "Test for Get-EntraFederationProperty" { + It "Should return the empty object" { + $result = Get-EntraBetaFederationProperty -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.ActiveSignInUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/2005/usernamemixed" + $result.DisplayName | Should -Be "ADFS HYPER-V LAB" + $result.IssuerUri | Should -Be "http://anmaji.myworkspace.microsoft.com/adfs/services/trust/" + $result.MetadataExchangeUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/services/trust/mex" + $result.PassiveSignInUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + $result.SignOutUri | Should -Be "https://sts.anmaji.myworkspace.microsoft.com/adfs/ls/" + + Should -Invoke -CommandName Get-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DomainName is empty" { + {Get-EntraBetaFederationProperty -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Get-EntraBetaFederationProperty -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + + It "Should contain DomainId in parameters when DomainName to it" { + Mock -CommandName Get-MgBetaDomainFederationConfiguration -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + $result = Get-EntraBetaFederationProperty -DomainName "contoso.com" + $params = Get-Parameters -data $result + $params.DomainId | Should -Be "contoso.com" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaFederationProperty" + + $result = Get-EntraBetaFederationProperty -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaFederationProperty" + + Should -Invoke -CommandName Get-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaFederationProperty -DomainName "contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaPasswordPolicy.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaPasswordPolicy.Tests.ps1 new file mode 100644 index 0000000000..332741c45a --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaPasswordPolicy.Tests.ps1 @@ -0,0 +1,70 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "contoso.com" + "IsAdminManaged" ="True" + "PasswordNotificationWindowInDays" = @{PasswordNotificationWindowInDays="14"; "Parameters" = $args} + "PasswordValidityPeriodInDays" = "2147483647" + } + ) + } + Mock -CommandName Get-MgBetaDomain -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaPasswordPolicy" { + Context "Test for Get-EntraBetaPasswordPolicy" { + It "Should gets the current password policy for a tenant or a domain." { + $result = Get-EntraBetaPasswordPolicy -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + $result.NotificationDays.PasswordNotificationWindowInDays | Should -Be "14" + $result.ValidityPeriod | Should -Be "2147483647" + + Should -Invoke -CommandName Get-MgBetaDomain -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when DomainName is empty" { + {Get-EntraBetaPasswordPolicy -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Get-EntraBetaPasswordPolicy -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPasswordPolicy" + + $result = Get-EntraBetaPasswordPolicy -DomainName "contoso.com" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPasswordPolicy" + + Should -Invoke -CommandName Get-MgBetaDomain -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPasswordPolicy -DomainName "contoso.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..6c5f34db93 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Get-EntraBetaScopedRoleMembership.Tests.ps1 @@ -0,0 +1,108 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + "RoleId" = "cccccccc-85c2-4543-b86c-cccccccccccc" + "AdministrativeUnitId" = "dddddddd-7902-4be2-a25b-dddddddddddd" + + "RoleMemberInfo" = @{ + "DisplayName" = "Conf Room Adams" + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "AdditionalProperties" = @{"userPrincipalName" = "Adams@M365x99297270.OnMicrosoft.com" } + } + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#scopedRoleMemberships/$entity]'} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Get-EntraBetaScopedRoleMembership" { + Context "Test for Get-EntraBetaScopedRoleMembership" { + It "Should return specific scoped role membership" { + $result = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result.RoleId | Should -Be "cccccccc-85c2-4543-b86c-cccccccccccc" + $result.AdministrativeUnitId | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + + Should -Invoke -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return specific scoped role membership with alias" { + $result = Get-EntraBetaScopedRoleMembership -ObjectId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result.RoleId | Should -Be "cccccccc-85c2-4543-b86c-cccccccccccc" + $result.AdministrativeUnitId | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + + Should -Invoke -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when ScopedRoleMembershipId is empty" { + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId } | Should -Throw "Missing an argument for parameter 'ScopedRoleMembershipId'*" + } + It "Should fail when ScopedRoleMembershipId is invalid" { + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "" } | Should -Throw "Cannot bind argument to parameter 'ScopedRoleMembershipId' because it is an empty string." + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + + $result = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $params = Get-Parameters -data $result.Parameters + $params.AdministrativeUnitId | Should -Be "dddddddd-1111-2222-3333-eeeeeeeeeeee" + } + It "Property parameter should work" { + $result = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" -Property RoleId + $result | Should -Not -BeNullOrEmpty + $result.RoleId | Should -Be 'cccccccc-85c2-4543-b86c-cccccccccccc' + + Should -Invoke -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaScopedRoleMembership" + + $result = Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaScopedRoleMembership" + + Should -Invoke -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnit.Tests.ps1 b/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..a18770294b --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnit.Tests.ps1 @@ -0,0 +1,87 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DisplayName" = "Mock-Admin-Unit" + "Description" = "NewAdministrativeUnit" + "DeletedDateTime" = $null + "IsMemberManagementRestricted" = $null + "Members" = $null + "ScopedRoleMembers" = $null + "Visibility" = $null + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#scopedRoleMemberships/$entity]'} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgBetaAdministrativeUnit -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "New-EntraBetaAdministrativeUnit" { + Context "Test for New-EntraBetaAdministrativeUnit" { + It "Should return created administrative unit" { + $result = New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted $True + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-Admin-Unit" + $result.Description | Should -Be "NewAdministrativeUnit" + + Should -Invoke -CommandName New-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DisplayName is empty" { + { New-EntraBetaAdministrativeUnit -DisplayName -Description "NewAdministrativeUnit" } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when DisplayName is invalid" { + { New-EntraBetaAdministrativeUnit -DisplayName "" -Description "NewAdministrativeUnit" } | Should -Throw "Cannot bind argument to parameter 'DisplayName' because it is an empty string." + } + It "Should fail when Description is empty" { + { New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when IsMemberManagementRestricted is empty" { + { New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted } | Should -Throw "Missing an argument for parameter 'IsMemberManagementRestricted'*" + } + It "Should fail when IsMemberManagementRestricted is invalid" { + { New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted "" } | Should -Throw "Cannot process argument transformation on parameter 'IsMemberManagementRestricted'.*" + } + It "Result should contain ObjectId"{ + $result = New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" + $result.ObjectId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAdministrativeUnit" + + $result = New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAdministrativeUnit" + Should -Invoke -CommandName New-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaAdministrativeUnit -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..ef624ce170 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/New-EntraBetaAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,160 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.context" = 'https://graph.microsoft.com/beta/$metadata#scopedRoleMemberships/$entity]' + "@odata.type" = "#microsoft.graph.group" + "createdByAppId" = "8886ad7b-1795-4542-9808-c85859d97f23" + "DisplayName" = "Mock-Admin-UnitMember" + "mailNickname" = "Mock-Admin-UnitMember" + "organizationId" = "d5aec55f-2d12-4442-8d2f-ccca95d4390e" + "Description" = "NewAdministrativeUnitMember" + "groupTypes" = {"Unified", "DynamicMembership"} + "proxyAddresses" = "SMTP:testGroupInAU10@M365x99297270.onmicrosoft.com" + "membershipRuleProcessingState"= "On" + "membershipRule" = ("user.department -contains 'Marketing'") + "createdDateTime" = "2024-06-03T06:03:32Z" + "securityIdentifier" = "S-1-12-1-45050116-1081357872-244239291-3460319952" + "securityEnabled" = $False + "Members" = $null + "ScopedRoleMembers" = $null + "Visibility" = "Public" + + } + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MGBetaAdministrativeUnitMember -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "New-EntraBetaAdministrativeUnitMember" { + Context "Test for New-EntraBetaAdministrativeUnitMember" { + It "Should return created administrative unit member" { + $result = New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType "Microsoft.Graph.Group" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -GroupTypes @("Unified","DynamicMembership") -MembershipRule "(user.department -contains 'Marketing')" -MembershipRuleProcessingState "On" -IsAssignableToRole $False + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.DisplayName | Should -Be "Mock-Admin-UnitMember" + $result.AdditionalProperties.Description | Should -Be "NewAdministrativeUnitMember" + + Should -Invoke -CommandName New-MGBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = New-EntraBetaAdministrativeUnitMember -Id "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType "Microsoft.Graph.Group" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -GroupTypes @("Unified","DynamicMembership") -MembershipRule "(user.department -contains 'Marketing')" -MembershipRuleProcessingState "On" -IsAssignableToRole $False + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName New-MGBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + {New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False} | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when DisplayName is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when DisplayName is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Cannot bind argument to parameter 'DisplayName' because it is an empty string." + } + It "Should fail when Description is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when MailNickname is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'MailNickname'*" + } + It "Should fail when MailNickname is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "" -SecurityEnabled $False } | Should -Throw "Cannot bind argument to parameter 'MailNickname' because it is an empty string." + } + It "Should fail when MailEnabled is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'MailEnabled'*" + } + It "Should fail when MailEnabled is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled xy -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Cannot process argument transformation on parameter 'MailEnabled'*" + } + It "Should fail when SecurityEnabled is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled } | Should -Throw "Missing an argument for parameter 'SecurityEnabled'*" + } + It "Should fail when SecurityEnabled is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled xy } | Should -Throw "Cannot process argument transformation on parameter 'SecurityEnabled'*" + } + It "Should fail when OdataType is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'OdataType'*" + } + It "Should fail when GroupTypes is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -GroupTypes -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'GroupTypes'*" + } + It "Should fail when MembershipRule is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -MembershipRule -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'MembershipRule'*" + } + It "Should fail when MembershipRuleProcessingState is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -MembershipRuleProcessingState -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'MembershipRuleProcessingState'*" + } + It "Should fail when AssignedLabels is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -AssignedLabels -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'AssignedLabels'*" + } + It "Should fail when ProxyAddresses is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -ProxyAddresses -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False } | Should -Throw "Missing an argument for parameter 'ProxyAddresses'*" + } + It "Should fail when IsAssignableToRole is empty" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -IsAssignableToRole } | Should -Throw "Missing an argument for parameter 'IsAssignableToRole'*" + } + It "Should fail when IsAssignableToRole is invalid" { + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -IsAssignableToRole xy } | Should -Throw "Cannot process argument transformation on parameter 'IsAssignableToRole'*" + } + It "Should contain @odata.type in parameters when passed OdataType to it" { + $result = New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType "Microsoft.Graph.Group" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -GroupTypes @("Unified","DynamicMembership") -MembershipRule "(user.department -contains 'Marketing')" -MembershipRuleProcessingState "On" -IsAssignableToRole $False + $jsonArray = $result.Parameters + + $hashTable = @{} + for ($i = 0; $i -lt $jsonArray.Length; $i += 2) { + $key = $jsonArray[$i] -replace '^-', '' -replace ':$', '' + $value = $jsonArray[$i + 1] + if ($value -is [PSCustomObject]) { + $value.PSObject.Properties | ForEach-Object { $_.Name = $_.Name -replace '^-', '' -replace ':$', '' } + } + $hashTable[$key] = $value + } + $OdataType = $hashTable.BodyParameter.AdditionalProperties.'@odata.type' + $OdataType | Should -Be "Microsoft.Graph.Group" + + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAdministrativeUnitMember" + + $result = New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType "Microsoft.Graph.Group" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -GroupTypes @("Unified","DynamicMembership") -MembershipRule "(user.department -contains 'Marketing')" -MembershipRuleProcessingState "On" -IsAssignableToRole $False + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAdministrativeUnitMember" + Should -Invoke -CommandName New-MGBetaAdministrativeUnitMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -OdataType "Microsoft.Graph.Group" -DisplayName "Mock-Admin-UnitMember" -Description "NewAdministrativeUnitMember" -MailEnabled $True -MailNickname "Mock-Admin-UnitMember" -SecurityEnabled $False -GroupTypes @("Unified","DynamicMembership") -MembershipRule "(user.department -contains 'Marketing')" -MembershipRuleProcessingState "On" -IsAssignableToRole $False -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/New-EntraBetaAttributeSet.Tests.ps1 b/test/EntraBeta/DirectoryManagement/New-EntraBetaAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..47a7609828 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/New-EntraBetaAttributeSet.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "New AttributeSet" + "MaxAttributesPerSet" = 21 + "AdditionalProperties" = @{"[@odata.context" = 'https://graph.microsoft.com/beta/$metadata#directory/attributeSets/$entity'} + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaDirectoryAttributeSet -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "New-EntraBetaAttributeSet" { + Context "Test for New-EntraBetaAttributeSet" { + It "Should create new attribute set" { + $result = New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet 21 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.Description | should -Be "New AttributeSet" + $result.MaxAttributesPerSet | should -Be 21 + + Should -Invoke -CommandName New-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should create new attribute set with alias" { + $result = New-EntraBetaAttributeSet -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet 21 + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.Description | should -Be "New AttributeSet" + $result.MaxAttributesPerSet | should -Be 21 + + Should -Invoke -CommandName New-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when AttributeSetId is empty" { + { New-EntraBetaAttributeSet -AttributeSetId -Description "New AttributeSet" -MaxAttributesPerSet 21 } | Should -Throw "Missing an argument for parameter 'AttributeSetId'*" + } + + It "Should fail when Description is empty" { + { New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description -MaxAttributesPerSet 21 } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when MaxAttributesPerSet is empty" { + { New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet } | Should -Throw "Missing an argument for parameter 'MaxAttributesPerSet'*" + } + + It "Should fail when MaxAttributesPerSet is invalid" { + { New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet "XYZ" } | Should -Throw "Cannot process argument transformation on parameter 'MaxAttributesPerSet'*" + } + + It "Result should Contain ObjectId" { + $result = New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet 21 + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAttributeSet" + + $result = New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet 21 + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaAttributeSet" + + Should -Invoke -CommandName New-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaAttributeSet -AttributeSetId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Description "New AttributeSet" -MaxAttributesPerSet 21 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test/EntraBeta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..1853390f32 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,146 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AllowedValues" = "" + "AttributeSet" = "Test" + "Description" = "Target completion date" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "IsCollection" = $false + "IsSearchable" = $true + "Name" = "Date" + "Status" = "Available" + "Type" = "String" + "UsePreDefinedValuesOnly" = $true + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#directory/customSecurityAttributeDefinitions/$entity'} + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinition -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "New-EntraBetaCustomSecurityAttributeDefinition" { + Context "Test for New-EntraBetaCustomSecurityAttributeDefinition" { + It "Should create new custom security attribute definition" { + $result = New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true + $result | Should -Not -BeNullOrEmpty + $result.AllowedValues | should -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + $result.AttributeSet | should -Be 'Test' + $result.Description | should -Be 'Target completion date' + $result.Name | should -Be 'Date' + $result.Status | should -Be 'Available' + $result.Type | should -Be 'String' + $result.IsCollection | should -Be $false + $result.IsSearchable | should -Be $true + $result.UsePreDefinedValuesOnly | should -Be $true + + Should -Invoke -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when AttributeSet is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'AttributeSet'*" + } + + It "Should fail when Description is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when Name is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Name'*" + } + + It "Should fail when Type is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Type'*" + } + + It "Should fail when Status is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Status'*" + } + + It "Should fail when IsCollection is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'IsCollection'*" + } + + It "Should fail when IsSearchable is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'IsSearchable'*" + } + + It "Should fail when UsePreDefinedValuesOnly is empty" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly } | Should -Throw "Missing an argument for parameter 'UsePreDefinedValuesOnly'*" + } + + It "Should fail when AttributeSet is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'AttributeSet' because it is an empty string.*" + } + + It "Should fail when Name is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'Name' because it is an empty string.*" + } + + It "Should fail when Type is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'Type' because it is an empty string.*" + } + + It "Should fail when Status is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'Status' because it is an empty string.*" + } + + It "Should fail when IsCollection is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection "" -IsSearchable $true -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot process argument transformation on parameter 'IsCollection'*" + } + + It "Should fail when IsSearchable is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable "" -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot process argument transformation on parameter 'IsSearchable'*" + } + + It "Should fail when UsePreDefinedValuesOnly is invalid" { + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly "" } | Should -Throw "Cannot process argument transformation on parameter 'UsePreDefinedValuesOnly'*" + } + + It "Result should Contain ObjectId" { + $result = New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaCustomSecurityAttributeDefinition" + + $result = New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaCustomSecurityAttributeDefinition" + + Should -Invoke -CommandName New-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaCustomSecurityAttributeDefinition -AttributeSet "Test" -Name "Date" -Description "Target completion date" -Type "String" -Status "Available" -IsCollection $false -IsSearchable $true -UsePreDefinedValuesOnly $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/DirectoryManagement/New-EntraBetaDirectorySetting.Tests.ps1 b/test/EntraBeta/DirectoryManagement/New-EntraBetaDirectorySetting.Tests.ps1 new file mode 100644 index 0000000000..9bbf65cf7a --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/New-EntraBetaDirectorySetting.Tests.ps1 @@ -0,0 +1,120 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Password Rule Settings" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "TemplateId" = "bbbbbbbb-1111-2222-3333-cccccccccc56" + "Values" = [PSCustomObject]@{ + "BannedPasswordCheckOnPremisesMode" = "Audit" + "EnableBannedPasswordCheckOnPremises" = $true + "EnableBannedPasswordCheck" = $true + "LockoutDurationInSeconds" = 60 + "LockoutThreshold" = 10 + "BannedPasswordList" = $null + } + "AdditionalProperties" = [PSCustomObject]@{ + "@odata.context" = 'https://graph.microsoft.com/beta/$metadata#settings/$entity' + } + "Parameters" = $args + } + ) + } + + $scriptblock1 = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Group.Unified.Guest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "Settings for a specific Unified Group" + "Parameters" = $args + "Values" = @( + [PSCustomObject]@{ + "Name" = "AllowToAddGuests" + "Description" = "" + "Type" = "" + "DefaultValue" = $true + } + ) + } + ) + } + + Mock -CommandName Get-MgBetaDirectorySettingTemplate -MockWith $scriptblock1 -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName New-MgBetaDirectorySetting -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "New-EntraBetaDirectorySetting" { + Context "Test for New-EntraBetaDirectorySetting" { + It "Should creates a directory settings object in Azure Active Directory (AD)" { + $template = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc56" + $settingsCopy = $template.CreateDirectorySetting() + $result = New-EntraBetaDirectorySetting -DirectorySetting $settingsCopy + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "Password Rule Settings" + $result.TemplateId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName New-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when DirectorySetting is empty" { + { New-EntraBetaDirectorySetting -DirectorySetting } | Should -Throw "Missing an argument for parameter 'DirectorySetting'*" + } + + It "Should fail when DirectorySetting is Invalid" { + { + $template = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc56" + $settingsCopy = $template + New-EntraBetaDirectorySetting -DirectorySetting $settingsCopy } | Should -Throw "Cannot process argument transformation on parameter 'DirectorySetting'*" + } + + It "Should contain BodyParameter in parameters when passed DirectorySetting to it" { + $template = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc56" + $settingsCopy = $template.CreateDirectorySetting() + $result = New-EntraBetaDirectorySetting -DirectorySetting $settingsCopy + $params = Get-Parameters -data $result.Parameters + $params.BodyParameter | Should -Not -BeNullOrEmpty + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaDirectorySetting" + $template = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc56" + $settingsCopy = $template.CreateDirectorySetting() + New-EntraBetaDirectorySetting -DirectorySetting $settingsCopy + + Should -Invoke -CommandName New-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $template = Get-EntraBetaDirectorySettingTemplate -Id "bbbbbbbb-1111-2222-3333-cccccccccc56" + $settingsCopy = $template.CreateDirectorySetting() + + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaDirectorySetting -DirectorySetting $settingsCopy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..616f58b176 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnit.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgBetaAdministrativeUnit -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaAdministrativeUnit" { + Context "Test for Remove-EntraBetaAdministrativeUnit" { + It "Should return empty object" { + $result = Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraBetaAdministrativeUnit -ObjectId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId "" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + Mock -CommandName Remove-MgBetaAdministrativeUnit -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.AdministrativeUnitId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaAdministrativeUnit" + + Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaAdministrativeUnit" + Should -Invoke -CommandName Remove-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 new file mode 100644 index 0000000000..80e6fdb68c --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgBetaDirectoryAdministrativeUnitMemberByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaAdministrativeUnitMember" { + Context "Test for Remove-EntraBetaAdministrativeUnitMember" { + It "Should return empty object" { + $result = Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraBetaAdministrativeUnitMember -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee" } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "" -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee"} | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when MemberId is empty" { + { Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId } | Should -Throw "Missing an argument for parameter 'MemberId'*" + } + It "Should fail when MemberId is invalid" { + { Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId ""} | Should -Throw "Cannot bind argument to parameter 'MemberId' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaAdministrativeUnitMember" + + Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaAdministrativeUnitMember" + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitMemberByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaAdministrativeUnitMember -AdministrativeUnitId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -MemberId "dddddddd-9999-0000-1111-eeeeeeeeeeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDevice.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDevice.Tests.ps1 new file mode 100644 index 0000000000..a46a675a43 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDevice.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaDevice -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaDevice" { + Context "Test for Remove-EntraBetaDevice" { + It "Should return empty object" { + $result = Remove-EntraBetaDevice -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaDevice -ObjectId bbbbbbbb-1111-2222-3333-cccccccccccc + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraBetaDevice -DeviceId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string." + } + It "Should fail when DeviceId is empty" { + { Remove-EntraBetaDevice -DeviceId } | Should -Throw "Missing an argument for parameter 'DeviceId'*" + } + It "Should contain DeviceId in parameters when passed DeviceId to it" { + Mock -CommandName Remove-MgBetaDevice -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDevice -DeviceId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDevice" + Remove-EntraBetaDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Remove-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDevice -DeviceId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..9bdc2fda4b --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaDeviceRegisteredOwner" { + Context "Test for Remove-EntraBetaDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when OwnerId is empty" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } + } + It "Should fail when OwnerId is invalid" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..414f35ab0c --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaDeviceRegisteredUser" { + Context "Test for Remove-EntraBetaDeviceRegisteredUser" { + It "Should return empty object" { + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when UserId is empty" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } + } + It "Should fail when UserId is invalid" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" + + Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDirectorySetting.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDirectorySetting.Tests.ps1 new file mode 100644 index 0000000000..affb7984dd --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaDirectorySetting.Tests.ps1 @@ -0,0 +1,68 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaDirectorySetting -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaDirectorySetting" { + Context "Test for Remove-EntraBetaDirectorySetting" { + It "Should removes a directory setting from Azure Active Directory (AD)" { + $result = Remove-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaDirectorySetting -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaDirectorySetting -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain DirectorySettingId in parameters when passed Id to it" { + Mock -CommandName Remove-MgBetaDirectorySetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.DirectorySettingId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDirectorySetting" + + $result = Remove-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDirectorySetting" + + Should -Invoke -CommandName Remove-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.Tests.ps1 new file mode 100644 index 0000000000..5ebbe63703 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Remove-EntraBetaScopedRoleMembership.Tests.ps1 @@ -0,0 +1,74 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Remove-EntraBetaScopedRoleMembership" { + Context "Test for Remove-EntraBetaScopedRoleMembership" { + It "Should return empty object" { + $result = Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should return empty object" { + $result = Remove-EntraBetaScopedRoleMembership -ObjectId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when AdministrativeUnitId is empty" { + { Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when AdministrativeUnitId is invalid" { + { Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU"} | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when ScopedRoleMembershipId is empty" { + { Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId } | Should -Throw "Missing an argument for parameter 'ScopedRoleMembershipId'*" + } + It "Should fail when ScopedRoleMembershipId is invalid" { + { Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId ""} | Should -Throw "Cannot bind argument to parameter 'ScopedRoleMembershipId' because it is an empty string." + } + It "Should contain AdministrativeUnitId in parameters when passed AdministrativeUnitId to it" { + Mock -CommandName Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + $params = Get-Parameters -data $result + $params.AdministrativeUnitId | Should -Be "dddddddd-1111-2222-3333-eeeeeeeeeeee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaScopedRoleMembership" + + Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaScopedRoleMembership" + Should -Invoke -CommandName Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaScopedRoleMembership -AdministrativeUnitId "dddddddd-1111-2222-3333-eeeeeeeeeeee" -ScopedRoleMembershipId "zTVcE8KFQ0W4bI9tvt6kz9Es_cQCeeJLolvVzF_5NRdnAVb9H_8aR410OwBwq86hU" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.Tests.ps1 new file mode 100644 index 0000000000..f07ce22042 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaAdministrativeUnit.Tests.ps1 @@ -0,0 +1,74 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Update-MgBetaAdministrativeUnit -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaAdministrativeUnit" { + Context "Test for Set-EntraBetaAdministrativeUnit" { + It "Should return empty object" { + $result = Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when Id is empty" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId -DisplayName "Mock-Admin-Unit" } | Should -Throw "Missing an argument for parameter 'AdministrativeUnitId'*" + } + It "Should fail when Id is invalid" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "" -Description "NewAdministrativeUnit" } | Should -Throw "Cannot bind argument to parameter 'AdministrativeUnitId' because it is an empty string." + } + It "Should fail when DisplayName is empty" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + It "Should fail when Description is empty" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + It "Should fail when IsMemberManagementRestricted is empty" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" --DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted } | Should -Throw "Missing an argument for parameter 'IsMemberManagementRestricted'*" + } + It "Should fail when IsMemberManagementRestricted is invalid" { + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -IsMemberManagementRestricted "" } | Should -Throw "Cannot process argument transformation on parameter 'IsMemberManagementRestricted'.*" + } + It "Should contain AdministrativeUnitId in parameters when passed ObjectId to it" { + Mock -CommandName Update-MgBetaAdministrativeUnit -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" + $params = Get-Parameters -data $result + $params.AdministrativeUnitId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaAdministrativeUnit" + + Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaAdministrativeUnit" + Should -Invoke -CommandName Update-MgBetaAdministrativeUnit -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaAdministrativeUnit -AdministrativeUnitId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -DisplayName "Mock-Admin-Unit" -Description "NewAdministrativeUnit" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaAttributeSet.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaAttributeSet.Tests.ps1 new file mode 100644 index 0000000000..d5908bdcda --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaAttributeSet.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaDirectoryAttributeSet -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaAttributeSet" { + Context "Test for Set-EntraBetaAttributeSet" { + It "Should update attribute set" { + $result = Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet 22 + $result | Should -Be -NullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should update attribute set with alias" { + $result = Set-EntraBetaAttributeSet -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet 22 + $result | Should -Be -NullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when AttributeSetId is empty" { + { Set-EntraBetaAttributeSet -AttributeSetId -Description "Update AttributeSet" -MaxAttributesPerSet 22 } | Should -Throw "Missing an argument for parameter 'AttributeSetId'*" + } + + It "Should fail when Description is empty" { + { Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description -MaxAttributesPerSet 22 } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when MaxAttributesPerSet is empty" { + { Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet } | Should -Throw "Missing an argument for parameter 'MaxAttributesPerSet'*" + } + + It "Should fail when MaxAttributesPerSet is invalid" { + { Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet "XYZ" } | Should -Throw "Cannot process argument transformation on parameter 'MaxAttributesPerSet'*" + } + + It "Should contain AttributeSetId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaDirectoryAttributeSet -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet 22 + $params = Get-Parameters -data $result + $params.AttributeSetId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaAttributeSet" + $result = Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet 22 + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaAttributeSet" + Should -Invoke -CommandName Update-MgBetaDirectoryAttributeSet -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaAttributeSet -AttributeSetId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Update AttributeSet" -MaxAttributesPerSet 22 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 new file mode 100644 index 0000000000..7f7fe15549 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinition -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaCustomSecurityAttributeDefinition" { + Context "Test for Set-EntraBetaCustomSecurityAttributeDefinition" { + It "Should update custom security attribute definition" { + $result = Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Description is empty" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description -Status "Available" -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when Status is empty" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status -UsePreDefinedValuesOnly $true } | Should -Throw "Missing an argument for parameter 'Status'*" + } + + It "Should fail when UsePreDefinedValuesOnly is empty" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly } | Should -Throw "Missing an argument for parameter 'UsePreDefinedValuesOnly'*" + } + + It "Should fail when Id is invalid" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + + It "Should fail when UsePreDefinedValuesOnly is invalid" { + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly "" } | Should -Throw "Cannot process argument transformation on parameter 'UsePreDefinedValuesOnly'*" + } + + It "Should contain CustomSecurityAttributeDefinitionId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinition -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true + $params = Get-Parameters -data $result + $params.CustomSecurityAttributeDefinitionId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaCustomSecurityAttributeDefinition" + $result = Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaCustomSecurityAttributeDefinition" + Should -Invoke -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinition -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaCustomSecurityAttributeDefinition -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Description "Target completion date" -Status "Available" -UsePreDefinedValuesOnly $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 new file mode 100644 index 0000000000..769a9534b7 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" { + Context "Test for Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" { + It "Should update a specific value for the Id" { + $result = Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when CustomSecurityAttributeDefinitionId are empty" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false } | Should -Throw "Missing an argument for parameter 'CustomSecurityAttributeDefinitionId'*" + } + + It "Should fail when CustomSecurityAttributeDefinitionId is Invalid" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId "" -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false } | Should -Throw "Cannot bind argument to parameter 'CustomSecurityAttributeDefinitionId' because it is an empty string." + } + + It "Should fail when Id are empty" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id -IsActive $false } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is Invalid" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "" -IsActive $false } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when IsActive are empty" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive } | Should -Throw "Missing an argument for parameter 'IsActive'*" + } + + It "Should fail when IsActive are invalid" { + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive dffg } | Should -Throw "Cannot process argument transformation on parameter 'IsActive'*" + } + + It "Should contain AllowedValueId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false + $params = Get-Parameters -data $result + $params.AllowedValueId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" + $result = Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue" + Should -Invoke -CommandName Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue -CustomSecurityAttributeDefinitionId Engineering_Projectt -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -IsActive $false -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDevice.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDevice.Tests.ps1 new file mode 100644 index 0000000000..ea079e98a2 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDevice.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaDevice -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaDevice"{ + Context "Test for Set-EntraBetaDevice" { + It "Should return empty object"{ + $result = Set-EntraBetaDevice -DeviceObjectId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" -AccountEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraBetaDevice -ObjectId bbbbbbbb-1111-2222-3333-cccccccccccc -DisplayName "Mock-App" -AccountEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when DeviceObjectId is invalid" { + { Set-EntraBetaDevice -DeviceObjectId "" } | Should -Throw "Cannot bind argument to parameter 'DeviceObjectId' because it is an empty string." + } + It "Should fail when DeviceObjectId is empty" { + { Set-EntraBetaDevice -DeviceObjectId } | Should -Throw "Missing an argument for parameter 'DeviceObjectId'*" + } + It "Should contain DeviceId in parameters when passed DeviceObjectId to it" { + Mock -CommandName Update-MgBetaDevice -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $result = Set-EntraBetaDevice -DeviceObjectId bbbbbbbb-1111-2222-3333-cccccccccccc + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDevice" + Set-EntraBetaDevice -DeviceObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Update-MgBetaDevice -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDevice -DeviceObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.Tests.ps1 new file mode 100644 index 0000000000..40de0edfff --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncConfiguration.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Configuration" = @{ AlertThreshold =500 ; SynchronizationPreventionType = "enabledForCount"} + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + Mock -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Set-EntraBetaDirSyncConfiguration" { + Context "Test for Set-EntraBetaDirSyncConfiguration" { + It "Should Modifies the directory synchronization settings." { + $result = Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when AccidentalDeletionThreshold is empty" { + {Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold -Force } | Should -Throw "Missing an argument for parameter 'AccidentalDeletionThreshold'. Specify a parameter*" + } + + It "Should fail when AccidentalDeletionThreshold is invalid" { + {Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "xy" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold '111' -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "111" -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDirSyncConfiguration" + + Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDirSyncConfiguration" + + Should -Invoke -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDirSyncConfiguration -AccidentalDeletionThreshold "111" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Force -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.Tests.ps1 new file mode 100644 index 0000000000..dd531b0ad7 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncEnabled.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + Mock -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName Update-MgBetaOrganization -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Set-EntraBetaDirSyncEnabled" { + Context "Test for Set-EntraBetaDirSyncEnabled" { + It "Should Modifies the directory synchronization settings." { + $result = Set-EntraBetaDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force + write-host $result + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaOrganization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when EnableDirsync is empty" { + {Set-EntraBetaDirSyncEnabled -EnableDirsync -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force } | Should -Throw "Missing an argument for parameter 'EnableDirsync'. Specify a parameter*" + } + + It "Should fail when EnableDirsync is invalid" { + {Set-EntraBetaDirSyncEnabled -EnableDirsync 'xy' -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraBetaDirSyncEnabled -EnableDirsync $True -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraBetaDirSyncEnabled -EnableDirsync $True -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraBetaDirSyncEnabled -EnableDirsync $True -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDirSyncEnabled" + + Set-EntraBetaDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force | Out-Null + Should -Invoke -CommandName Update-MgBetaOrganization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDirSyncEnabled -EnableDirsync $True -TenantId 'aaaaaaaa-1111-1111-1111-000000000000' -Force -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncFeature.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncFeature.Tests.ps1 new file mode 100644 index 0000000000..0c7d6655e8 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirSyncFeature.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "Configuration" = @{ AlertThreshold =500 ; SynchronizationPreventionType = "enabledForCount"} + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + ) + } + Mock -CommandName Get-MgBetaDirectoryOnPremiseSynchronization -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Set-EntraBetaDirSyncFeature" { + Context "Test for Set-EntraBetaDirSyncFeature" { + It "Should sets identity synchronization features for a tenant." { + $result = Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force -ErrorAction SilentlyContinue + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Feature is empty" { + {Set-EntraBetaDirSyncFeature -Feature -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force} | Should -Throw "Missing an argument for parameter 'Feature'. Specify a parameter*" + } + + It "Should fail when Feature is invalid" { + {Set-EntraBetaDirSyncFeature -Feature "" -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force} | Should -Throw "Cannot bind argument to parameter 'Feature' because it is an empty string.*" + } + + It "Should fail when Enable is empty" { + {Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force } | Should -Throw "Missing an argument for parameter 'Enabled'.*" + } + + It "Should fail when Enable is invalid" { + {Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable "" -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force} | Should -Throw "Cannot process argument transformation on parameter 'Enabled'.*" + } + + It "Should fail when TenantId is empty" { + {Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId -Force } | Should -Throw "Missing an argument for parameter 'TenantId'. Specify a parameter*" + } + + It "Should fail when TenantId is invalid" { + {Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId "" -Force} | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when Force parameter is passes with argument" { + {Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force "xy"} | Should -Throw "A positional parameter cannot be found that accepts argument*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraAttributeSet" + + Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force -ErrorAction SilentlyContinue | Out-Null + Should -Invoke -CommandName Update-MgBetaDirectoryOnPremiseSynchronization -ModuleName Microsoft.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDirSyncFeature -Feature "BypassDirSyncOverrides" -Enable $false -TenantId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Force -ErrorAction SilentlyContinue -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirectorySetting.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirectorySetting.Tests.ps1 new file mode 100644 index 0000000000..9a87e0f703 --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDirectorySetting.Tests.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Group.Unified.Guest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "Settings for a specific Unified Group" + "Parameters" = $args + "Values" = @( + [PSCustomObject]@{ + "Name" = "AllowToAddGuests" + "Description" = "" + "Type" = "" + "DefaultValue" = $true + } + ) + } + ) + } + + Mock -CommandName Get-MgBetaDirectorySettingTemplate -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName Update-MgBetaDirectorySetting -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} + +Describe "Set-EntraBetaDirectorySetting" { + Context "Test for Set-EntraBetaDirectorySetting" { + It "Should updates a directory setting in Azure Active Directory (AD)" { + $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + $result = Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting $settingsCopy + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when Id is empty" { + { $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + Set-EntraBetaDirectorySetting -Id -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + Set-EntraBetaDirectorySetting -Id "" -DirectorySetting $settingsCopy } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + + It "Should fail when DirectorySetting is empty" { + { $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting } | Should -Throw "Missing an argument for parameter 'DirectorySetting'*" + } + + It "Should fail when DirectorySetting is invalid" { + { Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting "" } | Should -Throw "Cannot process argument transformation on parameter 'DirectorySetting'.*" + } + + It "Should contain BodyParameter in parameters when passed DirectorySetting to it" { + Mock -CommandName Update-MgBetaDirectorySetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + $result = Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting $settingsCopy + $params = Get-Parameters -data $result + $params.BodyParameter | Should -Not -BeNullOrEmpty + } + + It "Should contain DirectorySettingId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaDirectorySetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + $result = Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting $settingsCopy + $params = Get-Parameters -data $result + $params.DirectorySettingId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + Mock -CommandName Update-MgBetaDirectorySetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDirectorySetting" + $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting $settingsCopy + + Should -Invoke -CommandName Update-MgBetaDirectorySetting -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $template = Get-EntraBetaDirectorySettingTemplate -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["EnableBannedPasswordCheckOnPremises"] = "False" + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDirectorySetting -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -DirectorySetting $settingsCopy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.Tests.ps1 new file mode 100644 index 0000000000..b910fb936b --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaDomainFederationSettings.Tests.ps1 @@ -0,0 +1,93 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblock = { + return @( + [PSCustomObject]@{ + "ActiveSignInUri" = "https://sts.deverett.info/adfs/services/trust/2005/usernamemixed" + "DisplayName" = "Contoso" + "FederatedIdpMfaBehavior" = "rejectMfaByFederatedIdp" + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "IsSignedAuthenticationRequestRequired" = "" + "IssuerUri" = "http://contoso.com/adfs/services/trust/" + "MetadataExchangeUri" = "https://sts.contoso.com/adfs/services/trust/mex" + "NextSigningCertificate" = "MIIC3jCCAcagAwIBAgIQEt0T0G5GPZ9" + "PassiveSignInUri" = "https://sts.contoso.com/adfs/ls/" + "PreferredAuthenticationProtocol" = "wsFed" + "PromptLoginBehavior" = "" + "SignOutUri" = "https://sts.deverett.info/adfs/ls/" + "SigningCertificate" = "MIIC3jCCAcagAwIBAgIQFsO0R8deG4h" + "SigningCertificateUpdateStatus" = @{ + "CertificateUpdateResult" = "success"; + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaDomainFederationConfiguration -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + + Mock -CommandName Update-MgBetaDomainFederationConfiguration -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement +} +Describe "Set-EntraBetaDomainFederationSettings" { + Context "Test for Set-EntraBetaDomainFederationSettings" { + It "Should Updates settings for a federated domain." { + $result = Set-EntraBetaDomainFederationSettings -DomainName "manan.lab.myworkspace.microsoft.com" -LogOffUri "https://adfs1.manan.lab/adfs/" -PassiveLogOnUri "https://adfs1.manan.lab/adfs/" -ActiveLogOnUri "https://adfs1.manan.lab/adfs/services/trust/2005/" -IssuerUri "http://adfs1.manan.lab/adfs/services/" -FederationBrandName "ADFS" -MetadataExchangeUri "https://adfs1.manan.lab/adfs/services/trust/" -PreferredAuthenticationProtocol "saml" -PromptLoginBehavior "nativeSupport" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + + It "Should fail when DomainName is empty" { + {Set-EntraBetaDomainFederationSettings -DomainName} | Should -Throw "Missing an argument for parameter 'DomainName'. Specify a parameter*" + } + + It "Should fail when DomainName is invalid" { + {Set-EntraBetaDomainFederationSettings -DomainName ""} | Should -Throw "Cannot bind argument to parameter 'DomainName' because it is an empty string.*" + } + + It "Should fail when parameter is empty" { + {Set-EntraBetaDomainFederationSettings -DomainName "manan.lab.myworkspace.microsoft.com" -LogOffUri -PassiveLogOnUri -ActiveLogOnUri -IssuerUri -FederationBrandName -MetadataExchangeUri -PreferredAuthenticationProtocol -PromptLoginBehavior } | Should -Throw "Missing an argument for parameter*" + } + It "Should fail when invalid paramter is passed"{ + {Set-EntraBetaDomainFederationSettings -Demo } | Should -Throw "A parameter cannot be found that matches parameter name 'Demo'*" + } + It "Should contain DomainId in parameters when DomainName to it" { + Mock -CommandName Update-MgBetaDomainFederationConfiguration -MockWith {$args} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + $result = Set-EntraBetaDomainFederationSettings -DomainName "manan.lab.myworkspace.microsoft.com" + $params = Get-Parameters -data $result + $a= $params | ConvertTo-json | ConvertFrom-Json + $a.DomainId | Should -Be "manan.lab.myworkspace.microsoft.com" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDomainFederationSettings" + + Set-EntraBetaDomainFederationSettings -DomainName "manan.lab.myworkspace.microsoft.com" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaDomainFederationSettings" + + Should -Invoke -CommandName Update-MgBetaDomainFederationConfiguration -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaDomainFederationSettings -DomainName "manan.lab.myworkspace.microsoft.com" -LogOffUri "https://adfs1.manan.lab/adfs/" -PassiveLogOnUri "https://adfs1.manan.lab/adfs/" -ActiveLogOnUri "https://adfs1.manan.lab/adfs/services/trust/2005/" -IssuerUri "http://adfs1.manan.lab/adfs/services/" -FederationBrandName "ADFS" -MetadataExchangeUri "https://adfs1.manan.lab/adfs/services/trust/" -PreferredAuthenticationProtocol "saml" -PromptLoginBehavior "nativeSupport" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/DirectoryManagement/Set-EntraBetaPartnerInformation.Tests.ps1 b/test/EntraBeta/DirectoryManagement/Set-EntraBetaPartnerInformation.Tests.ps1 new file mode 100644 index 0000000000..3bd042222d --- /dev/null +++ b/test/EntraBeta/DirectoryManagement/Set-EntraBetaPartnerInformation.Tests.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -MockWith { + return @{ + value = @( + @{ + Id = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + Parameters = $args + } + ) + } + } +} + +Describe "Set-EntraBetaPartnerInformation"{ + Context "Test for Set-EntraBetaPartnerInformation" { + It "Should return empty object"{ + Mock -CommandName Invoke-MgGraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.DirectoryManagement + $result = Set-EntraBetaPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId b73cc049-a025-4441-ba3a-8826d9a68ecc + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 + } + It "Should fail when PartnerSupportUrl is empty" { + { Set-EntraBetaPartnerInformation -PartnerSupportUrl } | Should -Throw "Missing an argument for parameter 'PartnerSupportUrl'*" + } + It "Should fail when PartnerCommerceUrl is empty" { + { Set-EntraBetaPartnerInformation -PartnerCommerceUrl } | Should -Throw "Missing an argument for parameter 'PartnerCommerceUrl'*" + } + It "Should fail when PartnerHelpUrl is empty" { + { Set-EntraBetaPartnerInformation -PartnerHelpUrl } | Should -Throw "Missing an argument for parameter 'PartnerHelpUrl'*" + } + It "Should fail when PartnerSupportEmails is empty" { + { Set-EntraBetaPartnerInformation -PartnerSupportEmails } | Should -Throw "Missing an argument for parameter 'PartnerSupportEmails'*" + } + It "Should fail when PartnerSupportTelephones is empty" { + { Set-EntraBetaPartnerInformation -PartnerSupportTelephones } | Should -Throw "Missing an argument for parameter 'PartnerSupportTelephones'*" + } + It "Should fail when TenantId is empty" { + { Set-EntraBetaPartnerInformation -TenantId } | Should -Throw "Missing an argument for parameter 'TenantId'*" + } + It "Should fail when TenantId is invlaid" { + { Set-EntraBetaPartnerInformation -TenantId abc } | Should -Throw "Cannot process argument transformation on parameter 'TenantId'*" + } + It "Should contain params" { + $result = Set-EntraBetaPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ff" + $params = Get-Parameters -data $result.value.Parameters + $params.Body.supportEmails | Should -Be @("contoso@example.com") + $params.Body.supportUrl | Should -Be "http://www.test1.com" + $params.Body.partnerTenantId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ff" + $params.Body.helpUrl | Should -Be "http://www.test1.com" + $params.Body.commerceUrl | Should -Be "http://www.test1.com" + $params.Body.supportTelephones | Should -Be @("2342") + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPartnerInformation" + Set-EntraBetaPartnerInformation -PartnerSupportUrl "http://www.test1.com" -PartnerCommerceUrl "http://www.test1.com" -PartnerHelpUrl "http://www.test1.com" -PartnerSupportEmails "contoso@example.com" -PartnerSupportTelephones "2342" -TenantId "00aa00aa-bb11-cc22-dd33-44ee44ee44ff" + Should -Invoke -CommandName Invoke-MgGraphRequest -ModuleName Microsoft.Entra.Beta.DirectoryManagement -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaPartnerInformation -PartnerSupportUrl "http://www.test1.com" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/EntraBeta.Tests.ps1 b/test/EntraBeta/EntraBeta.Tests.ps1 new file mode 100644 index 0000000000..77c9bc2b57 --- /dev/null +++ b/test/EntraBeta/EntraBeta.Tests.ps1 @@ -0,0 +1,54 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Authentication)){ + Import-Module Microsoft.Entra.Beta.Authentication -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Applications)){ + Import-Module Microsoft.Entra.Beta.Applications -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement)){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Governance)){ + Import-Module Microsoft.Entra.Beta.Governance -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Users)){ + Import-Module Microsoft.Entra.Beta.Users -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Groups)){ + Import-Module Microsoft.Entra.Beta.Groups -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.Reports)){ + Import-Module Microsoft.Entra.Beta.Reports -Force +} +if($null -eq (Get-Module -Name Microsoft.Entra.Beta.SignIns)){ + Import-Module Microsoft.Entra.Beta.SignIns -Force +} + +Import-Module Pester + +#$psmPath = (Get-Module Microsoft.Entra.Beta).Path +$ps1FilesPath = join-path $psscriptroot "..\..\module\EntraBeta\Microsoft.Entra" +$testReportPath = join-path $psscriptroot "..\..\TestReport\EntraBeta" +$mockScriptsPath = join-path $psscriptroot "..\..\test\EntraBeta\*\*.Tests.ps1" + +$testOutputFile = "$testReportPath\TestResults.xml" +if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} + +$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "EntraBeta.Tests.ps1" | ForEach-Object { $_.FullName } + +$config = New-PesterConfiguration +$config.Run.Path = $mockScripts +$config.Run.PassThru = $true +$config.Run.Exit = $true +$config.CodeCoverage.Enabled = $false +$config.CodeCoverage.CoveragePercentTarget = 100 +# $config.CodeCoverage.Path = $psmPath +$config.CodeCoverage.Path = $ps1FilesPath +$config.TestResult.Enabled = $true +$config.TestResult.OutputPath = $testOutputFile +$config.Output.Verbosity = "Detailed" + +Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test/EntraBeta/General.Tests.ps1 b/test/EntraBeta/General.Tests.ps1 new file mode 100644 index 0000000000..57fd290e84 --- /dev/null +++ b/test/EntraBeta/General.Tests.ps1 @@ -0,0 +1,40 @@ +# # ------------------------------------------------------------------------------ +# # Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# # ------------------------------------------------------------------------------ + +# BeforeAll { +# if((Get-Module -Name Microsoft.Entra.Beta) -eq $null){ +# Import-Module Microsoft.Entra.Beta +# } +# } + +# Describe 'PowerShell Version Check' { +# It 'Version 5.1 or Greater' { +# $semanticVersion = $PSVersionTable.PSVersion +# $version = $semanticVersion.Major + ($semanticVersion.Minor * 0.1) +# $version | Should -BeGreaterOrEqual 5.1 +# } +# } + +# Describe 'Module checks' { +# It 'Module imported' { +# $module = Get-Module -Name Microsoft.Entra.Beta +# $module | Should -Not -Be $null +# } + +# It 'Have more that zero exported functions' { +# $module = Get-Module -Name Microsoft.Entra.Beta +# $module.ExportedCommands.Keys.Count | Should -BeGreaterThan 0 +# } + +# It 'Known number translated commands' { +# $module = Get-Module -Name Microsoft.Entra.Beta +# $module.ExportedCommands.Keys.Count | Should -Be 293 +# } + +# It 'Running a simple command Enable-EntraAzureADAlias'{ +# Enable-EntraAzureADAlias +# $Alias = Get-Alias -Name Get-AzureADUser +# $Alias | Should -Not -Be $null +# } +# } diff --git a/test/EntraBeta/Governance/Get-EntraBetaPrivilegedResource.Tests.ps1 b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedResource.Tests.ps1 new file mode 100644 index 0000000000..7fd6cdcb4b --- /dev/null +++ b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedResource.Tests.ps1 @@ -0,0 +1,158 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Governance) -eq $null){ + Import-Module Microsoft.Entra.Beta.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "new" + "ExternalId" = "/administrativeUnits/bbbbbbbb-1111-2222-3333-cccccccccc55" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Parent" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphGovernanceResource" + "RegisteredDateTime" = $null + "RegisteredRoot" = $null + "RoleAssignmentRequests" = @() + "RoleAssignments" = @() + "RoleDefinitions" = @() + "RoleSettings" = @() + "Status" = "Active" + "Type" = "administrativeUnits" + "AdditionalProperties" = @{"@odata.context"="https://graph.microsoft.com/beta/`$metadata#governanceResources/`$entity"} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaPrivilegedAccessResource -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Governance +} + +Describe "Get-EntraBetaPrivilegedResource" { + Context "Test for Get-EntraBetaPrivilegedResource" { + It "Should retrieve all resources from Microsoft Entra ID." { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + + It "Should fail when ProviderId are empty" { + { Get-EntraBetaPrivilegedResource -ProviderId } | Should -Throw "Missing an argument for parameter 'ProviderId'*" + } + + It "Should fail when ProviderId is Invalid" { + { Get-EntraBetaPrivilegedResource -ProviderId "" } | Should -Throw "Cannot bind argument to parameter 'ProviderId' because it is an empty string." + } + + It "Should get a specific privileged resource" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.Status | Should -Be "Active" + $result.Type | Should -Be "administrativeUnits" + $result.ExternalId | Should -Be "/administrativeUnits/bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.DisplayName | Should -Be "new" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + + It "Should fail when Id are empty" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is Invalid" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should get top privileged resources" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + + It "Should fail when Top are empty" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is Invalid" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Top XYZ } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should get a specific privileged resource by filter" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Filter "DisplayName eq 'new'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.Status | Should -Be "Active" + $result.Type | Should -Be "administrativeUnits" + $result.ExternalId | Should -Be "/administrativeUnits/bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.DisplayName | Should -Be "new" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + + It "Should fail when Filter are empty" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should contain ObjectId in result" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain GovernanceResourceId in parameters when passed Id to it" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.GovernanceResourceId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + + It "Should contain PrivilegedAccessId in parameters when passed ProviderId to it" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.PrivilegedAccessId | Should -Be "aadRoles" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'new' + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedResource" + $result= Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedResource" + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResource -ModuleName Microsoft.Entra.Beta.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPrivilegedResource -ProviderId aadRoles -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 new file mode 100644 index 0000000000..bbbb9fddf2 --- /dev/null +++ b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 @@ -0,0 +1,137 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Governance) -eq $null){ + Import-Module Microsoft.Entra.Beta.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "ExternalId" = "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + "DisplayName" = "Mock Portal" + "Resource" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphGovernanceResource" + "ResourceId" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "RoleSetting" = " Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphGovernanceRoleSetting" + "TemplateId" = "542932a4-a3b5-4094-8829-ad59de0c8689" + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#governanceRoleDefinitions/$entity'} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Governance +} + +Describe "Get-EntraBetaPrivilegedRoleDefinition" { + Context "Test for Get-EntraBetaPrivilegedRoleDefinition" { + It "Should return specific privileged role definition" { + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock Portal" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ResourceId | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when ProviderId is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'ProviderId'*" + } + It "Should fail when ProviderId is invalid" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'ProviderId' because it is an empty string." + } + It "Should fail when ResourceId is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'ResourceId'*" + } + It "Should fail when ResourceId is invalid" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'ResourceId' because it is an empty string." + } + It "Should fail when Top is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaPrivilegedRoleDefinition -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return privileged role definition by filter" { + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Filter "DisplayName eq 'Mock Portal'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "Mock Portal" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return top 1 privileged role definition " { + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain PrivilegedAccessId in parameters when passed ProviderId to it" { + + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.PrivilegedAccessId | Should -Be "MockRoles" + } + It "Should contain GovernanceRoleSettingId in parameters when passed Id to it" { + + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.GovernanceRoleDefinitionId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock Portal' + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedRoleDefinition" + + $result = Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedRoleDefinition" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessResourceRoleDefinition -ModuleName Microsoft.Entra.Beta.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPrivilegedRoleDefinition -ProviderId "MockRoles" -ResourceId "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 new file mode 100644 index 0000000000..065222dbb7 --- /dev/null +++ b/test/EntraBeta/Governance/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 @@ -0,0 +1,162 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Governance) -eq $null){ + Import-Module Microsoft.Entra.Beta.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "dddddddd-7902-4be2-a25b-dddddddddddd" + "resourceId" = "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + "roleDefinitionId" = "eeeeeeee-c632-46ae-9ee0-dddddddddddd" + "IsDefault" = $False + "LastUpdatedBy" = "Mock Administrator" + "LastUpdatedDateTime" = "26-10-2023 17:06:45" + "Resource" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphGovernanceResource" + "RoleDefinition" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphGovernanceRoleDefinition" + + + + "AdminEligibleSettings" = @{ + "RuleIdentifier" = "AttributeConditionRule" + "Setting" = @{ + "condition" = $null + "conditionVersion" = $null + "conditionDescription"= $null + "enableEnforcement" = $false + } + } + "AdminMemberSettings" = @{ + "RuleIdentifier" = "AttributeConditionRule" + "Setting" = @{ + "condition" = $null + "conditionVersion" = $null + "conditionDescription"= $null + "enableEnforcement" = $true + } + } + "UserEligibleSettings" = @{ + "RuleIdentifier" = "AttributeConditionRule" + "Setting" = @{ + "condition" = $null + "conditionVersion" = $null + "conditionDescription"= $null + "enableEnforcement" = $true + } + } + "UserMemberSettings" = @{ + "RuleIdentifier" = "TicketingRule" + "Setting" = @{ + "ticketingRequired" = $false + } + } + "AdditionalProperties" = @{"@odata.context" = 'https://graph.microsoft.com/beta/$metadata#governanceRoleSettings/$entity'} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaPrivilegedAccessRoleSetting -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Governance +} + +Describe "Get-EntraBetaPrivilegedRoleSetting" { + Context "Test for Get-EntraBetaPrivilegedRoleSetting" { + It "Should return specific privileged role setting" { + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + $result.resourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.roleDefinitionId | Should -Be "eeeeeeee-c632-46ae-9ee0-dddddddddddd" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when ProviderId is empty" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Missing an argument for parameter 'ProviderId'*" + } + It "Should fail when ProviderId is invalid" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Cannot bind argument to parameter 'ProviderId' because it is an empty string." + } + It "Should return top privileged role setting" { + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Filter "ResourceId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.resourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Filter "ResourceId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Filter "ResourceId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return privileged role setting by filter" { + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Filter "ResourceId eq 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1'" + $result | Should -Not -BeNullOrEmpty + $result.resourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Filter } | Should -Throw "Missing an argument for parameter 'filter'*" + } + It "Should contain PrivilegedAccessId in parameters when passed ProviderId to it" { + + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" + $params = Get-Parameters -data $result.Parameters + $params.PrivilegedAccessId | Should -Be "MockRoles" + } + It "Should contain GovernanceRoleSettingId in parameters when passed Id to it" { + + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" + $params = Get-Parameters -data $result.Parameters + $params.GovernanceRoleSettingId | Should -Be "dddddddd-7902-4be2-a25b-dddddddddddd" + } + It "Property parameter should work" { + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -Property ResourceId + $result | Should -Not -BeNullOrEmpty + $result.resourceId | Should -Be 'a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1' + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedRoleSetting" + + $result = Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPrivilegedRoleSetting" + + Should -Invoke -CommandName Get-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Governance/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 b/test/EntraBeta/Governance/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 new file mode 100644 index 0000000000..48dc37067a --- /dev/null +++ b/test/EntraBeta/Governance/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 @@ -0,0 +1,142 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Governance) -eq $null){ + Import-Module Microsoft.Entra.Beta.Governance + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Update-MgBetaPrivilegedAccessRoleSetting -MockWith {} -ModuleName Microsoft.Entra.Beta.Governance +} + +Describe "Set-EntraBetaPrivilegedRoleSetting" { + Context "Test for Set-EntraBetaPrivilegedRoleSetting" { + It "Should return empty object" { + + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -RoleDefinitionId "b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should return empty object for UserMemberSettings" { + $setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting + $setting.RuleIdentifier = "JustificationRule" + $setting.Setting = "{'required':true}" + + $temp = $setting + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserMemberSettings $temp + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should return empty object for AdminEligibleSettings" { + $setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting + $setting.RuleIdentifier = "MfaRule" + $setting.Setting = "{'mfaRequired': true}" + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AdminEligibleSettings $setting + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should return empty object for UserEligibleSettings" { + $setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting + $setting.RuleIdentifier = "AttributeConditionRule" + $setting.Setting = "{ + 'condition'= null + 'conditionVersion'= null + 'conditionDescription'= null + 'enableEnforcement'= true + }" + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserEligibleSettings $setting + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should return empty object for AdminMemberSettings" { + $setting = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting + $setting.RuleIdentifier = "JustificationRule" + $setting.Setting = "{'required':true}" + + $temp = New-Object System.Collections.Generic.List[Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedRuleSetting] + $temp.Add($setting) + + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AdminMemberSettings $temp + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 + } + It "Should fail when Id is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when ProviderId is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" } | Should -Throw "Missing an argument for parameter 'ProviderId'*" + } + It "Should fail when ProviderId is invalid" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" } | Should -Throw "Cannot bind argument to parameter 'ProviderId' because it is an empty string." + } + It "Should fail when ResourceId is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId } | Should -Throw "Missing an argument for parameter 'ResourceId'*" + } + It "Should fail when RoleDefinitionId is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RoleDefinitionId } | Should -Throw "Missing an argument for parameter 'RoleDefinitionId'*" + } + It "Should fail when AdminEligibleSettings is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AdminEligibleSettings } | Should -Throw "Missing an argument for parameter 'AdminEligibleSettings'*" + } + It "Should fail when AdminMemberSettings is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AdminMemberSettings } | Should -Throw "Missing an argument for parameter 'AdminMemberSettings'*" + } + It "Should fail when UserEligibleSettings is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserEligibleSettings } | Should -Throw "Missing an argument for parameter 'UserEligibleSettings'*" + } + It "Should fail when UserMemberSettings is empty" { + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserMemberSettings } | Should -Throw "Missing an argument for parameter 'UserMemberSettings'*" + } + It "Should contain PrivilegedAccessId in parameters when passed ProviderId to it" { + Mock -CommandName Update-MgBetaPrivilegedAccessRoleSetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Governance + + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.PrivilegedAccessId | Should -Be "MockRoles" + } + It "Should contain GovernanceRoleSettingId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaPrivilegedAccessRoleSetting -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Governance + + $result = Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.GovernanceRoleSettingId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPrivilegedRoleSetting" + + Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPrivilegedRoleSetting" + Should -Invoke -CommandName Update-MgBetaPrivilegedAccessRoleSetting -ModuleName Microsoft.Entra.Beta.Governance -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaPrivilegedRoleSetting -ProviderId "MockRoles" -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Groups/Add-EntraBetaGroupMember.Tests.ps1 b/test/EntraBeta/Groups/Add-EntraBetaGroupMember.Tests.ps1 new file mode 100644 index 0000000000..e84b855ace --- /dev/null +++ b/test/EntraBeta/Groups/Add-EntraBetaGroupMember.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgBetaGroupMember -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Add-EntraBetaGroupMember" { + Context "Test for Add-EntraBetaGroupMember" { + It "Should return empty object" { + $result = Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Add-EntraBetaGroupMember -GroupId -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + + It "Should fail when GroupId is invalid" { + { Add-EntraBetaGroupMember -GroupId "" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName New-MgBetaGroupMember -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain DirectoryObjectId in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgBetaGroupMember -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaGroupMember" + Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaGroupMember" + Should -Invoke -CommandName New-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/Groups/Add-EntraBetaGroupOwner.Tests.ps1 b/test/EntraBeta/Groups/Add-EntraBetaGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..a563fcaf23 --- /dev/null +++ b/test/EntraBeta/Groups/Add-EntraBetaGroupOwner.Tests.ps1 @@ -0,0 +1,85 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgBetaGroupOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Add-EntraBetaGroupOwner" { + Context "Test for Add-EntraBetaGroupOwner" { + It "Should return empty object" { + $result = Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaGroupOwnerByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Add-EntraBetaGroupOwner -GroupId -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'GroupId'.*" + } + + It "Should fail when GroupId is invalid" { + { Add-EntraBetaGroupOwner -GroupId "" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName New-MgBetaGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + $result = Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain BodyParameter in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgBetaGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + $result = Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $value = @{ + "@odata.id" = "https://graph.microsoft.com/beta/users/bbbbcccc-1111-dddd-2222-eeee3333ffff"} + Should -Invoke -CommandName New-MgBetaGroupOwnerByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $BodyParameter.AdditionalProperties.'@odata.id' | Should -Be $value.'@odata.id' + Write-Host $BodyParameter.AdditionalProperties.'@odata.id' + $true + } + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaGroupOwner" + + Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaGroupOwner" + Should -Invoke -CommandName New-MgBetaGroupOwnerByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug} | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaDeletedGroup.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaDeletedGroup.Tests.ps1 new file mode 100644 index 0000000000..e3e1d14d08 --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaDeletedGroup.Tests.ps1 @@ -0,0 +1,150 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "DeletedDateTime" = "10-05-2024 04:27:17" + "CreatedDateTime" = "07-07-2023 14:31:41" + "DisplayName" = "Mock-App" + "MailNickname" = "Demo-Mock-App" + "GroupTypes" = "Unified" + "SecurityEnabled" = $False + "MailEnabled" = $True + "Visibility" = "Public" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/beta/`$metadata#groups/`$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaDeletedGroup" { +Context "Test for Get-EntraBetaDeletedGroup" { + It "Should return specific Deleted Group" { + $result = Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should return specific Deleted Group with alias" { + $result = Get-EntraBetaDeletedGroup -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when GroupId is empty" { + { Get-EntraBetaDeletedGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Get-EntraBetaDeletedGroup -GroupId ""} | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should return All deleted groups" { + $result = Get-EntraBetaDeletedGroup -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 deleted group" { + $result = Get-EntraBetaDeletedGroup -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return specific deleted group by filter" { + $result = Get-EntraBetaDeletedGroup -Filter "DisplayName eq 'Mock-App'" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.DisplayName | Should -Be "Mock-App" + $result.GroupTypes | Should -Be "Unified" + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaDeletedGroup -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return specific deleted groupn by SearchString" { + $result = Get-EntraBetaDeletedGroup -SearchString "Demo-Mock-App" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.MailNickname | Should -Be "Demo-Mock-App" + $result.DisplayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when searchstring is empty" { + { Get-EntraBetaDeletedGroup -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + It "Property parameter should work" { + $result = Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-App' + + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain GroupId in parameters when passed Id to it" { + $result = Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.DirectoryObjectId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraBetaDeletedGroup -SearchString "Demo-Mock-App" + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "Mock-App" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeletedGroup" + $result = Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaDeletedGroup" + Should -Invoke -CommandName Get-MgBetaDirectoryDeletedItemAsGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaDeletedGroup -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaGroup.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaGroup.Tests.ps1 new file mode 100644 index 0000000000..d2306ae130 --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaGroup.Tests.ps1 @@ -0,0 +1,157 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "demo" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "MailEnabled" = "False" + "Description" = "test" + "MailNickname" = "demoNickname" + "SecurityEnabled" = "True" + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaGroup" { + Context "Test for Get-EntraBetaGroup" { + It "Should return specific group" { + $result = Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccc55' + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Get-EntraBetaGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Get-EntraBetaGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should return all group" { + $result = Get-EntraBetaGroup -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaGroup -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should return specific group by searchstring" { + $result = Get-EntraBetaGroup -SearchString 'demo' + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'demo' + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when SearchString is empty" { + { Get-EntraBetaGroup -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + + It "Should return specific group by filter" { + $result = Get-EntraBetaGroup -Filter "DisplayName -eq 'demo'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'demo' + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when Filter is empty" { + { Get-EntraBetaGroup -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should return top group" { + $result = Get-EntraBetaGroup -Top 1 + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaGroup -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaGroup -Top y } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain GroupId" { + $result = Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain Filter in parameters when passed SearchString to it" { + $result = Get-EntraBetaGroup -SearchString 'demo' + $params = Get-Parameters -data $result.Parameters + $params.Filter | Should -Match "demo" + } + It "Property parameter should work" { + $result = Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'demo' + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Property parameter should work" { + $result = Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'demo' + + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroup" + $result= Get-EntraBetaGroup -GroupId "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroup" + Should -Invoke -CommandName Get-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaGroup -SearchString 'demo' -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..7e13d47e3c --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,134 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + "AppRoleId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "CreatedDateTime" = "06-05-2024 05:42:01" + "DeletedDateTime" = $null + "PrincipalDisplayName" = "Mock-Group" + "PrincipalId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ResourceId" = "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + "ResourceDisplayName" = "Mock-Group" + "PrincipalType" = "PrincipalType" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaGroupAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaGroupAppRoleAssignment" { +Context "Test for Get-EntraBetaGroupAppRoleAssignment" { + It "Should return specific Group AppRole Assignment" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should return specific Group AppRole Assignment with alias" { + $result = Get-EntraBetaGroupAppRoleAssignment -objectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when ObjectlId is empty" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when ObjectlId is invalid" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId ""} | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should return All Group AppRole Assignment" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 Group AppRole Assignment" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + $result.ResourceId | Should -Be "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Property parameter should work" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.PrincipalDisplayName | Should -Be 'Mock-Group' + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Result should Contain GroupId" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "c1NLUiFxZk6cP6Nj0RoIyGV2homdrcZNnMeMGgMswmU" + } + It "Should contain GroupId in parameters when passed Id to it" { + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroupAppRoleAssignment" + $result = Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + + diff --git a/test/EntraBeta/Groups/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..d8f9d48ac1 --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,107 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = 200 + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "ManagedGroupTypes" = "All" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaGroupLifecyclePolicy" { + Context "Test for Get-EntraBetaGroupLifecyclePolicy" { + It "Retrieve all groupLifecyclePolicies" { + $result = Get-EntraBetaGroupLifecyclePolicy + $result | Should -Not -BeNullOrEmpty + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Get-EntraBetaGroupLifecyclePolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.GroupLifetimeInDays | Should -Be 200 + } + + It "Retrieve properties of an groupLifecyclePolicy" { + $result = Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.ObjectId | should -Be '00aa00aa-bb11-cc22-dd33-44ee44ee44ee' + $result.GroupLifetimeInDays | Should -Be 200 + $result.AlternateNotificationEmails | Should -Be "admingroup@contoso.com" + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.ManagedGroupTypes | Should -Be "All" + + Should -Invoke -CommandName Get-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupLifecyclePolicyId is empty" { + { Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'*" + } + + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string." + } + + It "Should contain GroupLifecyclePolicyId in parameters when passed GroupLifecyclePolicyId to it" { + $result = Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result.Parameters + $params.GroupLifecyclePolicyId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Property parameter should work" { + $result = Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + Should -Invoke -CommandName Get-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroupLifecyclePolicy" + $result = Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaGroupMember.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaGroupMember.Tests.ps1 new file mode 100644 index 0000000000..e8ae3736a3 --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaGroupMember.Tests.ps1 @@ -0,0 +1,106 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null) { + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "@odata.type" = "#microsoft.graph.user" + "Description" = "test" + "AdditionalProperties" = @{ + "DisplayName" = "demo" + } + } + ) + } + + Mock -CommandName Get-MgBetaGroupMember -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaGroupMember" { + Context "Test for Get-EntraBetaGroupMember" { + It "Should return specific group" { + $result = Get-EntraBetaGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Contain 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Get-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when GroupId is invalid" { + { Get-EntraBetaGroupMember -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when GroupId is empty" { + { Get-EntraBetaGroupMember -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when Top is empty" { + { Get-EntraBetaGroupMember -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when Top is invalid" { + { Get-EntraBetaGroupMember -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return all group" { + $result = Get-EntraBetaGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should return top group" { + $result = @(Get-EntraBetaGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Get-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraBetaGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -top 1 -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroupMember" + $result = Get-EntraBetaGroupMember -GroupId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaGroupMember -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaGroupMember -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaGroupOwner.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..a5bce952a2 --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaGroupOwner.Tests.ps1 @@ -0,0 +1,140 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $mockResponse = { + return @{ + value = @( + @{ + "DeletedDateTime" = $null + "Id" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.user" + "businessPhones" = @("425-555-0100") + "displayName" = "MOD Administrator" + "givenName" = "MOD" + "mail" = "admin@M365x99297270.onmicrosoft.com" + "mobilePhone" = "425-555-0101" + "preferredLanguage" = "en" + "surname" = "Administrator" + "userPrincipalName" = "admin@M365x99297270.onmicrosoft.com" + } + "Parameters" = $args + } + ) + } + } + Mock -CommandName Invoke-GraphRequest -MockWith $mockResponse -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaGroupOwner" { + Context "Test for Get-EntraBetaGroupOwner" { + It "Get a group owner by Id" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $result.DeletedDateTime | should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Get a group owner by alias" { + $result = Get-EntraBetaGroupOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $result.DeletedDateTime | should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Get-EntraBetaGroupOwner -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Get-EntraBetaGroupOwner -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Gets all group owners" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaGroupOwner -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Gets two group owners" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top 2 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Top XY} | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.ObjectId | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $groupId= $params | ConvertTo-json | ConvertFrom-Json + $groupId.Uri -match "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" | Should -BeTrue + } + + It "Should contain 'User-Agent' header" { + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroupOwner" + + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaGroupOwner" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Property parameter should work" { + $result = Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaGroupOwner -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } +} +} + diff --git a/test/EntraBeta/Groups/Get-EntraBetaObjectSetting.Tests.ps1 b/test/EntraBeta/Groups/Get-EntraBetaObjectSetting.Tests.ps1 new file mode 100644 index 0000000000..b53fcb3e4a --- /dev/null +++ b/test/EntraBeta/Groups/Get-EntraBetaObjectSetting.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null) { + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + # Write-Host "Mocking Get-EntraBetaObjectSetting with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + id = "bbbbbbbb-1111-2222-3333-cccccccccccc" + displayName = 'Group.Unified.Guest' + values = @{value=$false; name="AllowToAddGuests"} + templateId = "bbbbbbbb-1111-2222-3333-cccccccccaaa" + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Get-EntraBetaObjectSetting" { + Context "Test for Get-EntraBetaObjectSetting" { + It "Should return specific Object Setting" { + $result = Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when TargetType is empty" { + { Get-EntraBetaObjectSetting -TargetType } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when Top is empty" { + { Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should return all Object Setting" { + $result = Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when All has an argument" { + { Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + + It "Should return top Object Setting" { + $result = @(Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1) + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should contain ID in parameters when passed TargetType TargetObjectId to it" { + $result = Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain property when passed property to it" { + $result = Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName + $result.displayName | Should -Not -BeNullOrEmpty + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaObjectSetting" + $result = Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaObjectSetting" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/New-EntraBetaGroup.Tests.ps1 b/test/EntraBeta/Groups/New-EntraBetaGroup.Tests.ps1 new file mode 100644 index 0000000000..9154cc2f89 --- /dev/null +++ b/test/EntraBeta/Groups/New-EntraBetaGroup.Tests.ps1 @@ -0,0 +1,103 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "My Test san" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "MailEnabled" = $false + "Description" = "" + "CreatedByAppId" = "bbbbbbbb-1111-2222-3333-cccccccccc56" + "Mail" = "" + "MailNickname" = "NotSet" + "SecurityEnabled" = $true + "Visibility" = "" + "IsAssignableToRole" = "" + "GroupTypes" = @{} + "ProxyAddresses" = @{} + "MembershipRule" = "" + "MembershipRuleProcessingState" = "" + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaGroup -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "New-EntraBetaGroup" { + Context "Test for New-EntraBetaGroup" { + It "Should return created Group" { + $result = New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled $false -SecurityEnabled $true -MailNickName "NotSet" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "My Test san" + $result.Description | should -BeNullOrEmpty + $result.MailEnabled | should -Be $false + $result.MailNickname | should -Be "NotSet" + $result.SecurityEnabled | should -Be $true + $result.IsAssignableToRole | should -BeNullOrEmpty + $result.Visibility | should -BeNullOrEmpty + $result.GroupTypes | should -BeNullOrEmpty + $result.Mail | should -BeNullOrEmpty + $result.MembershipRule | should -BeNullOrEmpty + $result.MembershipRuleProcessingState | should -BeNullOrEmpty + $result.CreatedByAppId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc56" + $result.Id | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName New-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when parameters are empty" { + { New-EntraBetaGroup -DisplayName -Description -MailEnabled -SecurityEnabled -MailNickName -GroupTypes } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when MailEnabled parameters are Invalid" { + { New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled "test" } | Should -Throw "Cannot process argument transformation on parameter*" + } + + It "Should fail when SecurityEnabled parameters are Invalid" { + { New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled $false -SecurityEnabled 'test' } | Should -Throw "Cannot process argument transformation*" + } + + It "Should contain ObjectId in result" { + $result = New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled $false -SecurityEnabled $true -MailNickName "NotSet" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaGroup" + + $result = New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled $false -SecurityEnabled $true -MailNickName "NotSet" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaGroup" + + Should -Invoke -CommandName New-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaGroup -DisplayName "My Test san" -MailEnabled $false -SecurityEnabled $true -MailNickName "NotSet" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test/EntraBeta/Groups/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..3db6aa0ccc --- /dev/null +++ b/test/EntraBeta/Groups/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,112 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "AppRoleId" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "CreatedDateTime" = "06-05-2024 05:42:01" + "DeletedDateTime" = $null + "PrincipalDisplayName" = "Mock-Group" + "PrincipalId" = "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + "ResourceId" = "aaaaaaaa-bbbb-cccc-1111-222222222222" + "ResourceDisplayName" = "Mock-Group" + "PrincipalType" = "PrincipalType" + "AdditionalProperties" = @{"@odata.context" = "https://graph.microsoft.com/v1.0/`$metadata#groups('aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb')/appRoleAssignments/`$entity"} + "Parameters" = $args + } + ) + } + + Mock -CommandName New-MgBetaGroupAppRoleAssignment -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "New-EntraBetaGroupAppRoleAssignment" { +Context "Test for New-EntraBetaGroupAppRoleAssignment" { + It "Should return created Group AppRole Assignment" { + $result = New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName New-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should return created Group AppRole Assignment with alias" { + $result = New-EntraBetaGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + $result.ResourceId | Should -Be "aaaaaaaa-bbbb-cccc-1111-222222222222" + $result.PrincipalId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName New-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when ObjectlId is empty" { + { New-EntraBetaGroupAppRoleAssignment -GroupId -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when ObjectlId is invalid" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when PrincipalId is empty" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'PrincipalId'*" + } + It "Should fail when PrincipalId is invalid" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'PrincipalId' because it is an empty string." + } + It "Should fail when ResourceId is empty" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'ResourceId'*" + } + It "Should fail when ResourceId is invalid" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'ResourceId' because it is an empty string." + } + It "Should fail when Id is empty" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -AppRoleId } | Should -Throw "Missing an argument for parameter 'AppRoleId'*" + } + It "Should fail when Id is invalid" { + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -AppRoleId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleId' because it is an empty string." + } + It "Result should Contain GroupId" { + $result = New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "00001111-aaaa-2222-bbbb-3333cccc4444" + } + It "Should contain AppRoleId in parameters when passed Id to it" { + $result = New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.AppRoleId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaGroupAppRoleAssignment" + $result = New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -PrincipalId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ResourceId "aaaaaaaa-bbbb-cccc-1111-222222222222" -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Groups/New-EntraBetaObjectSetting.Tests.ps1 b/test/EntraBeta/Groups/New-EntraBetaObjectSetting.Tests.ps1 new file mode 100644 index 0000000000..4e68916f9b --- /dev/null +++ b/test/EntraBeta/Groups/New-EntraBetaObjectSetting.Tests.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "templateId" = "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + "@odata.context" = 'https://graph.microsoft.com/beta/$metadata#settings/$entity' + "displayName" = $null + "values" = @{ + "name" = "AllowToAddGuests" + "value" = $False + } + "Parameters" = $args + } + ) + } + $TemplateScriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Group.Unified.Guest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "Settings for a specific Unified Group" + "Parameters" = $args + "Values" = @( + [PSCustomObject]@{ + "Name" = "AllowToAddGuests" + "Description" = "" + "Type" = "" + "DefaultValue" = $true + } + ) + } + ) + } + Mock -CommandName Get-MgBetaDirectorySettingTemplate -MockWith $TemplateScriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} +Describe "New-EntraBetaObjectSetting" { + Context "Test for New-EntraBetaObjectSetting" { + It "Should return created object setting" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + $result = New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -DirectorySetting $settingsCopy + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.templateId | Should -be "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when TargetType is empty" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { New-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetType is invalid" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { New-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetObjectId is empty" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when TargetObjectId is invalid" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when DirectorySetting is empty" { + { New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DirectorySetting } | Should -Throw "Missing an argument for parameter 'DirectorySetting'*" + } + It "Should fail when DirectorySetting is invalid" { + { New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DirectorySetting "" } | Should -Throw "Cannot process argument transformation on parameter 'DirectorySetting*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaObjectSetting" + + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + $result = New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -DirectorySetting $settingsCopy + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaObjectSetting" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -DirectorySetting $settingsCopy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Remove-EntraBetaGroup.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaGroup.Tests.ps1 new file mode 100644 index 0000000000..9c51a36ad0 --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaGroup.Tests.ps1 @@ -0,0 +1,75 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaGroup -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Remove-EntraBetaGroup" { + Context "Test for Remove-EntraBetaGroup" { + It "Should return empty Id" { + $result = Remove-EntraBetaGroup -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaGroup -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Remove-EntraBetaGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraBetaGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgBetaGroup -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroup -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroup" + + $result = Remove-EntraBetaGroup -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroup" + + Should -Invoke -CommandName Remove-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroup -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..84961dbfdd --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Remove-EntraBetaGroupAppRoleAssignment" { + Context "Test for Remove-EntraBetaGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should return empty object with Alias" { + $result = Remove-EntraBetaGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when GroupId is empty" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" + } + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupAppRoleAssignment" + Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} diff --git a/test/EntraBeta/Groups/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..491892bc25 --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaGroupLifecyclePolicy -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Remove-EntraBetaGroupLifecyclePolicy" { + Context "Test for Remove-EntraBetaGroupLifecyclePolicy" { + It "Should return empty Id" { + $result = Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaGroupLifecyclePolicy -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupLifecyclePolicyId is empty" { + { Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'*" + } + + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string." + } + + It "Should contain GroupLifecyclePolicyId in parameters when passed GroupLifecyclePolicyId to it" { + Mock -CommandName Remove-MgBetaGroupLifecyclePolicy -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result + $params.GroupLifecyclePolicyId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupLifecyclePolicy" + $result = Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupLifecyclePolicy" + Should -Invoke -CommandName Remove-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Remove-EntraBetaGroupMember.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaGroupMember.Tests.ps1 new file mode 100644 index 0000000000..1663daf260 --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaGroupMember.Tests.ps1 @@ -0,0 +1,73 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaGroupMemberByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Remove-EntraBetaGroupMember" { + Context "Test for Remove-EntraBetaGroupMember" { + It "Should return empty object" { + $result = Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupMemberByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Remove-EntraBetaGroupMember -GroupId -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraBetaGroupMember -GroupId "" -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when MemberId is empty" { + { Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId } | Should -Throw "Missing an argument for parameter 'MemberId'*" + } + + It "Should fail when MemberId is invalid" { + { Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId "" } | Should -Throw "Cannot bind argument to parameter 'MemberId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgBetaGroupMemberByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupMember" + $result = Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupMember" + Should -Invoke -CommandName Remove-MgBetaGroupMemberByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroupMember -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -MemberId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Remove-EntraBetaGroupOwner.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaGroupOwner.Tests.ps1 new file mode 100644 index 0000000000..2960ded66d --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaGroupOwner.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaGroupOwnerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Remove-EntraBetaGroupOwner" { + Context "Test for Remove-EntraBetaGroupOwner" { + It "Should return empty object" { + $result = Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupOwnerByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Remove-EntraBetaGroupOwner -GroupId -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Remove-EntraBetaGroupOwner -GroupId "" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + + It "Should fail when OwnerId is empty" { + { Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId } | Should -Throw "Missing an argument for parameter 'OwnerId'*" + } + + It "Should fail when OwnerId is invalid" { + { Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId ""} | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string." + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgBetaGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgBetaGroupOwnerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupOwner" + $result = Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupOwner" + Should -Invoke -CommandName Remove-MgBetaGroupOwnerByRef -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroupOwner -GroupId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -OwnerId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Remove-EntraBetaObjectSetting.Tests.ps1 b/test/EntraBeta/Groups/Remove-EntraBetaObjectSetting.Tests.ps1 new file mode 100644 index 0000000000..2b1297b52c --- /dev/null +++ b/test/EntraBeta/Groups/Remove-EntraBetaObjectSetting.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} +Describe "Remove-EntraBetaObjectSetting" { + Context "Test for Remove-EntraBetaObjectSetting" { + It "Should return empty object" { + $result = Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when TargetType is empty" { + { Remove-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetType is invalid" { + { Remove-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetObjectId is empty" { + { Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when TargetObjectId is invalid" { + { Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -Id "dddddddd-7902-4be2-a25b-dddddddddddd" } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when Id is empty" { + { Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaAdministrativeUnit" + + Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "Remove-EntraBetaObjectSetting" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaObjectSetting" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-5a8c-4f5a-a368-cccccccccccc" -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Set-EntraBetaGroup.Tests.ps1 b/test/EntraBeta/Groups/Set-EntraBetaGroup.Tests.ps1 new file mode 100644 index 0000000000..52afed068c --- /dev/null +++ b/test/EntraBeta/Groups/Set-EntraBetaGroup.Tests.ps1 @@ -0,0 +1,96 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaGroup -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Set-EntraBetaGroup" { + Context "Test for Set-EntraBetaGroup" { + It "Should return empty object" { + $result = Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Description "Update Group" -DisplayName "Update My Test san" -MailEnabled $false -MailNickname "Update nickname" -SecurityEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Set-EntraBetaGroup -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Description "Update Group" -DisplayName "Update My Test san" -MailEnabled $false -MailNickname "Update nickname" -SecurityEnabled $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + + It "Should fail when GroupId is empty" { + { Set-EntraBetaGroup -GroupId } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + + It "Should fail when GroupId is invalid" { + { Set-EntraBetaGroup -GroupId "" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string.*" + } + + It "Should fail when Description is empty" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Description } | Should -Throw "Missing an argument for parameter 'Description'.*" + } + + It "Should fail when DisplayName is empty" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'.*" + } + + It "Should fail when MailEnabled is empty" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -MailEnabled } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when MailEnabled is invalid" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -MailEnabled ""} | Should -Throw "Cannot process argument transformation on parameter 'MailEnabled'.*" + } + + It "Should fail when MailNickname is empty" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -MailNickname } | Should -Throw "Missing an argument for parameter*" + } + + It "Should fail when SecurityEnabled is empty" { + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -SecurityEnabled } | Should -Throw "Missing an argument for parameter*" + } + + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Update-MgBetaGroup -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Groups + + $result = Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaGroup" + $result = Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaGroup" + Should -Invoke -CommandName Update-MgBetaGroup -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaGroup -GroupId "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test/EntraBeta/Groups/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 new file mode 100644 index 0000000000..1c64b1785c --- /dev/null +++ b/test/EntraBeta/Groups/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 @@ -0,0 +1,88 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null) { + Import-Module Microsoft.Entra.Beta.Groups + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + "AlternateNotificationEmails" = "admingroup@contoso.com" + "GroupLifetimeInDays" = "100" + "ManagedGroupTypes" = "All" + "Parameters" = $args + } + ) + } + + Mock -CommandName Update-MgBetaGroupLifecyclePolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Groups +} + +Describe "Set-EntraBetaGroupLifecyclePolicy" { + Context "Test for Set-EntraBetaGroupLifecyclePolicy" { + It "Should return updated GroupLifecyclePolicy" { + $result = Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + $result.GroupLifetimeInDays | should -Be "100" + $result.ManagedGroupTypes | should -Be "All" + $result.AlternateNotificationEmails | should -Be "admingroup@contoso.com" + + Should -Invoke -CommandName Update-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should execute successfully with Alias" { + $result = Set-EntraBetaGroupLifecyclePolicy -Id "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + } + It "Should fail when GroupLifecyclePolicyId is invalid" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot bind argument to parameter 'GroupLifecyclePolicyId' because it is an empty string.*" + } + It "Should fail when GroupLifecyclePolicyId is empty" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifecyclePolicyId'.*" + } + It "Should fail when GroupLifetimeInDays is invalid" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays a -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Cannot process argument transformation on parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when GroupLifetimeInDays is empty" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays -ManagedGroupTypes "Selected" -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'GroupLifetimeInDays'.*" + } + It "Should fail when ManagedGroupTypes is empty" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes -AlternateNotificationEmails "example@contoso.com" } | Should -Throw "Missing an argument for parameter 'ManagedGroupTypes'.*" + } + It "Should fail when AlternateNotificationEmails is empty" { + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 99 -ManagedGroupTypes "Selected" -AlternateNotificationEmails } | Should -Throw "Missing an argument for parameter 'AlternateNotificationEmails'.*" + } + It "Result should Contain ObjectId" { + $result = Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result.ObjectId | should -Be "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaGroupLifecyclePolicy" + $result = Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "a47d4510-08c8-4437-99e9-71ca88e7af0f" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaGroupLifecyclePolicy -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaGroupLifecyclePolicy -GroupLifecyclePolicyId "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" -GroupLifetimeInDays 200 -AlternateNotificationEmails "admingroup@contoso.com" -ManagedGroupTypes "All" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Groups/Set-EntraBetaObjectSetting.Tests.ps1 b/test/EntraBeta/Groups/Set-EntraBetaObjectSetting.Tests.ps1 new file mode 100644 index 0000000000..551aef7aca --- /dev/null +++ b/test/EntraBeta/Groups/Set-EntraBetaObjectSetting.Tests.ps1 @@ -0,0 +1,121 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Groups) -eq $null){ + Import-Module Microsoft.Entra.Beta.Groups + } + if((Get-Module -Name Microsoft.Entra.Beta.DirectoryManagement) -eq $null){ + Import-Module Microsoft.Entra.Beta.DirectoryManagement + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $TemplateScriptblock = { + return @( + [PSCustomObject]@{ + "DisplayName" = "Group.Unified.Guest" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "Description" = "Settings for a specific Unified Group" + "Parameters" = $args + "Values" = @( + [PSCustomObject]@{ + "Name" = "AllowToAddGuests" + "Description" = "" + "Type" = "" + "DefaultValue" = $true + } + ) + } + ) + } + Mock -CommandName Get-MgBetaDirectorySettingTemplate -MockWith $TemplateScriptblock -ModuleName Microsoft.Entra.Beta.DirectoryManagement + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Groups +} +Describe "Set-EntraBetaObjectSetting" { + Context "Test for Set-EntraBetaObjectSetting" { + It "Should return empty object" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + $result = Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting $settingsCopy + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 + } + It "Should fail when TargetType is empty" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetType is invalid" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetType'*" + } + It "Should fail when TargetObjectId is empty" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when TargetObjectId is invalid" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId -Id "dddddddd-7902-4be2-a25b-dddddddddddd" -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'TargetObjectId'*" + } + It "Should fail when Id is empty" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id -DirectorySetting $settingsCopy } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "" -DirectorySetting $settingsCopy } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string*" + } + It "Should fail when DirectorySetting is empty" { + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting } | Should -Throw "Missing an argument for parameter 'DirectorySetting'*" + } + It "Should fail when DirectorySetting is invalid" { + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting "" } | Should -Throw "Cannot process argument transformation on parameter 'DirectorySetting*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaObjectSetting" + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting $settingsCopy + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaObjectSetting" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Groups -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $template = Get-EntraBetaDirectorySettingTemplate | Where-Object {$_.displayname -eq "group.unified.guest"} + $settingsCopy = $template.CreateDirectorySetting() + $settingsCopy["AllowToAddGuests"]=$False + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaObjectSetting -TargetType "Groups" -TargetObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DirectorySetting $settingsCopy -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 b/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 new file mode 100644 index 0000000000..29ef515ebe --- /dev/null +++ b/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Reports) -eq $null){ + Import-Module Microsoft.Entra.Beta.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "AppId" = "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + "AppDisplayName" = "Mock Portal" + "AggregatedEventDateTime" = "29-05-2024 00:00:00" + "SignInCount" = "3" + "Status" = @{ + "AdditionalDetails" = $null + "ErrorCode" = "0" + "FailureReason" = $null + "AdditionalProperties" = $null + } + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaReportApplicationSignInDetailedSummary -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Reports +} + +Describe "Get-EntraBetaApplicationSignInDetailedSummary" { + Context "Test for Get-EntraBetaApplicationSignInDetailedSummary" { + It "Should return specific application signed in detailed summary by filter" { + $result = Get-EntraBetaApplicationSignInDetailedSummary -Filter "appDisplayName eq 'Mock Portal'" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Mock Portal" + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.AppId | Should -Be "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + + Should -Invoke -CommandName Get-MgBetaReportApplicationSignInDetailedSummary -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaApplicationSignInDetailedSummary -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return top 1 application signed in detailed summary" { + $result = Get-EntraBetaApplicationSignInDetailedSummary -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaReportApplicationSignInDetailedSummary -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaApplicationSignInDetailedSummary -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaApplicationSignInDetailedSummary -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationSignInDetailedSummary" + + $result = Get-EntraBetaApplicationSignInDetailedSummary -Filter "appDisplayName eq 'Mock Portal'" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationSignInDetailedSummary" + + Should -Invoke -CommandName Get-MgBetaReportApplicationSignInDetailedSummary -ModuleName Microsoft.Entra.Beta.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationSignInDetailedSummary -Filter "appDisplayName eq 'Mock Portal'" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInSummary.Tests.ps1 b/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInSummary.Tests.ps1 new file mode 100644 index 0000000000..18beab78eb --- /dev/null +++ b/test/EntraBeta/Reports/Get-EntraBetaApplicationSignInSummary.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Reports) -eq $null){ + Import-Module Microsoft.Entra.Beta.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + +$scriptblock = { + return @{ + value = @( + @{ + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "AppId" = "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + "AppDisplayName" = "Mock Portal" + "AggregatedEventDateTime" = "29-05-2024 00:00:00" + "SignInCount" = "3" + "isOrganizationDefault" = $false + "createdDateTime" = "16-08-2023 08:25:02" + "Parameters" = $args + } + + ) + + } + + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Reports +} + +Describe "Get-EntraBetaApplicationSignInSummary" { + Context "Test for Get-EntraBetaApplicationSignInSummary" { + It "Should return application sign in summary" { + $result = Get-EntraBetaApplicationSignInSummary -Days "30" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.AppDisplayName | Should -Be "Mock Portal" + $result.AppId | Should -be "dddddddd-1111-2222-3333-aaaaaaaaaaaa" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when Days is empty" { + { Get-EntraBetaApplicationSignInSummary -Days } | Should -Throw "Missing an argument for parameter 'Days'*" + } + It "Should return specific application signed in summary by filter" { + $result = Get-EntraBetaApplicationSignInSummary -Days "7" -Filter "AppdisplayName eq 'Mock Portal'" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Mock Portal" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when filter is empty" { + { Get-EntraBetaApplicationSignInDetailedSummary -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + It "Should return top 1 application sign in summary" { + $result = Get-EntraBetaApplicationSignInSummary -Days "7" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaApplicationSignInSummary -Days "7" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaApplicationSignInSummary -Days "7" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaApplicationSignInSummary" + + $result = Get-EntraBetaApplicationSignInSummary -Days "30" + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaApplicationSignInSummary -Days "30" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Reports/Get-EntraBetaAuditDirectoryLog.Tests.ps1 b/test/EntraBeta/Reports/Get-EntraBetaAuditDirectoryLog.Tests.ps1 new file mode 100644 index 0000000000..2efa9f2b8f --- /dev/null +++ b/test/EntraBeta/Reports/Get-EntraBetaAuditDirectoryLog.Tests.ps1 @@ -0,0 +1,147 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Reports) -eq $null){ + Import-Module Microsoft.Entra.Beta.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "InitiatedBy" = [PSCustomObject]@{ + "App" = "" + "User" = "" + "AdditionalProperties" = @{} + } + "TargetResources" = [PSCustomObject]@{ + "DisplayName" = "test" + "GroupType" = "" + "Id" = "00000000-0000-0000-0000-000000000000" + "ModifiedProperties" = @() + "Type" = "N/A" + "UserPrincipalName" = "" + "AdditionalProperties" = @{} + } + "AdditionalDetails" = "" + "ActivityDateTime" = "28-May-24 11:49:02 AM" + "ActivityDisplayName" = "GroupsODataV4_GetgroupLifecyclePolicies" + "Category" = "GroupManagement" + "CorrelationId" = "aaaabbbb-0000-cccc-1111-dddd2222eeee" + "Id" = "bbbbcccc-1111-dddd-2222-eeee3333ffff" + "LoggedByService" = "Self-service Group Management" + "OperationType" = "Update" + "Result" = "success" + "ResultReason" = "OK" + "UserAgent" = "" + "AdditionalProperties" = @{} + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaAuditLogDirectoryAudit -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Reports +} + +Describe "Get-EntraBetaAuditDirectoryLog" { + Context "Test for Get-EntraBetaAuditDirectoryLog" { + It "Should get all logs" { + $result = Get-EntraBetaAuditDirectoryLog -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when All has argument" { + { Get-EntraBetaAuditDirectoryLog -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should get first n logs" { + $result = Get-EntraBetaAuditDirectoryLog -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.ActivityDateTime | Should -Be "28-May-24 11:49:02 AM" + $result.ActivityDisplayName | Should -Be "GroupsODataV4_GetgroupLifecyclePolicies" + $result.Category | Should -Be "GroupManagement" + $result.CorrelationId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result.Id | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result.LoggedByService | Should -Be "Self-service Group Management" + + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaAuditDirectoryLog -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaAuditDirectoryLog -Top y } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should get audit logs containing a given ActivityDisplayName" { + $result = Get-EntraBetaAuditDirectoryLog -Filter "ActivityDisplayName eq 'GroupsODataV4_GetgroupLifecyclePolicies'" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.ActivityDateTime | Should -Be "28-May-24 11:49:02 AM" + $result.ActivityDisplayName | Should -Be "GroupsODataV4_GetgroupLifecyclePolicies" + $result.Category | Should -Be "GroupManagement" + $result.CorrelationId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result.Id | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result.LoggedByService | Should -Be "Self-service Group Management" + + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when Filter is empty" { + { Get-EntraBetaAuditDirectoryLog -Filter -Top 1} | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should get all audit logs with a given result(success)" { + $result = Get-EntraBetaAuditDirectoryLog -Filter "result eq 'success'" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should get all audit logs with a given result(failure)" { + $result = Get-EntraBetaAuditDirectoryLog -Filter "result eq 'failure'" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Property parameter should work" { + $result = Get-EntraBetaAuditDirectoryLog -Property ActivityDisplayName + $result | Should -Not -BeNullOrEmpty + $result.ActivityDisplayName | Should -Be 'GroupsODataV4_GetgroupLifecyclePolicies' + + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaAuditDirectoryLog -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAuditDirectoryLog" + $result= Get-EntraBetaAuditDirectoryLog + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAuditDirectoryLog" + Should -Invoke -CommandName Get-MgBetaAuditLogDirectoryAudit -ModuleName Microsoft.Entra.Beta.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAuditDirectoryLog -Top 1 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Reports/Get-EntraBetaAuditSignInLog.Tests.ps1 b/test/EntraBeta/Reports/Get-EntraBetaAuditSignInLog.Tests.ps1 new file mode 100644 index 0000000000..59ee1dd86b --- /dev/null +++ b/test/EntraBeta/Reports/Get-EntraBetaAuditSignInLog.Tests.ps1 @@ -0,0 +1,341 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Reports) -eq $null){ + Import-Module Microsoft.Entra.Beta.Reports + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "RiskEventTypes" = @{} + "MfaDetail" = [PSCustomObject]@{ + "AuthDetail" = "" + "AuthMethod" = "Mobile app notification" + "AdditionalProperties" = @{} + } + "AppliedConditionalAccessPolicies" = @( + [PSCustomObject]@{ + "AuthenticationStrength" = "" + "ConditionsNotSatisfied" = "none" + "ConditionsSatisfied" = "application,users" + "DisplayName" = "Multifactor authentication for Microsoft partners and vendors" + "EnforcedGrantControls" = @() + "EnforcedSessionControls" = @() + "ExcludeRulesSatisfied" = @() + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc88" + "IncludeRulesSatisfied" = @() + "Result" = "failure" + "SessionControlsNotSatisfied" = @() + "AdditionalProperties" = @{} + }, + [PSCustomObject]@{ + "AuthenticationStrength" = "" + "ConditionsNotSatisfied" = "none" + "ConditionsSatisfied" = "none" + "DisplayName" = "Office 365 App Control" + "EnforcedGrantControls" = @() + "EnforcedSessionControls" = @() + "ExcludeRulesSatisfied" = @() + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc99" + "IncludeRulesSatisfied" = @() + "Result" = "notEnabled" + "SessionControlsNotSatisfied" = @() + "AdditionalProperties" = @{} + }, + [PSCustomObject]@{ + "AuthenticationStrength" = "" + "ConditionsNotSatisfied" = "none" + "ConditionsSatisfied" = "none" + "DisplayName" = "testpolicy" + "EnforcedGrantControls" = @() + "EnforcedSessionControls" = @() + "ExcludeRulesSatisfied" = @() + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc12" + "IncludeRulesSatisfied" = @() + "Result" = "notEnabled" + "SessionControlsNotSatisfied" = @() + "AdditionalProperties" = @{} + }, + [PSCustomObject]@{ + "AuthenticationStrength" = "" + "ConditionsNotSatisfied" = "none" + "ConditionsSatisfied" = "none" + "DisplayName" = "test" + "EnforcedGrantControls" = @() + "EnforcedSessionControls" = @() + "ExcludeRulesSatisfied" = @() + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc13" + "IncludeRulesSatisfied" = @() + "Result" = "notEnabled" + "SessionControlsNotSatisfied" = @() + "AdditionalProperties" = @{} + } + ) + "NetworkLocationDetails" = "" + "Location" = [PSCustomObject]@{ + "City" = "Mumbai" + "CountryOrRegion" = "IN" + "GeoCoordinates" = "" + "State" = "Maharashtra" + "AdditionalProperties" = @{} + } + "DeviceDetail" = [PSCustomObject]@{ + "Browser" = "IE 7.0" + "BrowserId" = "" + "DeviceId" = "" + "DisplayName" = "" + "IsCompliant" = $false + "IsManaged" = $false + "OperatingSystem" = "Windows10" + "TrustType" = "" + "AdditionalProperties" = @{} + } + "Status" = [PSCustomObject]@{ + "AdditionalDetails" = "The user didn't complete the MFA prompt. They may have decided not to authenticate, timed out while doing other work, or has an issue with their authentication setup." + "ErrorCode" = 500121 + "FailureReason" = "Authentication failed during strong authentication request." + "AdditionalProperties" = @{} + } + "AuthenticationProcessingDetails" = [PSCustomObject]@{ + "Key" = "Root Key Type" + "Value" = "Unknown" + "AdditionalProperties" = @{} + } + "AppDisplayName" = "Azure Active Directory PowerShell" + "AppId" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "AppTokenProtectionStatus" = "" + "AppliedEventListeners" = @{} + "AuthenticationAppDeviceDetails" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAuthenticationAppDeviceDetails" + "AuthenticationAppPolicyEvaluationDetails" = @{} + "AuthenticationContextClassReferences" = @{} + "AuthenticationDetails" = @( + "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAuthenticationDetail", + "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAuthenticationDetail" + ) + "AuthenticationMethodsUsed" = @{} + "AuthenticationProtocol" = "none" + "AuthenticationRequirement" = "multiFactorAuthentication" + "AuthenticationRequirementPolicies" = @( + "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphAuthenticationRequirementPolicy" + ) + "AutonomousSystemNumber" = 55836 + "AzureResourceId" = "" + "ClientAppUsed" = "Mobile Apps and Desktop clients" + "ClientCredentialType" = "none" + "ConditionalAccessStatus" = "failure" + "CorrelationId" = "bbbbbbbb-1111-2222-3333-cccccccccc11" + "CreatedDateTime" = "28-May-24 3:59:27 AM" + "CrossTenantAccessType" = "none" + "FederatedCredentialId" = "" + "FlaggedForReview" = $false + "HomeTenantId" = "bbbbbbbb-1111-2222-3333-cccccccccc77" + "HomeTenantName" = "" + "IPAddress" = "2405:201:e009:60ae:e938:fdf9:5aa4:b894" + "IPAddressFromResourceProvider" = "" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc22" + "IncomingTokenType" = "none" + "IsInteractive" = $true + "IsTenantRestricted" = $false + "ManagedServiceIdentity" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphManagedIdentity" + "OriginalRequestId" = "" + "OriginalTransferMethod" = "none" + "PrivateLinkDetails" = "Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphPrivateLinkDetails" + "ProcessingTimeInMilliseconds" = 94 + "ResourceDisplayName" = "Windows Azure Active Directory" + "ResourceId" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "ResourceServicePrincipalId" = "bbbbbbbb-1111-2222-3333-cccccccccc66" + "ResourceTenantId" = "bbbbbbbb-1111-2222-3333-cccccccccc77" + "RiskDetail" = "none" + "RiskEventTypesV2" = @{} + "RiskLevelAggregated" = "none" + "RiskLevelDuringSignIn" = "none" + "RiskState" = "none" + "ServicePrincipalCredentialKeyId" = "" + "ServicePrincipalCredentialThumbprint" = "" + "ServicePrincipalId" = "" + "ServicePrincipalName" = "" + "SessionLifetimePolicies" = @{} + "SignInEventTypes" = @("interactiveUser") + "SignInIdentifier" = "" + "SignInIdentifierType" = "" + "SignInTokenProtectionStatus" = "unbound" + "TokenIssuerName" = "" + "TokenIssuerType" = "AzureAD" + "UniqueTokenIdentifier" = "vNB0GVLcq0SFLhthtzWAAA" + "UserAgent" = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E)" + "UserDisplayName" = "MOD Administrator" + "UserId" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "UserPrincipalName" = "test@contoso.com" + "UserType" = "member" + "AdditionalProperties" = [PSCustomObject]@{ + "isThroughGlobalSecureAccess" = $false + "globalSecureAccessIpAddress" = "" + "conditionalAccessAudiences" = @() + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaAuditLogSignIn -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Reports +} + +Describe "Get-EntraBetaAuditSignInLog" { + Context "Test for Get-EntraBetaAuditSignInLog" { + It "Should get all logs" { + $result = Get-EntraBetaAuditSignInLog -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaAuditSignInLog -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should get first n logs" { + $result = Get-EntraBetaAuditSignInLog -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Azure Active Directory PowerShell" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.CorrelationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc11" + $result.ResourceDisplayName | Should -Be "Windows Azure Active Directory" + $result.ResourceServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc66" + $result.ResourceTenantId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc77" + $result.UserDisplayName | Should -Be "MOD Administrator" + $result.UserPrincipalName | Should -Be "test@contoso.com" + $result.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaAuditSignInLog -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaAuditSignInLog -Top y } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should get audit sign-in logs containing a given UserDisplayName" { + $result = Get-EntraBetaAuditSignInLog -Filter "UserDisplayName eq 'MOD Administrator'" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Azure Active Directory PowerShell" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.CorrelationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc11" + $result.ResourceDisplayName | Should -Be "Windows Azure Active Directory" + $result.ResourceServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc66" + $result.ResourceTenantId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc77" + $result.UserDisplayName | Should -Be "MOD Administrator" + $result.UserPrincipalName | Should -Be "test@contoso.com" + $result.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should get audit sign-in logs containing a given userPrincipalName" { + $result = Get-EntraBetaAuditSignInLog -Filter "startsWith(userPrincipalName,'test@contoso.com')" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Azure Active Directory PowerShell" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.CorrelationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc11" + $result.ResourceDisplayName | Should -Be "Windows Azure Active Directory" + $result.ResourceServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc66" + $result.ResourceTenantId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc77" + $result.UserDisplayName | Should -Be "MOD Administrator" + $result.UserPrincipalName | Should -Be "test@contoso.com" + $result.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should get audit sign-in logs containing a given appId" { + $result = Get-EntraBetaAuditSignInLog -Filter "appId eq 'bbbbbbbb-1111-2222-3333-cccccccccc55'" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Azure Active Directory PowerShell" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.CorrelationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc11" + $result.ResourceDisplayName | Should -Be "Windows Azure Active Directory" + $result.ResourceServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc66" + $result.ResourceTenantId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc77" + $result.UserDisplayName | Should -Be "MOD Administrator" + $result.UserPrincipalName | Should -Be "test@contoso.com" + $result.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should get audit sign-in logs containing a given appDisplayName" { + $result = Get-EntraBetaAuditSignInLog -Filter "appDisplayName eq 'Azure Active Directory PowerShell'" + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be "Azure Active Directory PowerShell" + $result.AppId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.CorrelationId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc11" + $result.ResourceDisplayName | Should -Be "Windows Azure Active Directory" + $result.ResourceServicePrincipalId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc66" + $result.ResourceTenantId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc77" + $result.UserDisplayName | Should -Be "MOD Administrator" + $result.UserPrincipalName | Should -Be "test@contoso.com" + $result.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when Filter is empty" { + { Get-EntraBetaAuditSignInLog -Filter -Top 1} | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should get all sign-in logs with a given result(success)" { + $result = Get-EntraBetaAuditSignInLog -Filter "result eq 'success'" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should get all sign-in logs with a given result(failure)" { + $result = Get-EntraBetaAuditSignInLog -Filter "result eq 'failure'" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + It "Property parameter should work" { + $result = Get-EntraBetaAuditSignInLog -Property AppDisplayName + $result | Should -Not -BeNullOrEmpty + $result.AppDisplayName | Should -Be 'Azure Active Directory PowerShell' + + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaAuditSignInLog -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAuditSignInLog" + $result= Get-EntraBetaAuditSignInLog + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaAuditSignInLog" + Should -Invoke -CommandName Get-MgBetaAuditLogSignIn -ModuleName Microsoft.Entra.Beta.Reports -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaAuditSignInLog -Top 1 -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test/EntraBeta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..0b073e343f --- /dev/null +++ b/test/EntraBeta/SignIns/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Add-EntraBetaFeatureRolloutPolicyDirectoryObject" { + Context "Test for Add-EntraBetaFeatureRolloutPolicyDirectoryObject" { + It "Should adds a group to the cloud authentication roll-out policy in Azure AD." { + $result = Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Missing an argument for parameter 'Id'.*" + } + + It "Should fail when Id is invalid" { + { Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'.*" + } + + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "" } | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + + It "Should contain FeatureRolloutPolicyId in parameters when passed Id to it" { + Mock -CommandName New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.FeatureRolloutPolicyId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain OdataId in parameters when passed RefObjectId to it" { + Mock -CommandName New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $value = "https://graph.microsoft.com/v1.0/directoryObjects/bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params= Get-Parameters -data $result + $params.OdataId | Should -Be $value + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaFeatureRolloutPolicyDirectoryObject" + + Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaFeatureRolloutPolicyDirectoryObject" + Should -Invoke -CommandName New-MgBetaDirectoryFeatureRolloutPolicyApplyToByRef -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "aaaabbbb-0000-cccc-1111-dddd2222eeee" -RefObjectId "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug} | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/SignIns/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 new file mode 100644 index 0000000000..c36fd7b21d --- /dev/null +++ b/test/EntraBeta/SignIns/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Add-EntraBetaServicePrincipalPolicy" { + Context "Test for Add-EntraBetaServicePrincipalPolicy" { + It "Should return empty object" { + $result = Add-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-7777-8888-9999-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Add-EntraBetaServicePrincipalPolicy -Id -RefObjectId "bbbbbbbb-7777-8888-9999-cccccccccccc" } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Add-EntraBetaServicePrincipalPolicy -Id "" -RefObjectId "bbbbbbbb-7777-8888-9999-cccccccccccc" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when RefObjectId is empty" { + { Add-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId } | Should -Throw "Missing an argument for parameter 'RefObjectId'*" + } + It "Should fail when RefObjectId is invalid" { + { Add-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId ""} | Should -Throw "Cannot bind argument to parameter 'RefObjectId' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaServicePrincipalPolicy" + + Add-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-7777-8888-9999-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Add-EntraBetaServicePrincipalPolicy" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Add-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -RefObjectId "bbbbbbbb-7777-8888-9999-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..bc15ab517a --- /dev/null +++ b/test/EntraBeta/SignIns/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,132 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppliesTo" = $null + "Description" = "Feature-Rollout-test" + "DisplayName" = "Feature-Rollout-Policytest" + "Feature" = "passwordHashSync" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "IsAppliedToOrganization" = $false + "IsEnabled" = $true + "AdditionalProperties" = @{ + '@odata.context' = "https://graph.microsoft.com/beta/`$metadata#policies/featureRolloutPolicies/`$entity" + } + "Parameters" = $args + } + ) + } + Mock -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Get-EntraBetaFeatureRolloutPolicy" { + Context "Test for Get-EntraBetaFeatureRolloutPolicy" { + It "Should retrieves cloud authentication roll-out in Azure AD with given Id" { + $result = Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "Feature-Rollout-Policytest" + $result.Description | should -Be "Feature-Rollout-test" + $result.IsEnabled | should -Be $true + $result.Feature | should -Be "passwordHashSync" + $result.IsAppliedToOrganization | should -Be $false + $result.AppliesTo | should -BeNullOrEmpty + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Get-EntraBetaFeatureRolloutPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Get-EntraBetaFeatureRolloutPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should retrieves cloud authentication roll-out in Azure AD with given Filter." { + $displayName = Get-EntraBetaFeatureRolloutPolicy -Filter "DisplayName eq 'Feature-Rollout-Policytest'" + $displayName | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Filter is empty" { + { Get-EntraBetaFeatureRolloutPolicy -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Should retrieves cloud authentication roll-out in Azure AD with given Search String." { + $searchString = Get-EntraBetaFeatureRolloutPolicy -SearchString "Feature-Rollout-Policytest" + $searchString | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when SearchString is empty" { + { Get-EntraBetaFeatureRolloutPolicy -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain Filter in parameters when SearchString passed to it" { + $result = Get-EntraBetaFeatureRolloutPolicy -SearchString "Feature-Rollout-Policytest" + $params = Get-Parameters -data $result.Parameters + $expectedFilter = "displayName eq 'Feature-Rollout-Policytest' or startswith(displayName,'Feature-Rollout-Policytest')" + $params.Filter | Should -Contain $expectedFilter + } + + It "Should contain FeatureRolloutPolicyId in parameters when passed Id to it" { + $result = Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $params = Get-Parameters -data $result.Parameters + $params.FeatureRolloutPolicyId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Property parameter should work" { + $result = Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Feature-Rollout-Policytest' + + Should -Invoke -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaFeatureRolloutPolicy" + $result = Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaFeatureRolloutPolicy" + Should -Invoke -CommandName Get-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaFeatureRolloutPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccc55" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..5bc56d6762 --- /dev/null +++ b/test/EntraBeta/SignIns/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,89 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null) { + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "microsoft-all-application-permissions" + "DeletedDateTime" = "2/8/2024 6:39:16 AM" + "Description" = "Includes all application permissions (app roles), for all APIs, for any client application." + "DisplayName" = "All application" + "Excludes" = @{} + "Includes" = @("00aa00aa-bb11-cc22-dd33-44ee44ee44ee") + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaPolicyPermissionGrantPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Get-EntraBetaPermissionGrantPolicy" { + Context "Test for Get-EntraBetaPermissionGrantPolicy" { + It "Should return specific PermissionGrantPolicy" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "microsoft-all-application-permissions" + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'. Specify a parameter of type 'System.String' and try again." + } + It "Result should Contain ObjectId" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result.ObjectId | should -Be "microsoft-all-application-permissions" + } + It "Should contain PermissionGrantPolicyId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $params = Get-Parameters -data $result.Parameters + $params.PermissionGrantPolicyId | Should -Be "microsoft-all-application-permissions" + } + It "Property parameter should work" { + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'All application' + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPermissionGrantPolicy" + + $result = Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPermissionGrantPolicy" + + Should -Invoke -CommandName Get-MgBetaPolicyPermissionGrantPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPermissionGrantPolicy -Id "microsoft-all-application-permissions" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Get-EntraBetaPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Get-EntraBetaPolicy.Tests.ps1 new file mode 100644 index 0000000000..4687a239f2 --- /dev/null +++ b/test/EntraBeta/SignIns/Get-EntraBetaPolicy.Tests.ps1 @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null) { + Import-Module Microsoft.Entra.Beta.SignIns + } + + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $ScriptBlock = { + + $policyObject = [PSCustomObject]@{ + "value" = @( + [PSCustomObject]@{ + "id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + }, + [PSCustomObject]@{ + "id" = "bbbbbbbb-1111-1111-1111-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + }, + [PSCustomObject]@{ + "id" = "bbbbbbbb-2222-2222-2222-cccccccccccc" + "displayName" = "Mock Display Name" + "type" = "MockPolicy" + "Keys" = @("id", "displayName", "type") + } + ) + } + + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies' + Value = $policyObject.value + } + + return $response + } + + Mock -CommandName Invoke-GraphRequest -MockWith $ScriptBlock -ModuleName Microsoft.Entra.Beta.SignIns +} +Describe "Get-EntraBetaPolicy" { + Context "Test for Get-EntraBetaPolicy" { + It "Should return specific Policy" { + $result = Get-EntraBetaPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Contain 'bbbbbbbb-1111-2222-3333-cccccccccccc' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should return all Policies" { + $result = Get-EntraBetaPolicy -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should return all Policy" { + $result = Get-EntraBetaPolicy -Top 1 + $result | Should -Not -BeNullOrEmpty + $result | Should -HaveCount 1 + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is invalid" { + { Get-EntraBetaPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when Id is empty" { + { Get-EntraBetaPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Top is empty" { + { Get-EntraBetaPolicy -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaPolicy -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should fail when All has an argument" { + { Get-EntraBetaPolicy -All $true } | Should -Throw "A positional parameter cannot be found that accepts argument 'True'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPolicy" + + $result = Get-EntraBetaPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPolicy -Id "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Get-EntraBetaPolicyAppliedObject.Tests.ps1 b/test/EntraBeta/SignIns/Get-EntraBetaPolicyAppliedObject.Tests.ps1 new file mode 100644 index 0000000000..100bbda9df --- /dev/null +++ b/test/EntraBeta/SignIns/Get-EntraBetaPolicyAppliedObject.Tests.ps1 @@ -0,0 +1,83 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + +$scriptblock = { + return @{ + value = @( + @{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "DeletedDateTime" = $null + "@odata.type" = "#microsoft.graph.servicePrincipal" + "keyCredentials" = "System.Collections.Hashtable" + "appId" = "0e2f044c-def9-4f98-8c82-41606d311450" + "servicePrincipalNames" = "Mock service principal" + "displayName" = "Mock policy Object" + "type" = "HomeRealmDiscoveryPolicy" + "preferredSingleSignOnMode" = "password" + "createdDateTime" = "16-08-2023 08:25:02" + "Parameters" = $args + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Get-EntraBetaPolicyAppliedObject" { + Context "Test for Get-EntraBetaPolicyAppliedObject" { + It "Should return policy applied object" { + $result = Get-EntraBetaPolicyAppliedObject -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result.displayName | Should -Be "Mock policy Object" + $result.servicePrincipalNames | Should -be "Mock service principal" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaPolicyAppliedObject -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Get-EntraBetaPolicyAppliedObject -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Result should Contain @odata.type" { + $result = Get-EntraBetaPolicyAppliedObject -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result."@odata.type" | should -Be "#microsoft.graph.servicePrincipal" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPolicyAppliedObject" + + $result = Get-EntraBetaPolicyAppliedObject -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaPolicyAppliedObject" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaPolicyAppliedObject -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 new file mode 100644 index 0000000000..860fa4ca60 --- /dev/null +++ b/test/EntraBeta/SignIns/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 @@ -0,0 +1,84 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + +$scriptblock = { + return @{ + value = @( + @{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "@odata.type" = "#microsoft.graph.policy" + "keyCredentials" = $null + "alternativeIdentifier" = "value1" + "definition" = @{"activityBasedTimeoutPolicies" = @{ + "AlternateLoginIDLookup"= $true + "IncludedUserIds" = "UserID" + } + } + "displayName" = "Mock policy" + "type" = "activityBasedTimeoutPolicy" + "isOrganizationDefault" = $false + "createdDateTime" = "16-08-2023 08:25:02" + } + ) + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Get-EntraBetaServicePrincipalPolicy" { + Context "Test for Get-EntraBetaServicePrincipalPolicy" { + It "Should return specific service principal policy" { + $result = Get-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.displayName | Should -Be "Mock policy" + $result.ServicePrincipalType | Should -be "activityBasedTimeoutPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Get-EntraBetaServicePrincipalPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Get-EntraBetaServicePrincipalPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Result should Contain @odata.type" { + $result = Get-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result."@odata.type" | should -Be "#microsoft.graph.policy" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipalPolicy" + + $result = Get-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaServicePrincipalPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaServicePrincipalPolicy -Id "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test/EntraBeta/SignIns/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..0031072d54 --- /dev/null +++ b/test/EntraBeta/SignIns/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "AppliesTo" = $null + "Description" = "Feature-Rollout-test" + "DisplayName" = "Feature-Rollout-Policytest" + "Feature" = "passwordHashSync" + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccc55" + "IsAppliedToOrganization" = $false + "IsEnabled" = $true + "AdditionalProperties" = @{ + '@odata.context' = 'https://graph.microsoft.com/beta/$metadata#policies/featureRolloutPolicies/$entity' + } + "Parameters" = $args + } + ) + } + Mock -CommandName New-MgBetaPolicyFeatureRolloutPolicy -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "New-EntraBetaFeatureRolloutPolicy" { + Context "Test for New-EntraBetaFeatureRolloutPolicy" { + It "Should creates the policy for cloud authentication roll-out in Azure AD." { + $result = New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be "Feature-Rollout-Policytest" + $result.Description | should -Be "Feature-Rollout-test" + $result.IsEnabled | should -Be $true + $result.Feature | should -Be "passwordHashSync" + $result.IsAppliedToOrganization | should -Be $false + $result.AppliesTo | should -BeNullOrEmpty + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + + Should -Invoke -CommandName New-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Feature is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'Feature'*" + } + + It "Should fail when Feature is invalid" { + { New-EntraBetaFeatureRolloutPolicy -Feature "" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'Feature'*" + } + + It "Should fail when DisplayName is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + + It "Should fail when DisplayName is invalid" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Cannot bind argument to parameter 'DisplayName' because it is an empty string." + } + + It "Should fail when IsEnabled is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + + It "Should fail when IsEnabled is invalid" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled "" -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'IsEnabled'*" + } + + It "Should fail when IsAppliedToOrganization is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'IsAppliedToOrganization'*" + } + + It "Should fail when IsAppliedToOrganization is invalid" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization "" -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'IsAppliedToOrganization'*" + } + + It "Should fail when Description is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when AppliesTo is empty" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -AppliesTo } | Should -Throw "Missing an argument for parameter 'AppliesTo'*" + } + + It "Should fail when AppliesTo is invalid" { + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -AppliesTo ""} | Should -Throw "Cannot process argument transformation on parameter 'AppliesTo'*" + } + + It "Result should Contain ObjectId" { + $result = New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $result.ObjectId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccc55" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaFeatureRolloutPolicy" + + $result = New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaFeatureRolloutPolicy" + + Should -Invoke -CommandName New-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaFeatureRolloutPolicy -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/New-EntraBetaOauth2PermissionGrant.Tests.ps1 b/test/EntraBeta/SignIns/New-EntraBetaOauth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..2883a15155 --- /dev/null +++ b/test/EntraBeta/SignIns/New-EntraBetaOauth2PermissionGrant.Tests.ps1 @@ -0,0 +1,97 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null) { + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [Microsoft.Graph.Beta.PowerShell.Models.MicrosoftGraphOAuth2PermissionGrant]@{ + "ClientId" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "ConsentType" = "AllPrincipals" + "PrincipalId" = $null + "ResourceId" = "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + "Scope" = "DelegatedPermissionGrant.ReadWrite.All" + "StartTime" = "2023-06-29T03:26:33" + "ExpiryTime" = "2023-06-29T03:26:33" + + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "New-EntraBetaOauth2PermissionGrant" { + Context "Test for New-EntraBetaOauth2PermissionGrant" { + It "Should return created Oauth2PermissionGrant" { + $startTime = Get-Date -Date "2023-06-29T03:26:33" + $expiryTime = Get-Date -Date "2024-06-29T03:26:33" + $result = New-EntraBetaOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" -StartTime $startTime -ExpiryTime $expiryTime + $result | Should -Not -BeNullOrEmpty + $result.ClientId | should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ConsentType | should -Be "AllPrincipals" + $result.ResourceId | should -Be "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" + $result.Scope | should -Be "DelegatedPermissionGrant.ReadWrite.All" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when ClientId is invalid" { + { New-EntraBetaOauth2PermissionGrant -ClientId "" } | Should -Throw "Cannot bind argument to parameter 'ClientId'*" + } + It "Should fail when ClientId is empty" { + { New-EntraBetaOauth2PermissionGrant -ClientId } | Should -Throw "Missing an argument for parameter 'ClientId'.*" + } + It "Should fail when ConsentType is invalid" { + { New-EntraBetaOauth2PermissionGrant -ConsentType "" } | Should -Throw "Cannot bind argument to parameter 'ConsentType'*" + } + It "Should fail when ConsentType is empty" { + { New-EntraBetaOauth2PermissionGrant -ConsentType } | Should -Throw "Missing an argument for parameter 'ConsentType'.*" + } + It "Should fail when ResourceId is invalid" { + { New-EntraBetaOauth2PermissionGrant -ResourceId "" } | Should -Throw "Cannot bind argument to parameter 'ResourceId'*" + } + It "Should fail when ResourceId is empty" { + { New-EntraBetaOauth2PermissionGrant -ResourceId } | Should -Throw "Missing an argument for parameter 'ResourceId'.*" + } + It "Should fail when StartTime is invalid" { + { New-EntraBetaOauth2PermissionGrant -StartTime "" } | Should -Throw "Cannot process argument transformation on parameter 'StartTime'.*" + } + It "Should fail when StartTime is empty" { + { New-EntraBetaOauth2PermissionGrant -StartTime } | Should -Throw "Missing an argument for parameter 'StartTime'.*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaOauth2PermissionGrant" + $startTime = Get-Date -Date "2023-06-29T03:26:33" + $expiryTime = Get-Date -Date "2024-06-29T03:26:33" + $result= New-EntraBetaOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" -StartTime $startTime -ExpiryTime $expiryTime + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaOauth2PermissionGrant" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + $startTime = Get-Date -Date "2023-06-29T03:26:33" + $expiryTime = Get-Date -Date "2024-06-29T03:26:33" + + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaOauth2PermissionGrant -ClientId "bbbbbbbb-1111-2222-3333-cccccccccccc" -ConsentType "AllPrincipals" -ResourceId "bbbbbbbb-1111-2222-3333-rrrrrrrrrrrr" -Scope "DelegatedPermissionGrant.ReadWrite.All" -StartTime $startTime -ExpiryTime $expiryTime -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..8f7d4dde7b --- /dev/null +++ b/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaPolicyFeatureRolloutPolicy -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Remove-EntraBetaFeatureRolloutPolicy" { + Context "Test for Remove-EntraBetaFeatureRolloutPolicy" { + It "Should removes the policy for cloud authentication roll-out in Azure AD" { + $result = Remove-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaFeatureRolloutPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaFeatureRolloutPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain FeatureRolloutPolicyId in parameters when passed Id to it" { + Mock -CommandName Remove-MgBetaPolicyFeatureRolloutPolicy -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Remove-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $params = Get-Parameters -data $result + $params.FeatureRolloutPolicyId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaFeatureRolloutPolicy" + $result = Remove-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaFeatureRolloutPolicy" + Should -Invoke -CommandName Remove-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 new file mode 100644 index 0000000000..5ae23ff974 --- /dev/null +++ b/test/EntraBeta/SignIns/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Remove-EntraBetaFeatureRolloutPolicyDirectoryObject" { + Context "Test for Remove-EntraBetaFeatureRolloutPolicyDirectoryObject" { + It "Should removes a group from the cloud authentication roll-out policy from Azure AD" { + $result = Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should fail when ObjectId is empty" { + { Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + + It "Should fail when ObjectId is invalid" { + { Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId ""} | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + + It "Should contain DirectoryObjectId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "aaaabbbb-0000-cccc-1111-dddd2222eeee" + } + + It "Should contain FeatureRolloutPolicyId in parameters when passed Id to it" { + Mock -CommandName Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $params = Get-Parameters -data $result + $params.FeatureRolloutPolicyId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaFeatureRolloutPolicyDirectoryObject" + $result = Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaFeatureRolloutPolicyDirectoryObject" + Should -Invoke -CommandName Remove-MgBetaPolicyFeatureRolloutPolicyApplyToByRef -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaFeatureRolloutPolicyDirectoryObject -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -ObjectId "aaaabbbb-0000-cccc-1111-dddd2222eeee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Remove-EntraBetaPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Remove-EntraBetaPolicy.Tests.ps1 new file mode 100644 index 0000000000..8f41939023 --- /dev/null +++ b/test/EntraBeta/SignIns/Remove-EntraBetaPolicy.Tests.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null) { + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $ScriptBlock = { + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies/homeRealmDiscoveryPolicies/$entity' + } + + return $response + } + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Remove-EntraBetaPolicy" { + Context "Test for Remove-EntraBetaPolicy" { + It "Should remove policy" { + $result = Remove-EntraBetaPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + #$result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaPolicy" + + Remove-EntraBetaPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' -eq $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 new file mode 100644 index 0000000000..220af8ad06 --- /dev/null +++ b/test/EntraBeta/SignIns/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Remove-EntraBetaServicePrincipalPolicy" { + Context "Test for Remove-EntraBetaServicePrincipalPolicy" { + It "Should return empty object" { + $result = Remove-EntraBetaServicePrincipalPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + It "Should fail when Id is empty" { + { Remove-EntraBetaServicePrincipalPolicy -Id -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Remove-EntraBetaServicePrincipalPolicy -Id "" -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5"} | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + It "Should fail when PolicyId is empty" { + { Remove-EntraBetaServicePrincipalPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + It "Should fail when PolicyId is invalid" { + { Remove-EntraBetaServicePrincipalPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PolicyId ""} | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string." + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaServicePrincipalPolicy" + + Remove-EntraBetaServicePrincipalPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaServicePrincipalPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaServicePrincipalPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 new file mode 100644 index 0000000000..daba8328bf --- /dev/null +++ b/test/EntraBeta/SignIns/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 @@ -0,0 +1,65 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaTrustFrameworkPolicy -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Remove-EntraBetaTrustFrameworkPolicy" { + Context "Test for Remove-EntraBetaTrustFrameworkPolicy" { + It "Should delete a trust framework policy in the directory" { + $result = Remove-EntraBetaTrustFrameworkPolicy -Id "B2C_1A_TRUSTFRAMEWORKLOCALIZATION" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaTrustFrameworkPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Remove-EntraBetaTrustFrameworkPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Remove-EntraBetaTrustFrameworkPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string." + } + + It "Should contain TrustFrameworkPolicyId in parameters when passed Id to it" { + Mock -CommandName Remove-MgBetaTrustFrameworkPolicy -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Remove-EntraBetaTrustFrameworkPolicy -Id "B2C_1A_TRUSTFRAMEWORKLOCALIZATION" + $params = Get-Parameters -data $result + $params.TrustFrameworkPolicyId | Should -Be "B2C_1A_TRUSTFRAMEWORKLOCALIZATION" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaTrustFrameworkPolicy" + $result = Remove-EntraBetaTrustFrameworkPolicy -Id "B2C_1A_TRUSTFRAMEWORKLOCALIZATION" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaTrustFrameworkPolicy" + Should -Invoke -CommandName Remove-MgBetaTrustFrameworkPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaTrustFrameworkPolicy -Id "B2C_1A_TRUSTFRAMEWORKLOCALIZATION" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 new file mode 100644 index 0000000000..8548dcb754 --- /dev/null +++ b/test/EntraBeta/SignIns/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 @@ -0,0 +1,95 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null){ + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaPolicyFeatureRolloutPolicy -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Set-EntraBetaFeatureRolloutPolicy" { + Context "Test for Set-EntraBetaFeatureRolloutPolicy" { + It "Should creates the policy for cloud authentication roll-out in Azure AD." { + $result = Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Feature is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'Feature'*" + } + + It "Should fail when Feature is invalid" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'Feature'*" + } + + It "Should fail when DisplayName is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + + It "Should fail when IsEnabled is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'IsEnabled'*" + } + + It "Should fail when IsEnabled is invalid" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled "" -IsAppliedToOrganization $false -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'IsEnabled'*" + } + + It "Should fail when IsAppliedToOrganization is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization -Description "Feature-Rollout-test" } | Should -Throw "Missing an argument for parameter 'IsAppliedToOrganization'*" + } + + It "Should fail when IsAppliedToOrganization is invalid" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization "" -Description "Feature-Rollout-test" } | Should -Throw "Cannot process argument transformation on parameter 'IsAppliedToOrganization'*" + } + + It "Should fail when Description is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description } | Should -Throw "Missing an argument for parameter 'Description'*" + } + + It "Should fail when AppliesTo is empty" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -AppliesTo } | Should -Throw "Missing an argument for parameter 'AppliesTo'*" + } + + It "Should fail when AppliesTo is invalid" { + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -AppliesTo ""} | Should -Throw "Cannot process argument transformation on parameter 'AppliesTo'*" + } + + It "Should contain FeatureRolloutPolicyId in parameters when passed Id to it" { + Mock -CommandName Update-MgBetaPolicyFeatureRolloutPolicy -MockWith {$args} -ModuleName Microsoft.Entra.Beta.SignIns + + $result = Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $params = Get-Parameters -data $result + $params.FeatureRolloutPolicyId | Should -Be "bbbbcccc-1111-dddd-2222-eeee3333ffff" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaFeatureRolloutPolicy" + Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaFeatureRolloutPolicy" + Should -Invoke -CommandName Update-MgBetaPolicyFeatureRolloutPolicy -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaFeatureRolloutPolicy -Id "bbbbcccc-1111-dddd-2222-eeee3333ffff" -Feature "passwordHashSync" -DisplayName "Feature-Rollout-Policytest" -IsEnabled $true -IsAppliedToOrganization $false -Description "Feature-Rollout-test" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/SignIns/Set-EntraBetaPolicy.Tests.ps1 b/test/EntraBeta/SignIns/Set-EntraBetaPolicy.Tests.ps1 new file mode 100644 index 0000000000..121746d4b7 --- /dev/null +++ b/test/EntraBeta/SignIns/Set-EntraBetaPolicy.Tests.ps1 @@ -0,0 +1,101 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.SignIns) -eq $null) { + Import-Module Microsoft.Entra.Beta.SignIns + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + #Write-Host "Mocking set-EntraPolicy with parameters: $($args | ConvertTo-Json -Depth 3)" + + $response = @{ + '@odata.context' = 'https://graph.microsoft.com/v1.0/$metadata#policies/homeRealmDiscoveryPolicies/$entity' + } + + return $response + } + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.SignIns +} + +Describe "Set-EntraBetaPolicy" { + Context "Test for Set-EntraBetaPolicy" { + It "Should return updated Policy" { + Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Definition @('{"homeRealmDiscoveryPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') -DisplayName "new update 13" -IsOrganizationDefault $false + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should fail when Id is empty" { + { Set-EntraBetaPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + + It "Should fail when Id is invalid" { + { Set-EntraBetaPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string.*" + } + + It "Should fail when Definition is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Definition } | Should -Throw "Missing an argument for parameter 'Definition'*" + } + + It "Should fail when DisplayName is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -DisplayName } | Should -Throw "Missing an argument for parameter 'DisplayName'*" + } + + It "Should fail when IsOrganizationDefault is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsOrganizationDefault } | Should -Throw "Missing an argument for parameter 'IsOrganizationDefault'*" + } + + It "Should fail when IsOrganizationDefault is invalid" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -IsOrganizationDefault "" } | Should -Throw "Cannot process argument transformation on parameter 'IsOrganizationDefault'*" + } + + It "Should fail when KeyCredentials is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -KeyCredentials } | Should -Throw "Missing an argument for parameter 'KeyCredentials'*" + } + + It "Should fail when KeyCredentials is invalid" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -KeyCredentials "" } | Should -Throw "Cannot process argument transformation on parameter 'KeyCredentials'*" + } + + It "Should fail when AlternativeIdentifier is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -AlternativeIdentifier } | Should -Throw "Missing an argument for parameter 'AlternativeIdentifier'*" + } + + It "Should fail when Type is empty" { + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Type } | Should -Throw "Missing an argument for parameter 'Type'*" + } + + It "Should return updated Policy when passes Type" { + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.SignIns + Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Type "HomeRealmDiscoveryPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPolicy" + Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaPolicy" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.SignIns -Times 1 -ParameterFilter { + $Headers.'User-Agent' -eq $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Definition @('{"homeRealmDiscoveryPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}') -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUser.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUser.Tests.ps1 new file mode 100644 index 0000000000..897c1faa0c --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUser.Tests.ps1 @@ -0,0 +1,179 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null) { + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + $valueObject = [PSCustomObject]@{ + "DisplayName" = "Mock-User" + "AccountEnabled" = $true + "Mail" = "User@aaabbbcccc.OnMicrosoft.com" + "userPrincipalName" = "User@aaabbbcccc.OnMicrosoft.com" + "DeletedDateTime" = $null + "CreatedDateTime" = $null + "EmployeeId" = $null + "Id" = "bbbbbbbb-1111-2222-3333-cccccccccccc" + "Surname" = $null + "MailNickName" = "User" + "OnPremisesDistinguishedName" = $null + "OnPremisesSecurityIdentifier" = $null + "OnPremisesUserPrincipalName" = $null + "OnPremisesSyncEnabled" = $false + "onPremisesImmutableId" = $null + "OnPremisesLastSyncDateTime" = $null + "JobTitle" = $null + "CompanyName" = $null + "Department" = $null + "Country" = $null + "BusinessPhones" = @{} + "OnPremisesProvisioningErrors" = @{} + "ImAddresses" = @{} + "ExternalUserState" = $null + "ExternalUserStateChangeDateTime" = $null + "MobilePhone" = $null + } + + + $response = @{ + '@odata.context' = 'Users()' + Value = $valueObject + } + + return @( + $response + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUser" { + Context "Test for Get-EntraBetaUser" { + It "Should return specific user" { + $result = Get-EntraBetaUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + Write-Verbose "Result : {$result}" -Verbose + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUser" + $result = Get-EntraBetaUser -Top 1 + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUser" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when UserId is empty string value" { + { Get-EntraBetaUser -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraBetaUser -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should return all contact" { + $result = Get-EntraBetaUser -All + $result | Should -Not -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when All has an argument" { + { Get-EntraBetaUser -All $true} | Should -Throw "A positional parameter cannot be found that accepts argument 'True'." + } + + It "Should return top user" { + $result = Get-EntraBetaUser -Top 1 + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when top is empty" { + { Get-EntraBetaUser -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + + It "Should fail when top is invalid" { + { Get-EntraBetaUser -Top HH } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + + It "Should return specific user by filter" { + $result = Get-EntraBetaUser -Filter "DisplayName eq 'Mock-User'" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should return specific user by search string" { + $result = Get-EntraBetaUser -SearchString "Mock-User" + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + + } + + It "Should fail when search string is empty" { + { Get-EntraBetaUser -SearchString } | Should -Throw "Missing an argument for parameter 'SearchString'.*" + } + + It "Should fail when Missing an argument for parameter Filter" { + { Get-EntraBetaUser -Filter } | Should -Throw "Missing an argument for parameter 'Filter'*" + } + + It "Property parameter should work" { + $result = Get-EntraBetaUser -Property DisplayName + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be 'Mock-User' + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaUser -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraBetaUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $UserId | Should -Be $null + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUser -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + It "Should execute successfully with Alias" { + $result = Get-EntraBetaUser -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + Write-Verbose "Result : {$result}" -Verbose + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be @('bbbbbbbb-1111-2222-3333-cccccccccccc') + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserExtension.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserExtension.Tests.ps1 new file mode 100644 index 0000000000..dee10058a8 --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserExtension.Tests.ps1 @@ -0,0 +1,82 @@ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null) { + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @{ + "employeeId" = $null + "createdDateTime" = $null + "onPremisesDistinguishedName" = $null + "identities" = @("testuser@contoso.com") + "Parameters" = $args + } + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} +Describe "Get-EntraBetaUserExtension" { + Context "Test for Get-EntraBetaUserExtension" { + It "Should return user extensions" { + $result = Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should execute successfully with Alias" { + $result = Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserExtension" + $result = Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should fail when UserId is empty string value" { + { Get-EntraBetaUserExtension -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraBetaUserExtension -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Property parameter should work" { + $result = Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property DisplayName + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when Property is empty" { + { Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'.*" + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Get-EntraBetaUserExtension -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserLicenseDetail.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserLicenseDetail.Tests.ps1 new file mode 100644 index 0000000000..39fedea276 --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserLicenseDetail.Tests.ps1 @@ -0,0 +1,95 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + Id = "A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u" + ServicePlans = @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + SkuId = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + SkuPartNumber = "ENTERPRISEPREMIUM" + AdditionalProperties = @{} + parameters = $args + } + ) + } + + Mock -CommandName Get-MgBetaUserLicenseDetail -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUserLicenseDetail" { + Context "Test for Get-EntraBetaUserLicenseDetail" { + It "Should return specific User License Detail" { + $result = Get-EntraBetaUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u" + $result.ServicePlans | Should -Be @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + $result.SkuId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.SkuPartNumber | Should -Be "ENTERPRISEPREMIUM" + $result.AdditionalProperties | Should -BeOfType [System.Collections.Hashtable] + + Should -Invoke -CommandName Get-MgBetaUserLicenseDetail -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should return specific User License Detail alias" { + $result = Get-EntraBetaUserLicenseDetail -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.Id | should -Be "A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u" + $result.ServicePlans | Should -Be @("COMMON_DEFENDER_PLATFORM_FOR_OFFICE", "Bing_Chat_Enterprise", "MESH_IMMERSIVE_FOR_TEAMS", "PURVIEW_DISCOVERY") + $result.SkuId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.SkuPartNumber | Should -Be "ENTERPRISEPREMIUM" + $result.AdditionalProperties | Should -BeOfType [System.Collections.Hashtable] + + Should -Invoke -CommandName Get-MgBetaUserLicenseDetail -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when UserId is empty string" { + { Get-EntraBetaUserLicenseDetail -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when UserId is empty" { + { Get-EntraBetaUserLicenseDetail -UserId } | Should -Throw "Missing an argument for parameter 'UserId'. Specify a parameter of type 'System.String' and try again." + } + + It "Should fail when invalid parameter is passed" { + { Get-EntraBetaUserLicenseDetail -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraBetaUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserLicenseDetail" + $result = Get-EntraBetaUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserLicenseDetail" + Should -Invoke -CommandName Get-MgBetaUserLicenseDetail -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUserLicenseDetail -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserManager.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserManager.Tests.ps1 new file mode 100644 index 0000000000..0c669824f1 --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserManager.Tests.ps1 @@ -0,0 +1,162 @@ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + DeletedDateTime = '' + Id = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + '@odata.context' = 'https://graph.microsoft.com/beta/$metadata#directoryObjects/$entity' + '@odata.type' = '#microsoft.graph.user' + accountEnabled = $true + businessPhones = @('+1 858 555 0109') + city = 'San Diego' + createdDateTime = '2023-07-07T14:18:05Z' + country = 'United States' + department = 'Sales & Marketing' + displayName = 'Miriam Graham' + givenName = 'Miriam' + imAddresses = @('miriamg@contoso.com') + infoCatalogs = @{} + isLicenseReconciliationNeeded = $false + isManagementRestricted = $false + jobTitle = 'Director' + mail = 'MiriamG@contoso.com' + mailNickname = 'MiriamG' + officeLocation = '131/2103' + otherMails = @() + postalCode = '92121' + proxyAddresses = @('SMTP:MiriamG@contoso.com') + refreshTokensValidFromDateTime = '2023-07-12T02:36:51Z' + securityIdentifier = 'S-1-12-1-649798363-1255893902-1277583799-1163042182' + signInSessionsValidFromDateTime = '2023-07-12T02:36:51Z' + state = 'CA' + streetAddress = '9255 Towne Center Dr., Suite 400' + surname = 'Graham' + usageLocation = 'NL' + userPrincipalName = 'MiriamG@contoso.com' + userType = 'Member' + assignedLicenses = @( + @{ + disabledPlans = @() + skuId = '6a0f6da5-0b87-4190-a6ae-9bb5a2b9546a' + } + ) + assignedPlans = @( + @{ + assignedDateTime = '2023-07-07T14:18:07Z' + capabilityStatus = 'Enabled' + service = 'ProcessSimple' + servicePlanId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + } + ) + authorizationInfo = @{certificateUserIds = @()} + cloudRealtimeCommunicationInfo = @{isSipEnabled = $true} + deviceKeys = @{} + identities = @( + @{ + signInType = 'userPrincipalName' + issuer = 'contoso.com' + issuerAssignedId = 'MiriamG@contoso.com' + } + ) + onPremisesExtensionAttributes = @{} + onPremisesProvisioningErrors = @{} + onPremisesSipInfo = @{isSipEnabled = $false} + provisionedPlans = @( + @{ + capabilityStatus = 'Enabled' + provisioningStatus = 'Success' + service = 'SharePoint' + } + ) + serviceProvisioningErrors = @{} + AdditionalProperties = @{ + test = 'data' + } + Parameters = $args + } + ) + } + + Mock -CommandName Get-MgBetaUserManager -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUserManager" { + Context "Test for Get-EntraBetaUserManager" { + It "Should return specific user manager" { + $result = Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $result | Should -Not -BeNullOrEmpty + $result.ageGroup | Should -BeNullOrEmpty + $result.onPremisesLastSyncDateTime | Should -BeNullOrEmpty + $result.creationType | Should -BeNullOrEmpty + $result.imAddresses | Should -Be @("miriamg@contoso.com") + $result.preferredLanguage | Should -BeNullOrEmpty + $result.mail | Should -Be "MiriamG@contoso.com" + $result.securityIdentifier | Should -Be "S-1-12-1-649798363-1255893902-1277583799-1163042182" + $result.identities | Should -HaveCount 1 + $result.identities[0].signInType | Should -Be "userPrincipalName" + $result.identities[0].issuer | Should -Be "contoso.com" + $result.identities[0].issuerAssignedId | Should -Be "MiriamG@contoso.com" + + Should -Invoke -CommandName Get-MgBetaUserManager -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when ObjectId is empty" { + { Get-EntraBetaUserManager -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + + It "Should fail when invalid parameter is passed" { + { Get-EntraBetaUserManager -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + + It "Result should Contain ObjectId" { + $result = Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result.Id | should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain UserId in parameters when passed ObjectId to it" { + $result = Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserManager" + + $result = Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result.Parameters + + $params.Headers."User-Agent" | Should -Be $userAgentHeaderValue + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserManager" + $result = Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserManager" + Should -Invoke -CommandName Get-MgBetaUserManager -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserMembership.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserMembership.Tests.ps1 new file mode 100644 index 0000000000..f069562eca --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserMembership.Tests.ps1 @@ -0,0 +1,128 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.group" + "displayName" = "Mock-Membership" + "description" = "MockData" + "organizationId" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + "createdByAppId" = "00001111-aaaa-2222-bbbb-3333cccc4444" + "mailEnabled" = $False + "securityEnabled" = $True + "renewedDateTime" = "2023-10-18T07:21:48Z" + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaUserMemberOf -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUserMembership" { + Context "Test for Get-EntraBetaUserMembership" { + It "Should return specific user membership" { + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.DisplayName | Should -Be "Mock-Membership" + $result.AdditionalProperties."@odata.type" | Should -Be "#microsoft.graph.group" + + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should return specific user membership with alias" { + $result = Get-EntraBetaUserMembership -ObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.DisplayName | Should -Be "Mock-Membership" + $result.AdditionalProperties."@odata.type" | Should -Be "#microsoft.graph.group" + + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Get-EntraBetaUserMembership -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + { Get-EntraBetaUserMembership -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should return all user memberships" { + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 user memberships" { + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top XY } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Result should Contain ObjectId" { + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result.ObjectId | should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + } + It "Should contain UserId in parameters when passed UserId to it" { + + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' + + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserMembership" + + $result = Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserMembership" + Should -Invoke -CommandName Get-MgBetaUserMemberOf -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUserMembership -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserOwnedDevice.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserOwnedDevice.Tests.ps1 new file mode 100644 index 0000000000..3bdbdeefed --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserOwnedDevice.Tests.ps1 @@ -0,0 +1,122 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.device" + "accountEnabled" = $true + "deviceId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "createdDateTime" = "2024-01-18T08:50:28Z" + "deviceVersion" = "2" + "displayName" = "Mock-App" + "isCompliant" = $false + "isManaged" = $true + "operatingSystem" = "WINDOWS" + "operatingSystemVersion" = "10.0.22621.1700" + "physicalIds" = "[HWID]:h:6825786449406074" + "systemLabels" = @{} + "extensionAttributes" = $null + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaUserOwnedDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUserOwnedDevice" { + Context "Test for Get-EntraBetaUserOwnedDevice" { + It "Should return specific user registered device" { + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgBetaUserOwnedDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Get-EntraBetaUserOwnedDevice -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + { Get-EntraBetaUserOwnedDevice -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should return All user registered devices" { + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaUserOwnedDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 user registered device" { + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgBetaUserOwnedDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' + + Should -Invoke -CommandName Get-MgBetaUserOwnedDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserOwnedDevice" + + $result = Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserOwnedDevice" + Should -Invoke -CommandName Get-MgBetaUserOwnedDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUserOwnedDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + + diff --git a/test/EntraBeta/Users/Get-EntraBetaUserRegisteredDevice.Tests.ps1 b/test/EntraBeta/Users/Get-EntraBetaUserRegisteredDevice.Tests.ps1 new file mode 100644 index 0000000000..bf6c0e3a8d --- /dev/null +++ b/test/EntraBeta/Users/Get-EntraBetaUserRegisteredDevice.Tests.ps1 @@ -0,0 +1,121 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + return @( + [PSCustomObject]@{ + "Id" = "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + "DeletedDateTime" = $null + "AdditionalProperties" = @{ + "@odata.type" = "#microsoft.graph.device" + "accountEnabled" = $true + "deviceId" = "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + "createdDateTime" = "2024-01-18T08:50:28Z" + "deviceVersion" = "2" + "displayName" = "Mock-App" + "isCompliant" = $false + "isManaged" = $true + "operatingSystem" = "WINDOWS" + "operatingSystemVersion" = "10.0.22621.1700" + "physicalIds" = "[HWID]:h:6825786449406074" + "systemLabels" = @{} + "extensionAttributes" = $null + } + "Parameters" = $args + } + ) + } + + Mock -CommandName Get-MgBetaUserRegisteredDevice -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Get-EntraBetaUserRegisteredDevice" { + Context "Test for Get-EntraBetaUserRegisteredDevice" { + It "Should return specific user registered device" { + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgBetaUserRegisteredDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Get-EntraBetaUserRegisteredDevice -UserId } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + { Get-EntraBetaUserRegisteredDevice -UserId ""} | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should return All user registered devices" { + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All + $result | Should -Not -BeNullOrEmpty + + Should -Invoke -CommandName Get-MgBetaUserRegisteredDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when All is invalid" { + { Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -All xyz } | Should -Throw "A positional parameter cannot be found that accepts argument 'xyz'.*" + } + It "Should return top 1 user registered device" { + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top 1 + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be "aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb" + $result.AdditionalProperties.deviceId | Should -Be "aaaaaaaa-0b0b-1c1c-2d2d-333333333333" + $result.AdditionalProperties.displayName | Should -Be "Mock-App" + + Should -Invoke -CommandName Get-MgBetaUserRegisteredDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Top is empty" { + { Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top } | Should -Throw "Missing an argument for parameter 'Top'*" + } + It "Should fail when Top is invalid" { + { Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Top xyz } | Should -Throw "Cannot process argument transformation on parameter 'Top'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result.Parameters + $params.UserId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + It "Property parameter should work" { + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property Id + $result | Should -Not -BeNullOrEmpty + $result.Id | Should -Be 'aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb' + + Should -Invoke -CommandName Get-MgBetaUserRegisteredDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when Property is empty" { + { Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Property } | Should -Throw "Missing an argument for parameter 'Property'*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserRegisteredDevice" + + $result = Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -Not -BeNullOrEmpty + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Get-EntraBetaUserRegisteredDevice" + Should -Invoke -CommandName Get-MgBetaUserRegisteredDevice -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Get-EntraBetaUserRegisteredDevice -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/New-EntraBetaUser.Tests.ps1 b/test/EntraBeta/Users/New-EntraBetaUser.Tests.ps1 new file mode 100644 index 0000000000..83599f67c5 --- /dev/null +++ b/test/EntraBeta/Users/New-EntraBetaUser.Tests.ps1 @@ -0,0 +1,196 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if ((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null) { + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + $scriptblock = { + + #Write-Host "Mocking New-EntraBetaUser with parameters: $($args | ConvertTo-Json -Depth 3)" + return @( + [PSCustomObject]@{ + DisplayName = "demo004" + Id = "sdjfksd-2343-n21kj" + UserPrincipalName = "demo004@contoso.com" + AccountEnabled = "True" + MailNickname = "demoUser" + AgeGroup = "adult" + Parameters = $args + City = "New York" + ExternalUserStateChangeDateTime = "2024-05-02" + CompanyName = "ABC Inc" + PreferredLanguage = "English" + FacsimileTelephoneNumber = "123456789" + GivenName = "John" + mobilePhone = "987654321" + UsageLocation = "US" + PostalCode = "10001" + CreationType = "Manual" + ConsentProvidedForMinor = "Yes" + onPremisesImmutableId = "1234567890" + Country = "USA" + Department = "IT" + PasswordPolicies = "Default" + JobTitle = "Engineer" + IsCompromised = $false + ExternalUserState = "Active" + UserType = "Member" + OtherMails = @("alternate@email.com") + PhysicalDeliveryOfficeName = "Office A" + State = "NY" + StreetAddress = "123 Main St" + BusinessPhones = "987654321" + Surname = "Doe" + ShowInAddressList = $true + } + ) + } + + Mock -CommandName Invoke-GraphRequest -MockWith $scriptblock -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "New-EntraBetaUser" { + Context "Test for New-EntraBetaUser" { + + It "Should return created User" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + $result = New-EntraBetaUser ` + -DisplayName "demo004" ` + -PasswordProfile $PasswordProfile ` + -UserPrincipalName "demo004@contoso.com" ` + -AccountEnabled $true ` + -MailNickName "demoUser" ` + -AgeGroup "adult" ` + -City "New York" ` + -UserStateChangedOn "2024-05-02" ` + -CompanyName "ABC Inc" ` + -PreferredLanguage "English" ` + -FacsimileTelephoneNumber "123456789" ` + -GivenName "John" ` + -Mobile "987654321" ` + -UsageLocation "US" ` + -PostalCode "10001" ` + -CreationType "Manual" ` + -ConsentProvidedForMinor "Yes" ` + -ImmutableId "1234567890" ` + -Country "USA" ` + -Department "IT" ` + -PasswordPolicies "Default" ` + -JobTitle "Engineer" ` + -IsCompromised $false ` + -UserState "Active" ` + -UserType "Member" ` + -OtherMails @("alternate@email.com") ` + -PhysicalDeliveryOfficeName "Office A" ` + -State "NY" ` + -StreetAddress "123 Main St" ` + -TelephoneNumber "987654321" ` + -Surname "Doe" ` + -ShowInAddressList $true + + $result | Should -Not -BeNullOrEmpty + $result.DisplayName | Should -Be "demo004" + $result.AccountEnabled | Should -Be $true + $result.UserPrincipalName | Should -Be "demo004@contoso.com" + $result.MailNickName | Should -Be "demoUser" + $result.AgeGroup | Should -Be "adult" + $result.City | Should -Be "New York" + $result.UserStateChangedOn | Should -Be "2024-05-02" + $result.CompanyName | Should -Be "ABC Inc" + $result.PreferredLanguage | Should -Be "English" + $result.FacsimileTelephoneNumber | Should -Be "123456789" + $result.GivenName | Should -Be "John" + $result.Mobile | Should -Be "987654321" + $result.UsageLocation | Should -Be "US" + $result.PostalCode | Should -Be "10001" + $result.CreationType | Should -Be "Manual" + $result.ConsentProvidedForMinor | Should -Be "Yes" + $result.ImmutableId | Should -Be "1234567890" + $result.Country | Should -Be "USA" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when parameters are empty" { + { New-EntraBetaUser -DisplayName "" -AgeGroup "" -AccountEnabled -MailNickName "" -UserPrincipalName "" } | Should -Throw "Missing an argument for parameter*" + } + + It "Should contain 'User-Agent' header" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaUser" + $result = New-EntraBetaUser -DisplayName "demo002" -PasswordProfile $PasswordProfile -UserPrincipalName "demo001@contoso.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" + $result | Should -Not -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion New-EntraBetaUser" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should contain MobilePhone in parameters when passed Mobile to it" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + $result = New-EntraBetaUser -DisplayName "demo002" -PasswordProfile $PasswordProfile -UserPrincipalName "demo001@contoso.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" -Mobile "1234567890" + $params = Get-Parameters -data $result.Parameters + ($params.Body | ConvertFrom-Json ).MobilePhone | Should -Be "1234567890" + } + + It "Should contain ExternalUserState, OnPremisesImmutableId, ExternalUserStateChangeDateTime, BusinessPhones" { + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + # format like "yyyy-MM-dd HH:mm:ss" + $userStateChangedOn = [System.DateTime]::Parse("2015-12-08 15:15:19") + + + $result = New-EntraBetaUser -DisplayName "demo002" -PasswordProfile $PasswordProfile ` + -UserPrincipalName "demo001@contoso.com" -AccountEnabled $true ` + -MailNickName "demo002NickName" -AgeGroup "adult" ` + -UserState "PendingAcceptance" ` + -UserStateChangedOn $userStateChangedOn ` + -ImmutableId "djkjsajsa-e32j2-2i32" ` + -TelephoneNumber "1234567890" + + $params = Get-Parameters -data $result.Parameters + + $requestBody = $params.Body | ConvertFrom-Json + + $requestBody.BusinessPhones | Should -Be "1234567890" + + $requestBody.ExternalUserState | Should -Be "PendingAcceptance" + + $requestBody.OnPremisesImmutableId | Should -Be "djkjsajsa-e32j2-2i32" + + $requestBody.ExternalUserStateChangeDateTime | Should -Be $userStateChangedOn + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + # Define Password Profile + $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile + $PasswordProfile.Password = "test@1234" + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { New-EntraBetaUser -DisplayName "demo002" -PasswordProfile $PasswordProfile -UserPrincipalName "demo001@contoso.com" -AccountEnabled $true -MailNickName "demo002NickName" -AgeGroup "adult" -Mobile "1234567890" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Remove-EntraBetaUser.Tests.ps1 b/test/EntraBeta/Users/Remove-EntraBetaUser.Tests.ps1 new file mode 100644 index 0000000000..04fb2c6628 --- /dev/null +++ b/test/EntraBeta/Users/Remove-EntraBetaUser.Tests.ps1 @@ -0,0 +1,63 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaUser -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Remove-EntraBetaUser" { + Context "Test for Remove-EntraBetaUser" { + It "Should return empty object" { + $result = Remove-EntraBetaUser -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Remove-EntraBetaUser -UserId "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraBetaUser -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaUser -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Users + + $result = Remove-EntraBetaUser -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaUser" + $result = Remove-EntraBetaUser -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaUser" + Should -Invoke -CommandName Remove-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaUser -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Remove-EntraBetaUserManager.Tests.ps1 b/test/EntraBeta/Users/Remove-EntraBetaUserManager.Tests.ps1 new file mode 100644 index 0000000000..2cd4c63dd8 --- /dev/null +++ b/test/EntraBeta/Users/Remove-EntraBetaUserManager.Tests.ps1 @@ -0,0 +1,63 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Remove-MgBetaUserManagerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Remove-EntraBetaUserManager" { + Context "Test for Remove-EntraBetaUserManager" { + It "Should return empty object" { + $result = Remove-EntraBetaUserManager -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should return empty object with alias" { + $result = Remove-EntraBetaUserManager -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Remove-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Remove-EntraBetaUserManager -UserId "" } | Should -Throw "Cannot bind argument to parameter*" + } + It "Should fail when invalid parameter is passed" { + { Remove-EntraBetaUserManager -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaUserManagerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Users + + $result = Remove-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaUserManager" + $result = Remove-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaUserManager" + Should -Invoke -CommandName Remove-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaUserManager -UserId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Set-EntraBetaUser.Tests.ps1 b/test/EntraBeta/Users/Set-EntraBetaUser.Tests.ps1 new file mode 100644 index 0000000000..e455e6673a --- /dev/null +++ b/test/EntraBeta/Users/Set-EntraBetaUser.Tests.ps1 @@ -0,0 +1,63 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgBetaUser -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Set-EntraBetaUser"{ + Context "Test for Set-EntraBetaUser" { + It "Should return empty object"{ + $result = Set-EntraBetaUser -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should return empty object with alias"{ + $result = Set-EntraBetaUser -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -DisplayName "Mock-App" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Update-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when ObjectId is empty" { + { Set-EntraBetaUser -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should fail when invalid parameter is passed" { + { Set-EntraBetaUser -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain UserId in parameters when passed ObjectId to it" { + Mock -CommandName Update-MgBetaUser -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Users + + $result = Set-EntraBetaUser -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $params = Get-Parameters -data $result + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaUser" + $result = Set-EntraBetaUser -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaUser" + Should -Invoke -CommandName Update-MgBetaUser -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaUser -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'-Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Set-EntraBetaUserManager.Tests.ps1 b/test/EntraBeta/Users/Set-EntraBetaUserManager.Tests.ps1 new file mode 100644 index 0000000000..3920979691 --- /dev/null +++ b/test/EntraBeta/Users/Set-EntraBetaUserManager.Tests.ps1 @@ -0,0 +1,64 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Set-MgBetaUserManagerByRef -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Set-EntraBetaUserManager"{ + Context "Test for Set-EntraBetaUserManager" { + It "Should return empty object"{ + $result = Set-EntraBetaUserManager -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Set-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should return empty object with alias"{ + $result = Set-EntraBetaUserManager -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Set-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserId is empty" { + { Set-EntraBetaUserManager -UserId "" } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string." + } + It "Should fail when invalid parameter is passed" { + { Set-EntraBetaUserManager -Power "abc" } | Should -Throw "A parameter cannot be found that matches parameter name 'Power'*" + } + It "Should contain UserId in parameters when passed UserId to it" { + Mock -CommandName Set-MgBetaUserManagerByRef -MockWith {$args} -ModuleName Microsoft.Entra.Beta.Users + + $result = Set-EntraBetaUserManager -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.UserId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaUserManager" + $result = Set-EntraBetaUserManager -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraBetaUserManager" + Should -Invoke -CommandName Set-MgBetaUserManagerByRef -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraBetaUserManager -UserId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' -RefObjectId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} + diff --git a/test/EntraBeta/Users/Update-EntraBetaSignedInUserPassword.Tests.ps1 b/test/EntraBeta/Users/Update-EntraBetaSignedInUserPassword.Tests.ps1 new file mode 100644 index 0000000000..d0d503de45 --- /dev/null +++ b/test/EntraBeta/Users/Update-EntraBetaSignedInUserPassword.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + +Describe "Tests for Update-EntraBetaSignedInUserPassword"{ + Context "Test for Update-EntraBetaSignedInUserPassword" { + It "should updates the password for the signed-in user."{ + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + + It "Should fail when CurrentPassword is null" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword -NewPassword $NewPassword} | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" + } + + It "Should fail when CurrentPassword is empty" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword "" -NewPassword $NewPassword } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" + } + + It "Should fail when NewPassword is null" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" + } + + It "Should fail when NewPassword is empty" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/EntraBeta/Users/Update-EntraBetaUserFromFederated.Tests.ps1 b/test/EntraBeta/Users/Update-EntraBetaUserFromFederated.Tests.ps1 new file mode 100644 index 0000000000..678a9ae405 --- /dev/null +++ b/test/EntraBeta/Users/Update-EntraBetaUserFromFederated.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Entra.Beta.Users) -eq $null){ + Import-Module Microsoft.Entra.Beta.Users + } + Import-Module (Join-Path $PSScriptRoot "..\..\Common-Functions.ps1") -Force + $scriptblockForAuthenticationMethod = { + return @( + [PSCustomObject]@{ + "Id" = "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + ) + } + $scriptblockForMgUser= { + return @( + [PSCustomObject]@{ + "Id" = "22cc22cc-dd33-ee44-ff55-66aa66aa66aa" + } + ) + } + + Mock -CommandName Get-MgBetaUserAuthenticationMethod -MockWith $scriptblockForAuthenticationMethod -ModuleName Microsoft.Entra.Beta.Users + Mock -CommandName Get-MgBetaUser -MockWith $scriptblockForMgUser -ModuleName Microsoft.Entra.Beta.Users + Mock -CommandName Reset-MgBetaUserAuthenticationMethodPassword -MockWith {} -ModuleName Microsoft.Entra.Beta.Users +} + + Describe "Update-EntraBetaUserFromFederated" { + Context "Test for Update-EntraBetaUserFromFederated" { + It "Should sets identity synchronization features for a tenant" { + $result = Update-EntraBetaUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Reset-MgBetaUserAuthenticationMethodPassword -ModuleName Microsoft.Entra.Beta.Users -Times 1 + } + It "Should fail when UserPrincipalName is empty" { + {Update-EntraBetaUserFromFederated -UserPrincipalName } | Should -Throw "Missing an argument for parameter 'UserPrincipalName'. Specify a parameter*" + } + It "Should fail when UserPrincipalName is invalid" { + {Update-EntraBetaUserFromFederated -UserPrincipalName ""} | Should -Throw "Cannot bind argument to parameter 'UserPrincipalName' because it is an empty string*" + } + It "Should fail when NewPassword is empty" { + { Update-EntraBetaUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'. Specify a parameter*" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaUserFromFederated" + + Update-EntraBetaUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaUserFromFederated" + + Should -Invoke -CommandName Reset-MgBetaUserAuthenticationMethodPassword -ModuleName Microsoft.Entra.Beta.Users -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Update-EntraBetaUserFromFederated -UserPrincipalName "xyz.onmicrosoft.com" -NewPassword "Pass1234" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} + diff --git a/test/module/Entra/Entra.Tests.ps1 b/test/module/Entra/Entra.Tests.ps1 deleted file mode 100644 index 4fa9df9b09..0000000000 --- a/test/module/Entra/Entra.Tests.ps1 +++ /dev/null @@ -1,31 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -if($null -eq (Get-Module -Name Microsoft.Graph.Entra)){ - Import-Module Microsoft.Graph.Entra -} - -Import-Module Pester - -$psmPath = (Get-Module Microsoft.Graph.Entra).Path -$testReportPath = join-path $psscriptroot "..\..\..\TestReport\Entra" -$mockScriptsPath = join-path $psscriptroot "..\..\..\test\module\Entra\*.Tests.ps1" - -$testOutputFile = "$testReportPath\TestResults.xml" -if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} - -$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "Entra.Tests.ps1" | ForEach-Object { $_.FullName } - -$config = New-PesterConfiguration -$config.Run.Path = $mockScripts -$config.Run.PassThru = $true -$config.Run.Exit = $true -$config.CodeCoverage.Enabled = $true -$config.CodeCoverage.CoveragePercentTarget = 100 -$config.CodeCoverage.Path = $psmPath -$config.TestResult.Enabled = $true -$config.TestResult.OutputPath = $testOutputFile -$config.Output.Verbosity = "Detailed" - -Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 b/test/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 deleted file mode 100644 index 6e6e9e2169..0000000000 --- a/test/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 +++ /dev/null @@ -1,72 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraApplicationExtensionProperty" { - Context "Test for Remove-EntraApplicationExtensionProperty" { - It "Should return empty object" { - $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should execute successfully with Alias" { - $result = Remove-EntraApplicationExtensionProperty -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when ApplicationId is empty" { - { Remove-EntraApplicationExtensionProperty -ApplicationId -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444"} | Should -Throw "Missing an argument for parameter 'ApplicationId'*" - } - It "Should fail when ApplicationId is invalid" { - { Remove-EntraApplicationExtensionProperty -ApplicationId "" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." - } - It "Should fail when ExtensionPropertyId is empty" { - { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId } | Should -Throw "Missing an argument for parameter 'ExtensionPropertyId'*" - } - It "Should fail when ExtensionPropertyId is invalid" { - { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "" } | Should -Throw "Cannot bind argument to parameter 'ExtensionPropertyId' because it is an empty string." - } - It "Should contain ApplicationId in parameters when passed ApplicationId to it" { - Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" - $params = Get-Parameters -data $result - $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" - - Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" - - Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 b/test/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 deleted file mode 100644 index 3e7a531075..0000000000 --- a/test/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 +++ /dev/null @@ -1,82 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - #Import-Module .\bin\Microsoft.Graph.Entra.psm1 -Force - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraDeviceRegisteredOwner" { - Context "Test for Remove-EntraDeviceRegisteredOwner" { - It "Should return empty object" { - $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should execute successfully with Alias" { - $result = Remove-EntraDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when DeviceId is empty" { - { Remove-EntraDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } - } - It "Should fail when DeviceId is invalid" { - { Remove-EntraDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } - } - It "Should fail when OwnerId is empty" { - { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } - } - It "Should fail when OwnerId is invalid" { - { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } - } - It "Should contain DeviceId in parameters when passed OwnerId to it" { - Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { - Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" - - $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" - - Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 b/test/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 deleted file mode 100644 index b2f4e8fa4c..0000000000 --- a/test/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 +++ /dev/null @@ -1,82 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - #Import-Module .\bin\Microsoft.Graph.Entra.psm1 -Force - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraDeviceRegisteredUser" { - Context "Test for Remove-EntraDeviceRegisteredUser" { - It "Should return empty object" { - $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should execute successfully with Alias" { - $result = Remove-EntraDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when DeviceId is empty" { - { Remove-EntraDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } - } - It "Should fail when DeviceId is invalid" { - { Remove-EntraDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } - } - It "Should fail when UserId is empty" { - { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } - } - It "Should fail when UserId is invalid" { - { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } - } - It "Should contain DeviceId in parameters when passed UserId to it" { - Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain DirectoryObjectId in parameters when passed UserId to it" { - Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" - - Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" - - Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 b/test/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 deleted file mode 100644 index ae40a78f57..0000000000 --- a/test/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 +++ /dev/null @@ -1,72 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraGroupAppRoleAssignment" { - Context "Test for Remove-EntraGroupAppRoleAssignment" { - It "Should return empty object" { - $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should return empty object with Alias" { - $result = Remove-EntraGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when GroupId is empty" { - { Remove-EntraGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" - } - It "Should fail when GroupId is invalid" { - { Remove-EntraGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." - } - It "Should fail when AppRoleAssignmentId is empty" { - { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" - } - It "Should fail when AppRoleAssignmentId is invalid" { - { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." - } - It "Should contain GroupId in parameters when passed GroupId to it" { - Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $params = Get-Parameters -data $result - $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" - - Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" - - Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 b/test/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 deleted file mode 100644 index f4e169c200..0000000000 --- a/test/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 +++ /dev/null @@ -1,60 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraNamedLocationPolicy" { - Context "Test for Remove-EntraNamedLocationPolicy" { - It "Should return empty object" { - $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when PolicyId is empty" { - { Remove-EntraNamedLocationPolicy -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" - } - It "Should fail when PolicyId is invalid" { - { Remove-EntraNamedLocationPolicy -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string*" - } - It "Should contain NamedLocationId in parameters when passed PolicyId to it" { - Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" - $params = Get-Parameters -data $result - $params.NamedLocationId | Should -Be "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" - - Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" - - Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 b/test/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 deleted file mode 100644 index de2afed6a9..0000000000 --- a/test/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 +++ /dev/null @@ -1,60 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraGroupAppRoleAssignment" { - Context "Test for Remove-EntraGroupAppRoleAssignment" { - It "Should return empty object" { - $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when ObjectId is empty" { - { Remove-EntraOAuth2PermissionGrant -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" - } - It "Should fail when ObjectId is invalid" { - { Remove-EntraOAuth2PermissionGrant -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." - } - It "Should contain OAuth2PermissionGrantId in parameters when passed ObjectId to it" { - Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - $params = Get-Parameters -data $result - $params.OAuth2PermissionGrantId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" - - Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" - - Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 b/test/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 deleted file mode 100644 index 09ea4413ef..0000000000 --- a/test/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 +++ /dev/null @@ -1,60 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Remove-EntraPermissionGrantPolicy" { - Context "Test for Remove-EntraPermissionGrantPolicy" { - It "Should return empty object" { - $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when Id is empty" { - { Remove-EntraPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" - } - It "Should fail when Id is invalid" { - { Remove-EntraPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string*" - } - It "Should contain PermissionGrantPolicyId in parameters when passed Id to it" { - Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" - $params = Get-Parameters -data $result - $params.PermissionGrantPolicyId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" - - Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" - - Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - {Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Set-EntraUserPassword.Tests.ps1 b/test/module/Entra/Set-EntraUserPassword.Tests.ps1 deleted file mode 100644 index 82c1185d76..0000000000 --- a/test/module/Entra/Set-EntraUserPassword.Tests.ps1 +++ /dev/null @@ -1,122 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force - - Mock -CommandName Update-MgUser -MockWith {} -ModuleName Microsoft.Graph.Entra -} - -Describe "Set-EntraUserPassword" { - Context "Test for Set-EntraUserPassword" { - It "Should return empty object" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when UserId is empty" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId -Password $secPassword } | Should -Throw "Missing an argument for parameter 'UserId'*" - } - It "Should fail when UserId is invalid" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId "" -Password $secPassword } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string*" - } - It "Should fail when Password is empty" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password } | Should -Throw "Missing an argument for parameter 'Password'*" - } - It "Should fail when Password is invalid" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password "" } | Should -Throw "Cannot process argument transformation on parameter 'Password'*" - } - It "Should fail when ForceChangePasswordNextLogin is empty" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin } | Should -Throw "Missing an argument for parameter 'ForceChangePasswordNextLogin'*" - } - It "Should fail when ForceChangePasswordNextLogin is invalid" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin xyz } | Should -Throw "Cannot process argument transformation on parameter 'ForceChangePasswordNextLogin'*" - } - It "Should fail when EnforceChangePasswordPolicy is empty" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy } | Should -Throw "Missing an argument for parameter 'EnforceChangePasswordPolicy'*" - } - It "Should fail when EnforceChangePasswordPolicy is invalid" { - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy xyz } | Should -Throw "Cannot process argument transformation on parameter 'EnforceChangePasswordPolicy'*" - } - It "Should contain ForceChangePasswordNextSignIn in parameters when passed ForceChangePasswordNextLogin to it" { - Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true - $params = Get-Parameters -data $result - $params.PasswordProfile.ForceChangePasswordNextSignIn | Should -Be $true - } - It "Should contain ForceChangePasswordNextSignInWithMfa in parameters when passed EnforceChangePasswordPolicy to it" { - Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Graph.Entra - - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true - $params = Get-Parameters -data $result - $params.PasswordProfile.ForceChangePasswordNextSignInWithMfa | Should -Be $true - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true - $result | Should -BeNullOrEmpty - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" - Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - $userUPN="mock106@M365x99297270.OnMicrosoft.com" - $newPassword="New@12345" - $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 b/test/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 deleted file mode 100644 index 51095c4de5..0000000000 --- a/test/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 +++ /dev/null @@ -1,66 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -BeforeAll{ - if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ - Import-Module Microsoft.Graph.Entra - } - Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force - - Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Graph.Entra - - $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force -} -Describe "Tests for Update-EntraSignedInUserPassword"{ - Context "Test for Update-EntraSignedInUserPassword" { - It "should return empty object"{ - $result = Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword - $result | Should -BeNullOrEmpty - Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra -Times 1 - } - It "Should fail when CurrentPassword is null" { - { Update-EntraSignedInUserPassword -CurrentPassword } | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" - } - It "Should fail when CurrentPassword is empty" { - { Update-EntraSignedInUserPassword -CurrentPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" - } - It "Should fail when NewPassword is null" { - { Update-EntraSignedInUserPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" - } - It "Should fail when NewPassword is empty" { - { Update-EntraSignedInUserPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" - - Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" - - Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { - Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug - } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - - } -} diff --git a/test/module/EntraBeta/EntraBeta.Tests.ps1 b/test/module/EntraBeta/EntraBeta.Tests.ps1 deleted file mode 100644 index 1f1342c757..0000000000 --- a/test/module/EntraBeta/EntraBeta.Tests.ps1 +++ /dev/null @@ -1,31 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -if($null -eq (Get-Module -Name Microsoft.Graph.Entra.Beta)){ - Import-Module Microsoft.Graph.Entra.Beta -} - -Import-Module Pester - -$psmPath = (Get-Module Microsoft.Graph.Entra.Beta).Path -$testReportPath = join-path $psscriptroot "..\..\..\TestReport\EntraBeta" -$mockScriptsPath = join-path $psscriptroot "..\..\..\test\module\EntraBeta\*.Tests.ps1" - -$testOutputFile = "$testReportPath\TestResults.xml" -if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} - -$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "EntraBeta.Tests.ps1" | ForEach-Object { $_.FullName } - -$config = New-PesterConfiguration -$config.Run.Path = $mockScripts -$config.Run.PassThru = $true -$config.Run.Exit = $true -$config.CodeCoverage.Enabled = $false -$config.CodeCoverage.CoveragePercentTarget = 100 -$config.CodeCoverage.Path = $psmPath -$config.TestResult.Enabled = $true -$config.TestResult.OutputPath = $testOutputFile -$config.Output.Verbosity = "Detailed" - -Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 deleted file mode 100644 index 86f912b287..0000000000 --- a/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 +++ /dev/null @@ -1,81 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ - Import-Module Microsoft.Graph.Entra.Beta - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta -} - -Describe "Remove-EntraBetaDeviceRegisteredOwner" { - Context "Test for Remove-EntraBetaDeviceRegisteredOwner" { - It "Should return empty object" { - $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should execute successfully with Alias" { - $result = Remove-EntraBetaDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should fail when DeviceId is empty" { - { Remove-EntraBetaDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } - } - It "Should fail when DeviceId is invalid" { - { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } - } - It "Should fail when OwnerId is empty" { - { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } - } - It "Should fail when OwnerId is invalid" { - { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } - } - It "Should contain DeviceId in parameters when passed OwnerId to it" { - Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta - - $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { - Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta - - $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" - - $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 deleted file mode 100644 index 3fa83d4e0f..0000000000 --- a/test/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 +++ /dev/null @@ -1,81 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ - Import-Module Microsoft.Graph.Entra.Beta - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta -} - -Describe "Remove-EntraBetaDeviceRegisteredUser" { - Context "Test for Remove-EntraBetaDeviceRegisteredUser" { - It "Should return empty object" { - $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should execute successfully with Alias" { - $result = Remove-EntraBetaDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should fail when DeviceId is empty" { - { Remove-EntraBetaDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } - } - It "Should fail when DeviceId is invalid" { - { Remove-EntraBetaDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } - } - It "Should fail when UserId is empty" { - { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } - } - It "Should fail when UserId is invalid" { - { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } - } - It "Should contain DeviceId in parameters when passed UserId to it" { - Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta - - $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain DirectoryObjectId in parameters when passed UserId to it" { - Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta - - $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - $params = Get-Parameters -data $result - $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" - - Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" - - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" - - Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error" { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 deleted file mode 100644 index 56e3f79727..0000000000 --- a/test/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 +++ /dev/null @@ -1,69 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ - Import-Module Microsoft.Graph.Entra.Beta - } - Import-Module .\test\module\Common-Functions.ps1 -Force - - Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta -} - -Describe "Remove-EntraBetaGroupAppRoleAssignment" { - Context "Test for Remove-EntraBetaGroupAppRoleAssignment" { - It "Should return empty object" { - $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should return empty object with Alias" { - $result = Remove-EntraBetaGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $result | Should -BeNullOrEmpty - - Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - It "Should fail when GroupId is empty" { - { Remove-EntraBetaGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" - } - It "Should fail when GroupId is invalid" { - { Remove-EntraBetaGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." - } - It "Should fail when AppRoleAssignmentId is empty" { - { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" - } - It "Should fail when AppRoleAssignmentId is invalid" { - { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." - } - It "Should contain GroupId in parameters when passed GroupId to it" { - Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta - - $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - $params = Get-Parameters -data $result - $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" - } - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupAppRoleAssignment" - Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" - - Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - It "Should execute successfully without throwing an error " { - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 b/test/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 deleted file mode 100644 index 7fcc32e0e0..0000000000 --- a/test/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 +++ /dev/null @@ -1,77 +0,0 @@ -# ------------------------------------------------------------------------------ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. -# ------------------------------------------------------------------------------ - -BeforeAll { - if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ - Import-Module Microsoft.Graph.Entra.Beta - } - Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force - - Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta -} - -Describe "Tests for Update-EntraBetaSignedInUserPassword"{ - Context "Test for Update-EntraBetaSignedInUserPassword" { - It "should updates the password for the signed-in user."{ - $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword - $result | Should -BeNullOrEmpty - Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra.Beta -Times 1 - } - - It "Should fail when CurrentPassword is null" { - { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - Update-EntraBetaSignedInUserPassword -CurrentPassword -NewPassword $NewPassword} | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" - } - - It "Should fail when CurrentPassword is empty" { - { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - Update-EntraBetaSignedInUserPassword -CurrentPassword "" -NewPassword $NewPassword } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" - } - - It "Should fail when NewPassword is null" { - { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" - } - - It "Should fail when NewPassword is empty" { - { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" - } - - It "Should contain 'User-Agent' header" { - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" - $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword - $result | Should -BeNullOrEmpty - $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" - Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { - $Headers.'User-Agent' | Should -Be $userAgentHeaderValue - $true - } - } - - It "Should execute successfully without throwing an error " { - $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force - $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force - # Disable confirmation prompts - $originalDebugPreference = $DebugPreference - $DebugPreference = 'Continue' - - try { - # Act & Assert: Ensure the function doesn't throw an exception - { Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug } | Should -Not -Throw - } finally { - # Restore original confirmation preference - $DebugPreference = $originalDebugPreference - } - } - } -} \ No newline at end of file diff --git a/test/Customizations.Test.ps1 b/test_legacy/Customizations.Test.ps1 similarity index 100% rename from test/Customizations.Test.ps1 rename to test_legacy/Customizations.Test.ps1 diff --git a/test/module/Common-Functions.ps1 b/test_legacy/module/Common-Functions.ps1 similarity index 100% rename from test/module/Common-Functions.ps1 rename to test_legacy/module/Common-Functions.ps1 diff --git a/test/module/Entra/Add-EntraAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/Entra/Add-EntraAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/Entra/Add-EntraApplicationOwner.Tests.ps1 b/test_legacy/module/Entra/Add-EntraApplicationOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraApplicationOwner.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraApplicationOwner.Tests.ps1 diff --git a/test/module/Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/Entra/Add-EntraDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/Entra/Add-EntraDeviceRegisteredOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraDeviceRegisteredOwner.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraDeviceRegisteredOwner.Tests.ps1 diff --git a/test/module/Entra/Add-EntraDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/Entra/Add-EntraDeviceRegisteredUser.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraDeviceRegisteredUser.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraDeviceRegisteredUser.Tests.ps1 diff --git a/test/module/Entra/Add-EntraDirectoryRoleMember.Tests.ps1 b/test_legacy/module/Entra/Add-EntraDirectoryRoleMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraDirectoryRoleMember.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraDirectoryRoleMember.Tests.ps1 diff --git a/test/module/Entra/Add-EntraGroupMember.Tests.ps1 b/test_legacy/module/Entra/Add-EntraGroupMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraGroupMember.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraGroupMember.Tests.ps1 diff --git a/test/module/Entra/Add-EntraGroupOwner.Tests.ps1 b/test_legacy/module/Entra/Add-EntraGroupOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraGroupOwner.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraGroupOwner.Tests.ps1 diff --git a/test/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 b/test_legacy/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraLifecyclePolicyGroup.Tests.ps1 diff --git a/test/module/Entra/Add-EntraScopedRoleMembership.Tests.ps1 b/test_legacy/module/Entra/Add-EntraScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraScopedRoleMembership.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraScopedRoleMembership.Tests.ps1 diff --git a/test/module/Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test_legacy/module/Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 diff --git a/test/module/Entra/Add-EntraServicePrincipalOwner.Tests.ps1 b/test_legacy/module/Entra/Add-EntraServicePrincipalOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Add-EntraServicePrincipalOwner.Tests.ps1 rename to test_legacy/module/Entra/Add-EntraServicePrincipalOwner.Tests.ps1 diff --git a/test/module/Entra/AddtionalFunctions.Tests.ps1 b/test_legacy/module/Entra/AddtionalFunctions.Tests.ps1 similarity index 100% rename from test/module/Entra/AddtionalFunctions.Tests.ps1 rename to test_legacy/module/Entra/AddtionalFunctions.Tests.ps1 diff --git a/test/module/Entra/Common-Parameter.Tests.ps1 b/test_legacy/module/Entra/Common-Parameter.Tests.ps1 similarity index 100% rename from test/module/Entra/Common-Parameter.Tests.ps1 rename to test_legacy/module/Entra/Common-Parameter.Tests.ps1 diff --git a/test/module/Entra/Connect-Entra.Tests.ps1 b/test_legacy/module/Entra/Connect-Entra.Tests.ps1 similarity index 100% rename from test/module/Entra/Connect-Entra.Tests.ps1 rename to test_legacy/module/Entra/Connect-Entra.Tests.ps1 diff --git a/test/module/Entra/Customizations.Tests.ps1 b/test_legacy/module/Entra/Customizations.Tests.ps1 similarity index 100% rename from test/module/Entra/Customizations.Tests.ps1 rename to test_legacy/module/Entra/Customizations.Tests.ps1 diff --git a/test/module/Entra/Disconnect-Entra.Tests.ps1 b/test_legacy/module/Entra/Disconnect-Entra.Tests.ps1 similarity index 100% rename from test/module/Entra/Disconnect-Entra.Tests.ps1 rename to test_legacy/module/Entra/Disconnect-Entra.Tests.ps1 diff --git a/test/module/Entra/Enable-EntraDirectoryRole.Tests.ps1 b/test_legacy/module/Entra/Enable-EntraDirectoryRole.Tests.ps1 similarity index 100% rename from test/module/Entra/Enable-EntraDirectoryRole.Tests.ps1 rename to test_legacy/module/Entra/Enable-EntraDirectoryRole.Tests.ps1 diff --git a/test_legacy/module/Entra/Entra.Tests.ps1 b/test_legacy/module/Entra/Entra.Tests.ps1 new file mode 100644 index 0000000000..e2b5d9d70a --- /dev/null +++ b/test_legacy/module/Entra/Entra.Tests.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +if($null -eq (Get-Module -Name Microsoft.Graph.Entra)){ + Import-Module .\bin\Microsoft.Graph.Entra.psd1 -Force +} + +Import-Module Pester + +$psmPath = (Get-Module Microsoft.Graph.Entra).Path +$testReportPath = join-path $psscriptroot "..\..\..\TestReport\Entra" +$mockScriptsPath = join-path $psscriptroot "..\..\..\test_legacy\module\Entra\*.Tests.ps1" + +$testOutputFile = "$testReportPath\TestResults.xml" +if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} + +$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "Entra.Tests.ps1" | ForEach-Object { $_.FullName } + +$config = New-PesterConfiguration +$config.Run.Path = $mockScripts +$config.Run.PassThru = $true +$config.Run.Exit = $true +$config.CodeCoverage.Enabled = $true +$config.CodeCoverage.CoveragePercentTarget = 100 +$config.CodeCoverage.Path = $psmPath +$config.TestResult.Enabled = $true +$config.TestResult.OutputPath = $testOutputFile +$config.Output.Verbosity = "Detailed" + +Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test_legacy/module/Entra/EntraCmdletsMap.ps1 b/test_legacy/module/Entra/EntraCmdletsMap.ps1 new file mode 100644 index 0000000000..d83a5ca5b7 --- /dev/null +++ b/test_legacy/module/Entra/EntraCmdletsMap.ps1 @@ -0,0 +1,413 @@ +$cmdlets = @( + @{ + SourceName = "Remove-EntraAdministrativeUnit"; + TargetName = "Remove-MgDirectoryAdministrativeUnit"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraDeletedDirectoryObject"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Remove-EntraGroup"; + TargetName = "Remove-MgGroup"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraGroupLifecyclePolicy"; + TargetName = "Remove-MgGroupLifecyclePolicy"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraIdentityProvider"; + TargetName = "Remove-MgIdentityProvider"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraPermissionGrantPolicy"; + TargetName = "Remove-MgPolicyPermissionGrantPolicy"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraRoleAssignment"; + TargetName = "Remove-MgRoleManagementDirectoryRoleAssignment" + IsApi = $false + }, + @{ + SourceName = "Remove-EntraRoleDefinition"; + TargetName = "Remove-MgRoleManagementDirectoryRoleDefinition"; + IsApi = $false + }, + # @{ + # SourceName = "Remove-EntraApplication"; + # TargetName = "Remove-MgApplication"; + # IsApi = $false + # }, + @{ + SourceName = "Remove-EntraContact"; + TargetName = "Remove-MgContact"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraDeletedApplication"; + TargetName = "Remove-MgDirectoryDeletedItem"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraDevice"; + TargetName = "Remove-MgDevice"; + IsApi = $false + }, + # @{ + # SourceName = "Remove-EntraGroup"; + # TargetName = "Remove-MgGroup"; + # IsApi = $false + # }, + @{ + SourceName = "Remove-EntraApplication"; + TargetName = "Remove-MgApplication"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraApplicationKey"; + TargetName = "Remove-MgApplicationKey"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraApplicationPassword"; + TargetName = "Remove-MgApplicationPassword"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraOAuth2PermissionGrant"; + TargetName = "Remove-MgOAuth2PermissionGrant"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraServicePrincipal"; + TargetName = "Remove-MgServicePrincipal"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraUser"; + TargetName = "Remove-MgUser"; + IsApi = $false + }, + @{ + SourceName = "Remove-EntraUserManager"; + TargetName = "Remove-MgUserManagerByRef"; + IsApi = $false + } +) + +$cmdlets2 = @( + @{ + SourceName = "Get-EntraApplication"; + TargetName = "Get-MgApplication"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraApplicationExtensionProperty"; + TargetName = "Get-MgApplicationExtensionProperty"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraApplicationKeyCredential"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraApplicationLogo"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraApplicationOwner"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraApplicationPasswordCredential"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraApplicationServiceEndpoint"; + TargetName = "Get-MgServicePrincipalEndpoint"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraContact"; + TargetName = "Get-MgContact"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraContactDirectReport"; + TargetName = "Get-MgContactDirectReport"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraContactManager"; + TargetName = "Get-MgContactManager"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraContactMembership"; + TargetName = "Get-MgContactMemberOf"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraContract"; + TargetName = "Get-MgContract"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraDevice"; + TargetName = "Get-MgDevice"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraDeviceRegisteredOwner"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraDeviceRegisteredUser"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraDirectoryRole"; + TargetName = "Get-MgDirectoryRole"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraDirectoryRoleMember"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraGroup"; + TargetName = "Get-MgGroup"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraGroupAppRoleAssignment"; + TargetName = "Get-MgGroupAppRoleAssignment"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraGroupMember"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraGroupOwner"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraServiceAppRoleAssignedTo"; + TargetName = "Get-MgServicePrincipalAppRoleAssignment"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServiceAppRoleAssignment"; + TargetName = "Get-MgServicePrincipalAppRoleAssignedTo"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipal"; + TargetName = "Get-MgServicePrincipal"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalCreatedObject"; + TargetName = "Get-MgServicePrincipalCreatedObject"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalKeyCredential"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraServicePrincipalMembership"; + TargetName = "Get-MgServicePrincipalTransitiveMemberOf"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalOAuth2PermissionGrant"; + TargetName = "Get-MgServicePrincipalOauth2PermissionGrant"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalOwnedObject"; + TargetName = "Get-MgServicePrincipalOwnedObject"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalOwner"; + TargetName = "Get-MgServicePrincipalOwner"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraServicePrincipalPasswordCredential"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraSubscribedSku"; + TargetName = "Get-MgSubscribedSku"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUser"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraUserAppRoleAssignment"; + TargetName = "Get-MgUserAppRoleAssignment"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserCreatedObject"; + TargetName = "Get-MgUserCreatedObject"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserDirectReport"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraUserExtension"; + TargetName = "Get-MgUserExtension"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserLicenseDetail"; + TargetName = "Get-MgUserLicenseDetail"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserManager"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraUserMembership"; + TargetName = "Get-MgUserMemberOf"; + IsApi = $true + }, + @{ + SourceName = "Get-EntraUserOAuth2PermissionGrant"; + TargetName = "Get-MgUserOAuth2PermissionGrant"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserOwnedDevice"; + TargetName = "Get-MgUserOwnedDevice"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserOwnedObject"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraUserRegisteredDevice"; + TargetName = "Get-MgUserRegisteredDevice"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraUserThumbnailPhoto"; + TargetName = "Get-MgUserPhoto"; + IsApi = $false + } +) +$cmdlets3 = @( + @{ + SourceName = "Get-EntraAdministrativeUnit"; + TargetName = "Get-MgDirectoryAdministrativeUnit"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraAdministrativeUnitMember"; + TargetName = "Get-MgDirectoryAdministrativeUnitMember"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraAttributeSet"; + TargetName = ""; + IsApi = $true + } + , + @{ + SourceName = "Get-EntraDeletedDirectoryObject"; + TargetName = "Get-MgDirectoryDeletedItem"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraDeletedGroup"; + TargetName = "Get-MgDirectoryDeletedItemAsGroup"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraGroupLifecyclePolicy"; + TargetName = "Get-MgGroupLifecyclePolicy"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraGroupPermissionGrant"; + TargetName = "Get-MgGroupPermissionGrant"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraIdentityProvider"; + TargetName = "Get-MgIdentityProvider"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraLifecyclePolicyGroup"; + TargetName = "Get-MgGroupLifecyclePolicyByGroup"; + IsApi = $false + }, + # @{ + # SourceName = "Get-EntraPermissionGrantConditionSet"; + # TargetName = "Get-MgPolicyPermissionGrantPolicyInclude"; + # IsApi = $false + # }, + @{ + SourceName = "Get-EntraPermissionGrantPolicy"; + TargetName = "Get-MgPolicyPermissionGrantPolicy"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraPolicy"; + TargetName = ""; + IsApi = $true + }, + @{ + SourceName = "Get-EntraRoleAssignment"; + TargetName = "Get-MgRoleManagementDirectoryRoleAssignment"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraRoleDefinition"; + TargetName = "Get-MgRoleManagementDirectoryRoleDefinition"; + IsApi = $false + }, + @{ + SourceName = "Get-EntraScopedRoleMembership"; + TargetName = "Get-MgDirectoryAdministrativeUnitScopedRoleMember"; + IsApi = $false + } + # @{ + # SourceName = "Get-EntraServicePrincipalDelegatedPermissionClassification"; + # TargetName = "Get-MgServicePrincipalDelegatedPermissionClassification"; + # IsApi = $false + # } +) \ No newline at end of file diff --git a/test/module/Entra/General.Tests.ps1 b/test_legacy/module/Entra/General.Tests.ps1 similarity index 100% rename from test/module/Entra/General.Tests.ps1 rename to test_legacy/module/Entra/General.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAccountSku.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAccountSku.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAccountSku.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAccountSku.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAdministrativeUnit.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAdministrativeUnit.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAdministrativeUnit.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplication.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplication.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplication.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationExtensionProperty.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationExtensionProperty.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationExtensionProperty.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationExtensionProperty.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationKeyCredential.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationKeyCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationKeyCredential.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationKeyCredential.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationLogo.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationLogo.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationLogo.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationLogo.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationModule.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationModule.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationModule.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationModule.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationOwner.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationOwner.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationOwner.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/Get-EntraApplicationTemplate.Tests.ps1 b/test_legacy/module/Entra/Get-EntraApplicationTemplate.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraApplicationTemplate.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraApplicationTemplate.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAttributeSet.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAttributeSet.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAttributeSet.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAttributeSet.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAuditDirectoryLog.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAuditDirectoryLog.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAuditDirectoryLog.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAuditDirectoryLog.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAuditSignInLog.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAuditSignInLog.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAuditSignInLog.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAuditSignInLog.Tests.ps1 diff --git a/test/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraAuthorizationPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraConditionalAccessPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraConditionalAccessPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraConditionalAccessPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraConditionalAccessPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraContact.Tests.ps1 b/test_legacy/module/Entra/Get-EntraContact.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraContact.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraContact.Tests.ps1 diff --git a/test/module/Entra/Get-EntraContactMembership.Tests.ps1 b/test_legacy/module/Entra/Get-EntraContactMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraContactMembership.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraContactMembership.Tests.ps1 diff --git a/test/module/Entra/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/Entra/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDeletedApplication.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDeletedApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDeletedApplication.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDeletedApplication.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDeletedDirectoryObject.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDeletedDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDeletedDirectoryObject.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDeletedDirectoryObject.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDeletedGroup.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDeletedGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDeletedGroup.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDeletedGroup.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDevice.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDevice.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDevice.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDevice.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDeviceRegisteredOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDeviceRegisteredOwner.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDeviceRegisteredOwner.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDeviceRegisteredUser.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDeviceRegisteredUser.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDeviceRegisteredUser.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirSyncConfiguration.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirSyncConfiguration.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirSyncConfiguration.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirSyncConfiguration.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirSyncFeatures.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirSyncFeatures.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirSyncFeatures.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirSyncFeatures.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryObjectOnPremisesProvisioningError.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryRole.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryRole.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryRole.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryRole.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryRoleDefinition.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryRoleDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryRoleDefinition.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryRoleDefinition.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryRoleMember.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryRoleMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryRoleMember.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryRoleMember.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDirectoryRoleTemplate.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDirectoryRoleTemplate.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDirectoryRoleTemplate.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDirectoryRoleTemplate.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDomain.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDomain.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDomain.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDomain.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDomainFederationSettings.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDomainFederationSettings.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDomainFederationSettings.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDomainFederationSettings.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDomainNameReference.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDomainNameReference.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDomainNameReference.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDomainNameReference.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDomainServiceConfigurationRecord.Tests.ps1 diff --git a/test/module/Entra/Get-EntraDomainVerificationDnsRecord.Tests.ps1 b/test_legacy/module/Entra/Get-EntraDomainVerificationDnsRecord.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraDomainVerificationDnsRecord.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraDomainVerificationDnsRecord.Tests.ps1 diff --git a/test/module/Entra/Get-EntraFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraFederationProperty.Tests.ps1 b/test_legacy/module/Entra/Get-EntraFederationProperty.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraFederationProperty.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraFederationProperty.Tests.ps1 diff --git a/test/module/Entra/Get-EntraGroup.Tests.ps1 b/test_legacy/module/Entra/Get-EntraGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraGroup.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraGroup.Tests.ps1 diff --git a/test/module/Entra/Get-EntraGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Get-EntraGroupAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraGroupAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraGroupAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Get-EntraGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraGroupMember.Tests.ps1 b/test_legacy/module/Entra/Get-EntraGroupMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraGroupMember.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraGroupMember.Tests.ps1 diff --git a/test/module/Entra/Get-EntraGroupOwner.Tests.ps1 b/test_legacy/module/Entra/Get-EntraGroupOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraGroupOwner.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraGroupOwner.Tests.ps1 diff --git a/test/module/Entra/Get-EntraIdentityProvider.Tests.ps1 b/test_legacy/module/Entra/Get-EntraIdentityProvider.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraIdentityProvider.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraIdentityProvider.Tests.ps1 diff --git a/test/module/Entra/Get-EntraLifecyclePolicyGroup.Tests.ps1 b/test_legacy/module/Entra/Get-EntraLifecyclePolicyGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraLifecyclePolicyGroup.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraLifecyclePolicyGroup.Tests.ps1 diff --git a/test/module/Entra/Get-EntraOAuth2PermissionGrant.Tests.ps1 b/test_legacy/module/Entra/Get-EntraOAuth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraOAuth2PermissionGrant.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraOAuth2PermissionGrant.Tests.ps1 diff --git a/test/module/Entra/Get-EntraObjectByObjectId.Tests.ps1 b/test_legacy/module/Entra/Get-EntraObjectByObjectId.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraObjectByObjectId.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraObjectByObjectId.Tests.ps1 diff --git a/test/module/Entra/Get-EntraObjectSetting.Tests.ps1 b/test_legacy/module/Entra/Get-EntraObjectSetting.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraObjectSetting.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraObjectSetting.Tests.ps1 diff --git a/test/module/Entra/Get-EntraPasswordPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraPasswordPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraPasswordPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraPasswordPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraPermissionGrantConditionSet.Tests.ps1 b/test_legacy/module/Entra/Get-EntraPermissionGrantConditionSet.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraPermissionGrantConditionSet.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraPermissionGrantConditionSet.Tests.ps1 diff --git a/test/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraPermissionGrantPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraPolicy.Tests.ps1 b/test_legacy/module/Entra/Get-EntraPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraPolicy.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraPolicy.Tests.ps1 diff --git a/test/module/Entra/Get-EntraScopedRoleMembership.Tests.ps1 b/test_legacy/module/Entra/Get-EntraScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraScopedRoleMembership.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraScopedRoleMembership.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipal.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipal.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipal.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalAppRoleAssignedTo.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalKeyCredential.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalKeyCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalKeyCredential.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalKeyCredential.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalMembership.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalMembership.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalMembership.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalOAuth2PermissionGrant.tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalOwnedObject.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalOwnedObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalOwnedObject.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalOwnedObject.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalOwner.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalOwner.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalOwner.Tests.ps1 diff --git a/test/module/Entra/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraServicePrincipalPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/Get-EntraSubscribedSku.Tests.ps1 b/test_legacy/module/Entra/Get-EntraSubscribedSku.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraSubscribedSku.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraSubscribedSku.Tests.ps1 diff --git a/test/module/Entra/Get-EntraTenantDetail.Tests.ps1 b/test_legacy/module/Entra/Get-EntraTenantDetail.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraTenantDetail.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraTenantDetail.Tests.ps1 diff --git a/test/module/Entra/Get-EntraTrustedCertificateAuthority.Tests.ps1 b/test_legacy/module/Entra/Get-EntraTrustedCertificateAuthority.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraTrustedCertificateAuthority.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraTrustedCertificateAuthority.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUser.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUser.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUser.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUser.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserAuthenticationMethod.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserAuthenticationMethod.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserAuthenticationMethod.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserAuthenticationMethod.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserCreatedObject.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserCreatedObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserCreatedObject.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserCreatedObject.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserDirectReport.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserDirectReport.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserDirectReport.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserDirectReport.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserExtension.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserExtension.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserExtension.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserExtension.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserLicenseDetail.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserLicenseDetail.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserLicenseDetail.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserLicenseDetail.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserManager.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserManager.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserManager.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserManager.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserMembership.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserMembership.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserMembership.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserOAuth2PermissionGrant.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserOwnedDevice.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserOwnedDevice.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserOwnedDevice.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserOwnedDevice.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserOwnedObject.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserOwnedObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserOwnedObject.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserOwnedObject.Tests.ps1 diff --git a/test/module/Entra/Get-EntraUserRegisteredDevice.Tests.ps1 b/test_legacy/module/Entra/Get-EntraUserRegisteredDevice.Tests.ps1 similarity index 100% rename from test/module/Entra/Get-EntraUserRegisteredDevice.Tests.ps1 rename to test_legacy/module/Entra/Get-EntraUserRegisteredDevice.Tests.ps1 diff --git a/test/module/Entra/Invalid.Tests.ps1 b/test_legacy/module/Entra/Invalid.Tests.ps1 similarity index 100% rename from test/module/Entra/Invalid.Tests.ps1 rename to test_legacy/module/Entra/Invalid.Tests.ps1 diff --git a/test/module/Entra/Module.Tests.ps1 b/test_legacy/module/Entra/Module.Tests.ps1 similarity index 100% rename from test/module/Entra/Module.Tests.ps1 rename to test_legacy/module/Entra/Module.Tests.ps1 diff --git a/test/module/Entra/New-EntraAdministrativeUnit.Tests.ps1 b/test_legacy/module/Entra/New-EntraAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraAdministrativeUnit.Tests.ps1 rename to test_legacy/module/Entra/New-EntraAdministrativeUnit.Tests.ps1 diff --git a/test/module/Entra/New-EntraApplication.Tests.ps1 b/test_legacy/module/Entra/New-EntraApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraApplication.Tests.ps1 rename to test_legacy/module/Entra/New-EntraApplication.Tests.ps1 diff --git a/test/module/Entra/New-EntraApplicationExtensionProperty.Tests.ps1 b/test_legacy/module/Entra/New-EntraApplicationExtensionProperty.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraApplicationExtensionProperty.Tests.ps1 rename to test_legacy/module/Entra/New-EntraApplicationExtensionProperty.Tests.ps1 diff --git a/test/module/Entra/New-EntraApplicationFromApplicationTemplate.Tests.ps1 b/test_legacy/module/Entra/New-EntraApplicationFromApplicationTemplate.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraApplicationFromApplicationTemplate.Tests.ps1 rename to test_legacy/module/Entra/New-EntraApplicationFromApplicationTemplate.Tests.ps1 diff --git a/test/module/Entra/New-EntraApplicationPassword.Tests.ps1 b/test_legacy/module/Entra/New-EntraApplicationPassword.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraApplicationPassword.Tests.ps1 rename to test_legacy/module/Entra/New-EntraApplicationPassword.Tests.ps1 diff --git a/test/module/Entra/New-EntraApplicationPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/New-EntraApplicationPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraApplicationPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/New-EntraApplicationPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/New-EntraAttributeSet.Tests.ps1 b/test_legacy/module/Entra/New-EntraAttributeSet.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraAttributeSet.Tests.ps1 rename to test_legacy/module/Entra/New-EntraAttributeSet.Tests.ps1 diff --git a/test/module/Entra/New-EntraConditionalAccessPolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraConditionalAccessPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraConditionalAccessPolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraConditionalAccessPolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/Entra/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/Entra/New-EntraCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/Entra/New-EntraDirectoryRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/New-EntraDirectoryRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraDirectoryRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/New-EntraDirectoryRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/New-EntraDirectoryRoleDefinition.Tests.ps1 b/test_legacy/module/Entra/New-EntraDirectoryRoleDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraDirectoryRoleDefinition.Tests.ps1 rename to test_legacy/module/Entra/New-EntraDirectoryRoleDefinition.Tests.ps1 diff --git a/test/module/Entra/New-EntraDomain.Tests.ps1 b/test_legacy/module/Entra/New-EntraDomain.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraDomain.Tests.ps1 rename to test_legacy/module/Entra/New-EntraDomain.Tests.ps1 diff --git a/test/module/Entra/New-EntraFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraGroup.Tests.ps1 b/test_legacy/module/Entra/New-EntraGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraGroup.Tests.ps1 rename to test_legacy/module/Entra/New-EntraGroup.Tests.ps1 diff --git a/test/module/Entra/New-EntraGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/New-EntraGroupAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraGroupAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/New-EntraGroupAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraIdentityProvider.Tests.ps1 b/test_legacy/module/Entra/New-EntraIdentityProvider.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraIdentityProvider.Tests.ps1 rename to test_legacy/module/Entra/New-EntraIdentityProvider.Tests.ps1 diff --git a/test/module/Entra/New-EntraInvitation.Tests.ps1 b/test_legacy/module/Entra/New-EntraInvitation.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraInvitation.Tests.ps1 rename to test_legacy/module/Entra/New-EntraInvitation.Tests.ps1 diff --git a/test/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraNamedLocationPolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraOauth2PermissionGrant.Tests.ps1 b/test_legacy/module/Entra/New-EntraOauth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraOauth2PermissionGrant.Tests.ps1 rename to test_legacy/module/Entra/New-EntraOauth2PermissionGrant.Tests.ps1 diff --git a/test/module/Entra/New-EntraPermissionGrantConditionSet.Tests.ps1 b/test_legacy/module/Entra/New-EntraPermissionGrantConditionSet.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraPermissionGrantConditionSet.Tests.ps1 rename to test_legacy/module/Entra/New-EntraPermissionGrantConditionSet.Tests.ps1 diff --git a/test/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraPermissionGrantPolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraPolicy.Tests.ps1 b/test_legacy/module/Entra/New-EntraPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraPolicy.Tests.ps1 rename to test_legacy/module/Entra/New-EntraPolicy.Tests.ps1 diff --git a/test/module/Entra/New-EntraServicePrincipal.Tests.ps1 b/test_legacy/module/Entra/New-EntraServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraServicePrincipal.Tests.ps1 rename to test_legacy/module/Entra/New-EntraServicePrincipal.Tests.ps1 diff --git a/test/module/Entra/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/New-EntraServicePrincipalAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/New-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/New-EntraServicePrincipalPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraServicePrincipalPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/New-EntraServicePrincipalPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/New-EntraTrustedCertificateAuthority.Tests.ps1 b/test_legacy/module/Entra/New-EntraTrustedCertificateAuthority.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraTrustedCertificateAuthority.Tests.ps1 rename to test_legacy/module/Entra/New-EntraTrustedCertificateAuthority.Tests.ps1 diff --git a/test/module/Entra/New-EntraUser.Tests.ps1 b/test_legacy/module/Entra/New-EntraUser.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraUser.Tests.ps1 rename to test_legacy/module/Entra/New-EntraUser.Tests.ps1 diff --git a/test/module/Entra/New-EntraUserAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/New-EntraUserAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/New-EntraUserAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/New-EntraUserAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraAdministrativeUnit.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraAdministrativeUnit.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraAdministrativeUnit.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraApplication.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraApplication.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraApplication.Tests.ps1 diff --git a/test_legacy/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 new file mode 100644 index 0000000000..2ff6c55dcb --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraApplicationExtensionProperty.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraApplicationExtensionProperty" { + Context "Test for Remove-EntraApplicationExtensionProperty" { + It "Should return empty object" { + $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraApplicationExtensionProperty -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when ApplicationId is empty" { + { Remove-EntraApplicationExtensionProperty -ApplicationId -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444"} | Should -Throw "Missing an argument for parameter 'ApplicationId'*" + } + It "Should fail when ApplicationId is invalid" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" } | Should -Throw "Cannot bind argument to parameter 'ApplicationId' because it is an empty string." + } + It "Should fail when ExtensionPropertyId is empty" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId } | Should -Throw "Missing an argument for parameter 'ExtensionPropertyId'*" + } + It "Should fail when ExtensionPropertyId is invalid" { + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "" } | Should -Throw "Cannot bind argument to parameter 'ExtensionPropertyId' because it is an empty string." + } + It "Should contain ApplicationId in parameters when passed ApplicationId to it" { + Mock -CommandName Remove-MgApplicationExtensionProperty -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + $params = Get-Parameters -data $result + $params.ApplicationId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" + + Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraApplicationExtensionProperty" + + Should -Invoke -CommandName Remove-MgApplicationExtensionProperty -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraApplicationExtensionProperty -ApplicationId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -ExtensionPropertyId "00001111-aaaa-2222-bbbb-3333cccc4444" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraApplicationOwner.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraApplicationOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraApplicationOwner.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraApplicationOwner.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraApplicationPassword.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraApplicationPassword.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraApplicationPassword.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraApplicationPassword.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraApplicationPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraApplicationPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraApplicationPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraApplicationPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDeletedApplication.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDeletedApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDeletedApplication.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDeletedApplication.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDeletedDirectoryObject.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDeletedDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDeletedDirectoryObject.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDeletedDirectoryObject.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDevice.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDevice.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDevice.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDevice.Tests.ps1 diff --git a/test_legacy/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..2fe3c1906e --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + #Import-Module .\bin\Microsoft.Graph.Entra.psm1 -Force + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraDeviceRegisteredOwner" { + Context "Test for Remove-EntraDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when OwnerId is empty" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } + } + It "Should fail when OwnerId is invalid" { + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" + + $result = Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredOwner" + + Should -Invoke -CommandName Remove-MgDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test_legacy/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..f51479316b --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,82 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + #Import-Module .\bin\Microsoft.Graph.Entra.psm1 -Force + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraDeviceRegisteredUser" { + Context "Test for Remove-EntraDeviceRegisteredUser" { + It "Should return empty object" { + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when UserId is empty" { + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } + } + It "Should fail when UserId is invalid" { + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" + + Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraDeviceRegisteredUser" + + Should -Invoke -CommandName Remove-MgDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraDirectoryRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDirectoryRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDirectoryRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDirectoryRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDirectoryRoleDefinition.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDirectoryRoleDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDirectoryRoleDefinition.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDirectoryRoleDefinition.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDirectoryRoleMember.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDirectoryRoleMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDirectoryRoleMember.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDirectoryRoleMember.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraDomain.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraDomain.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraDomain.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraDomain.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraFeatureRolloutPolicyDirectoryObject.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraGroup.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraGroup.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraGroup.Tests.ps1 diff --git a/test_legacy/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..975098981a --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraGroupAppRoleAssignment" { + Context "Test for Remove-EntraGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should return empty object with Alias" { + $result = Remove-EntraGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when GroupId is empty" { + { Remove-EntraGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Remove-EntraGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" + } + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" + + Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraGroupAppRoleAssignment" + + Should -Invoke -CommandName Remove-MgGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraGroupMember.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraGroupMember.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraGroupMember.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraGroupMember.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraGroupOwner.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraGroupOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraGroupOwner.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraGroupOwner.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraIdentityProvider.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraIdentityProvider.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraIdentityProvider.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraIdentityProvider.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraLifecyclePolicyGroup.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraLifecyclePolicyGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraLifecyclePolicyGroup.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraLifecyclePolicyGroup.Tests.ps1 diff --git a/test_legacy/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 new file mode 100644 index 0000000000..5a32484567 --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraNamedLocationPolicy.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraNamedLocationPolicy" { + Context "Test for Remove-EntraNamedLocationPolicy" { + It "Should return empty object" { + $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when PolicyId is empty" { + { Remove-EntraNamedLocationPolicy -PolicyId } | Should -Throw "Missing an argument for parameter 'PolicyId'*" + } + It "Should fail when PolicyId is invalid" { + { Remove-EntraNamedLocationPolicy -PolicyId "" } | Should -Throw "Cannot bind argument to parameter 'PolicyId' because it is an empty string*" + } + It "Should contain NamedLocationId in parameters when passed PolicyId to it" { + Mock -CommandName Remove-MgIdentityConditionalAccessNamedLocation -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + $params = Get-Parameters -data $result + $params.NamedLocationId | Should -Be "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" + + Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraNamedLocationPolicy" + + Should -Invoke -CommandName Remove-MgIdentityConditionalAccessNamedLocation -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraNamedLocationPolicy -PolicyId "1aaaaaa1-2bb2-3cc3-4dd4-5eeeeeeeeee5" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test_legacy/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 new file mode 100644 index 0000000000..38c1f5a61b --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraOAuth2PermissionGrant.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraGroupAppRoleAssignment" { + Context "Test for Remove-EntraGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when ObjectId is empty" { + { Remove-EntraOAuth2PermissionGrant -ObjectId } | Should -Throw "Missing an argument for parameter 'ObjectId'*" + } + It "Should fail when ObjectId is invalid" { + { Remove-EntraOAuth2PermissionGrant -ObjectId "" } | Should -Throw "Cannot bind argument to parameter 'ObjectId' because it is an empty string." + } + It "Should contain OAuth2PermissionGrantId in parameters when passed ObjectId to it" { + Mock -CommandName Remove-MgOAuth2PermissionGrant -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + $params = Get-Parameters -data $result + $params.OAuth2PermissionGrantId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" + + Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraOAuth2PermissionGrant" + + Should -Invoke -CommandName Remove-MgOAuth2PermissionGrant -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraOAuth2PermissionGrant -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraPermissionGrantConditionSet.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraPermissionGrantConditionSet.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraPermissionGrantConditionSet.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraPermissionGrantConditionSet.Tests.ps1 diff --git a/test_legacy/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 new file mode 100644 index 0000000000..2c5b7c0381 --- /dev/null +++ b/test_legacy/module/Entra/Remove-EntraPermissionGrantPolicy.Tests.ps1 @@ -0,0 +1,60 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Remove-EntraPermissionGrantPolicy" { + Context "Test for Remove-EntraPermissionGrantPolicy" { + It "Should return empty object" { + $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when Id is empty" { + { Remove-EntraPermissionGrantPolicy -Id } | Should -Throw "Missing an argument for parameter 'Id'*" + } + It "Should fail when Id is invalid" { + { Remove-EntraPermissionGrantPolicy -Id "" } | Should -Throw "Cannot bind argument to parameter 'Id' because it is an empty string*" + } + It "Should contain PermissionGrantPolicyId in parameters when passed Id to it" { + Mock -CommandName Remove-MgPolicyPermissionGrantPolicy -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $result = Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + $params = Get-Parameters -data $result + $params.PermissionGrantPolicyId | Should -Be "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" + + Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraPermissionGrantPolicy" + + Should -Invoke -CommandName Remove-MgPolicyPermissionGrantPolicy -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + {Remove-EntraPermissionGrantPolicy -Id "00aa00aa-bb11-cc22-dd33-44ee44ee44ee" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Remove-EntraPolicy.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraPolicy.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraPolicy.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraScopedRoleMembership.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraScopedRoleMembership.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraScopedRoleMembership.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraServicePrincipal.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraServicePrincipal.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraServicePrincipal.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraServicePrincipalAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraServicePrincipalDelegatedPermissionClassification.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraServicePrincipalOwner.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraServicePrincipalOwner.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraServicePrincipalOwner.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraServicePrincipalOwner.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraServicePrincipalPasswordCredential.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraTrustedCertificateAuthority.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraTrustedCertificateAuthority.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraTrustedCertificateAuthority.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraTrustedCertificateAuthority.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraUser.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraUser.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraUser.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraUser.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraUserAppRoleAssignment.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraUserAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraUserAppRoleAssignment.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraUserAppRoleAssignment.Tests.ps1 diff --git a/test/module/Entra/Remove-EntraUserManager.Tests.ps1 b/test_legacy/module/Entra/Remove-EntraUserManager.Tests.ps1 similarity index 100% rename from test/module/Entra/Remove-EntraUserManager.Tests.ps1 rename to test_legacy/module/Entra/Remove-EntraUserManager.Tests.ps1 diff --git a/test/module/Entra/Reset-EntraLifeCycleGroup.Tests.ps1 b/test_legacy/module/Entra/Reset-EntraLifeCycleGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Reset-EntraLifeCycleGroup.Tests.ps1 rename to test_legacy/module/Entra/Reset-EntraLifeCycleGroup.Tests.ps1 diff --git a/test/module/Entra/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 b/test_legacy/module/Entra/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 similarity index 100% rename from test/module/Entra/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 rename to test_legacy/module/Entra/Reset-EntraStrongAuthenticationMethodByUpn.Tests.ps1 diff --git a/test/module/Entra/Restore-EntraDeletedApplication.Tests.ps1 b/test_legacy/module/Entra/Restore-EntraDeletedApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Restore-EntraDeletedApplication.Tests.ps1 rename to test_legacy/module/Entra/Restore-EntraDeletedApplication.Tests.ps1 diff --git a/test/module/Entra/Restore-EntraDeletedDirectoryObject.Tests.ps1 b/test_legacy/module/Entra/Restore-EntraDeletedDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/Entra/Restore-EntraDeletedDirectoryObject.Tests.ps1 rename to test_legacy/module/Entra/Restore-EntraDeletedDirectoryObject.Tests.ps1 diff --git a/test/module/Entra/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 b/test_legacy/module/Entra/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 similarity index 100% rename from test/module/Entra/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 rename to test_legacy/module/Entra/Revoke-EntraSignedInUserAllRefreshToken.Tests.ps1 diff --git a/test/module/Entra/Revoke-EntraUserAllRefreshToken.Tests.ps1 b/test_legacy/module/Entra/Revoke-EntraUserAllRefreshToken.Tests.ps1 similarity index 100% rename from test/module/Entra/Revoke-EntraUserAllRefreshToken.Tests.ps1 rename to test_legacy/module/Entra/Revoke-EntraUserAllRefreshToken.Tests.ps1 diff --git a/test/module/Entra/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 b/test_legacy/module/Entra/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 similarity index 100% rename from test/module/Entra/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 rename to test_legacy/module/Entra/Select-EntraGroupIdsContactIsMemberOf.Tests.ps1 diff --git a/test/module/Entra/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 b/test_legacy/module/Entra/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 similarity index 100% rename from test/module/Entra/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 rename to test_legacy/module/Entra/Select-EntraGroupIdsGroupIsMemberOf.Tests.ps1 diff --git a/test/module/Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 b/test_legacy/module/Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 similarity index 100% rename from test/module/Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 rename to test_legacy/module/Entra/Select-EntraGroupIdsServicePrincipalIsMemberOf.Tests.ps1 diff --git a/test/module/Entra/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 b/test_legacy/module/Entra/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 similarity index 100% rename from test/module/Entra/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 rename to test_legacy/module/Entra/Select-EntraGroupIdsUserIsMemberOf.Tests.ps1 diff --git a/test/module/Entra/Set-EntraAdministrativeUnit.Tests.ps1 b/test_legacy/module/Entra/Set-EntraAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraAdministrativeUnit.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraAdministrativeUnit.Tests.ps1 diff --git a/test/module/Entra/Set-EntraApplication.Tests.ps1 b/test_legacy/module/Entra/Set-EntraApplication.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraApplication.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraApplication.Tests.ps1 diff --git a/test/module/Entra/Set-EntraApplicationLogo.Tests.ps1 b/test_legacy/module/Entra/Set-EntraApplicationLogo.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraApplicationLogo.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraApplicationLogo.Tests.ps1 diff --git a/test/module/Entra/Set-EntraAttributeSet.Tests.ps1 b/test_legacy/module/Entra/Set-EntraAttributeSet.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraAttributeSet.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraAttributeSet.Tests.ps1 diff --git a/test/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraAuthorizationPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraConditionalAccessPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraConditionalAccessPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraConditionalAccessPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraConditionalAccessPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/Entra/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDevice.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDevice.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDevice.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDevice.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDirSyncConfiguration.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDirSyncConfiguration.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDirSyncConfiguration.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDirSyncConfiguration.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDirSyncEnabled.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDirSyncEnabled.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDirSyncEnabled.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDirSyncEnabled.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDirSyncFeature.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDirSyncFeature.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDirSyncFeature.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDirSyncFeature.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDirectoryRoleDefinition.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDirectoryRoleDefinition.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDirectoryRoleDefinition.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDirectoryRoleDefinition.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDomain.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDomain.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDomain.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDomain.Tests.ps1 diff --git a/test/module/Entra/Set-EntraDomainFederationSettings.Tests.ps1 b/test_legacy/module/Entra/Set-EntraDomainFederationSettings.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraDomainFederationSettings.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraDomainFederationSettings.Tests.ps1 diff --git a/test/module/Entra/Set-EntraFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraGroup.Tests.ps1 b/test_legacy/module/Entra/Set-EntraGroup.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraGroup.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraGroup.Tests.ps1 diff --git a/test/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraNamedLocationPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraNamedLocationPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraNamedLocationPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraNamedLocationPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraPartnerInformation.Tests.ps1 b/test_legacy/module/Entra/Set-EntraPartnerInformation.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraPartnerInformation.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraPartnerInformation.Tests.ps1 diff --git a/test/module/Entra/Set-EntraPermissionGrantConditionSet.Tests.ps1 b/test_legacy/module/Entra/Set-EntraPermissionGrantConditionSet.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraPermissionGrantConditionSet.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraPermissionGrantConditionSet.Tests.ps1 diff --git a/test/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraPermissionGrantPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraPolicy.Tests.ps1 b/test_legacy/module/Entra/Set-EntraPolicy.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraPolicy.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraPolicy.Tests.ps1 diff --git a/test/module/Entra/Set-EntraServicePrincipal.Tests.ps1 b/test_legacy/module/Entra/Set-EntraServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraServicePrincipal.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraServicePrincipal.Tests.ps1 diff --git a/test/module/Entra/Set-EntraTenantDetail.Tests.ps1 b/test_legacy/module/Entra/Set-EntraTenantDetail.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraTenantDetail.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraTenantDetail.Tests.ps1 diff --git a/test/module/Entra/Set-EntraTrustedCertificateAuthority.Tests.ps1 b/test_legacy/module/Entra/Set-EntraTrustedCertificateAuthority.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraTrustedCertificateAuthority.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraTrustedCertificateAuthority.Tests.ps1 diff --git a/test/module/Entra/Set-EntraUser.Tests.ps1 b/test_legacy/module/Entra/Set-EntraUser.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraUser.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraUser.Tests.ps1 diff --git a/test/module/Entra/Set-EntraUserLicense.Tests.ps1 b/test_legacy/module/Entra/Set-EntraUserLicense.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraUserLicense.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraUserLicense.Tests.ps1 diff --git a/test/module/Entra/Set-EntraUserManager.Tests.ps1 b/test_legacy/module/Entra/Set-EntraUserManager.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraUserManager.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraUserManager.Tests.ps1 diff --git a/test_legacy/module/Entra/Set-EntraUserPassword.Tests.ps1 b/test_legacy/module/Entra/Set-EntraUserPassword.Tests.ps1 new file mode 100644 index 0000000000..13c4054758 --- /dev/null +++ b/test_legacy/module/Entra/Set-EntraUserPassword.Tests.ps1 @@ -0,0 +1,126 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + Mock -CommandName Update-MgUser -MockWith {} -ModuleName Microsoft.Graph.Entra +} + +Describe "Set-EntraUserPassword" { + Context "Test for Set-EntraUserPassword" { + It "Should return empty object" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when UserId is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId -Password $secPassword } | Should -Throw "Missing an argument for parameter 'UserId'*" + } + It "Should fail when UserId is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId "" -Password $secPassword } | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string*" + } + It "Should fail when Password is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password } | Should -Throw "Missing an argument for parameter 'Password'*" + } + It "Should fail when Password is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password "" } | Should -Throw "Cannot process argument transformation on parameter 'Password'*" + } + It "Should fail when ForceChangePasswordNextLogin is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin } | Should -Throw "Missing an argument for parameter 'ForceChangePasswordNextLogin'*" + } + It "Should fail when ForceChangePasswordNextLogin is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin xyz } | Should -Throw "Cannot process argument transformation on parameter 'ForceChangePasswordNextLogin'*" + } + It "Should fail when EnforceChangePasswordPolicy is empty" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy } | Should -Throw "Missing an argument for parameter 'EnforceChangePasswordPolicy'*" + } + It "Should fail when EnforceChangePasswordPolicy is invalid" { + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -EnforceChangePasswordPolicy xyz } | Should -Throw "Cannot process argument transformation on parameter 'EnforceChangePasswordPolicy'*" + } + It "Should contain ForceChangePasswordNextSignIn in parameters when passed ForceChangePasswordNextLogin to it" { + Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $params = Get-Parameters -data $result + $params.PasswordProfile.ForceChangePasswordNextSignIn | Should -Be $true + } + It "Should contain ForceChangePasswordNextSignInWithMfa in parameters when passed EnforceChangePasswordPolicy to it" { + Mock -CommandName Update-MgUser -MockWith {$args} -ModuleName Microsoft.Graph.Entra + + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $params = Get-Parameters -data $result + $params.PasswordProfile.ForceChangePasswordNextSignInWithMfa | Should -Be $true + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + $result = Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Set-EntraUserPassword" + Should -Invoke -CommandName Update-MgUser -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + $userUPN="mock106@M365x99297270.OnMicrosoft.com" + $newPassword="New@12345" + $secPassword = ConvertTo-SecureString $newPassword -AsPlainText -Force + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Set-EntraUserPassword -UserId $userUPN -Password $secPassword -ForceChangePasswordNextLogin $true -EnforceChangePasswordPolicy $true -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/Entra/Set-EntraUserThumbnailPhoto.Tests.ps1 b/test_legacy/module/Entra/Set-EntraUserThumbnailPhoto.Tests.ps1 similarity index 100% rename from test/module/Entra/Set-EntraUserThumbnailPhoto.Tests.ps1 rename to test_legacy/module/Entra/Set-EntraUserThumbnailPhoto.Tests.ps1 diff --git a/test/module/Entra/Update-EntraOauth2PermissionGrant.Tests.ps1 b/test_legacy/module/Entra/Update-EntraOauth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/Entra/Update-EntraOauth2PermissionGrant.Tests.ps1 rename to test_legacy/module/Entra/Update-EntraOauth2PermissionGrant.Tests.ps1 diff --git a/test_legacy/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 b/test_legacy/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 new file mode 100644 index 0000000000..0b35b6ac3b --- /dev/null +++ b/test_legacy/module/Entra/Update-EntraSignedInUserPassword.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll{ + if((Get-Module -Name Microsoft.Graph.Entra) -eq $null){ + Import-Module Microsoft.Graph.Entra + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Graph.Entra + + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force +} +Describe "Tests for Update-EntraSignedInUserPassword"{ + Context "Test for Update-EntraSignedInUserPassword" { + It "should return empty object"{ + $result = Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra -Times 1 + } + It "Should fail when CurrentPassword is null" { + { Update-EntraSignedInUserPassword -CurrentPassword } | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" + } + It "Should fail when CurrentPassword is empty" { + { Update-EntraSignedInUserPassword -CurrentPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" + } + It "Should fail when NewPassword is null" { + { Update-EntraSignedInUserPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" + } + It "Should fail when NewPassword is empty" { + { Update-EntraSignedInUserPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" + + Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraSignedInUserPassword" + + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { + Update-EntraSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug + } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + + } +} diff --git a/test/module/Entra/Update-EntraUserFromFederated.Tests.ps1 b/test_legacy/module/Entra/Update-EntraUserFromFederated.Tests.ps1 similarity index 100% rename from test/module/Entra/Update-EntraUserFromFederated.Tests.ps1 rename to test_legacy/module/Entra/Update-EntraUserFromFederated.Tests.ps1 diff --git a/test/module/Entra/Valid.Tests.ps1 b/test_legacy/module/Entra/Valid.Tests.ps1 similarity index 100% rename from test/module/Entra/Valid.Tests.ps1 rename to test_legacy/module/Entra/Valid.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaApplicationPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaApplicationPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaApplicationPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaApplicationPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaDeviceRegisteredOwner.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaDeviceRegisteredUser.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaGroupMember.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaGroupMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaGroupMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaGroupMember.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaGroupOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaGroupOwner.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaGroupOwner.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaGroupOwner.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaScopedRoleMembership.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaScopedRoleMembership.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaScopedRoleMembership.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetaServicePrincipalPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/EntraBeta/Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/EntraBeta/Add-EntraBetacustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/EntraBeta/AddtionalFunctions.Tests.ps1 b/test_legacy/module/EntraBeta/AddtionalFunctions.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/AddtionalFunctions.Tests.ps1 rename to test_legacy/module/EntraBeta/AddtionalFunctions.Tests.ps1 diff --git a/test/module/EntraBeta/Confirm-EntraBetaDomain.Tests.ps1 b/test_legacy/module/EntraBeta/Confirm-EntraBetaDomain.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Confirm-EntraBetaDomain.Tests.ps1 rename to test_legacy/module/EntraBeta/Confirm-EntraBetaDomain.Tests.ps1 diff --git a/test/module/EntraBeta/Customizations.Tests.ps1 b/test_legacy/module/EntraBeta/Customizations.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Customizations.Tests.ps1 rename to test_legacy/module/EntraBeta/Customizations.Tests.ps1 diff --git a/test_legacy/module/EntraBeta/EntraBeta.Tests.ps1 b/test_legacy/module/EntraBeta/EntraBeta.Tests.ps1 new file mode 100644 index 0000000000..c01aa088cc --- /dev/null +++ b/test_legacy/module/EntraBeta/EntraBeta.Tests.ps1 @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +if($null -eq (Get-Module -Name Microsoft.Graph.Entra.Beta)){ + Import-Module Microsoft.Graph.Entra.Beta +} + +Import-Module Pester + +$psmPath = (Get-Module Microsoft.Graph.Entra.Beta).Path +$testReportPath = join-path $psscriptroot "..\..\..\TestReport\EntraBeta" +$mockScriptsPath = join-path $psscriptroot "..\..\..\test_legacy\module\EntraBeta\*.Tests.ps1" + +$testOutputFile = "$testReportPath\TestResults.xml" +if (!(test-path -path $testReportPath)) {new-item -path $testReportPath -itemtype directory} + +$mockScripts = Get-ChildItem -Path $mockScriptsPath -Exclude "EntraBeta.Tests.ps1" | ForEach-Object { $_.FullName } + +$config = New-PesterConfiguration +$config.Run.Path = $mockScripts +$config.Run.PassThru = $true +$config.Run.Exit = $true +$config.CodeCoverage.Enabled = $false +$config.CodeCoverage.CoveragePercentTarget = 100 +$config.CodeCoverage.Path = $psmPath +$config.TestResult.Enabled = $true +$config.TestResult.OutputPath = $testOutputFile +$config.Output.Verbosity = "Detailed" + +Invoke-Pester -Configuration $config \ No newline at end of file diff --git a/test/module/EntraBeta/General.Tests.ps1 b/test_legacy/module/EntraBeta/General.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/General.Tests.ps1 rename to test_legacy/module/EntraBeta/General.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAccountSku.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAccountSku.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAccountSku.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAccountSku.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAdministrativeUnit.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAdministrativeUnit.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAdministrativeUnit.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplication.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplication.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplication.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplication.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationLogo.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationLogo.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationLogo.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationLogo.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationPasswordCredential.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationSignInDetailedSummary.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationSignInSummary.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationSignInSummary.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationSignInSummary.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationSignInSummary.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaApplicationTemplate.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaApplicationTemplate.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaApplicationTemplate.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaApplicationTemplate.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAttributeSet.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAttributeSet.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAttributeSet.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAttributeSet.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAuditDirectoryLog.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAuditDirectoryLog.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAuditDirectoryLog.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAuditDirectoryLog.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaAuditSignInLog.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaAuditSignInLog.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaAuditSignInLog.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaAuditSignInLog.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDeletedGroup.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDeletedGroup.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDeletedGroup.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDeletedGroup.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDevice.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDevice.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDevice.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDevice.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDeviceRegisteredOwner.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDeviceRegisteredUser.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDirSyncConfiguration.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDirSyncConfiguration.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDirSyncConfiguration.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDirSyncConfiguration.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDirSyncFeature.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDirSyncFeature.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDirSyncFeature.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDirSyncFeature.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDirectoryObjectOnPremisesProvisioningError.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDirectorySetting.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDirectorySetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDirectorySetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDirectorySetting.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDirectorySettingTemplate.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaDomainFederationSettings.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaDomainFederationSettings.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaDomainFederationSettings.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaDomainFederationSettings.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaFederationProperty.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaFederationProperty.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaFederationProperty.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaFederationProperty.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaGroup.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaGroup.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaGroup.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaGroup.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaGroupAppRoleAssignment.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaGroupMember.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaGroupMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaGroupMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaGroupMember.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaGroupOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaGroupOwner.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaGroupOwner.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaGroupOwner.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaObjectSetting.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaObjectSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaObjectSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaObjectSetting.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPasswordPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPasswordPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPasswordPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPasswordPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPermissionGrantPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPolicyAppliedObject.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPolicyAppliedObject.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPolicyAppliedObject.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPolicyAppliedObject.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPrivilegedResource.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedResource.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPrivilegedResource.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedResource.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedRoleDefinition.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaPrivilegedRoleSetting.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaScopedRoleMembership.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaScopedRoleMembership.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaScopedRoleMembership.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaServicePrincipal.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaServicePrincipal.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipal.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipalOwnedObject.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaServicePrincipalPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUser.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUser.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUser.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserAuthenticationMethod.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserAuthenticationMethod.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserAuthenticationMethod.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserAuthenticationMethod.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserAuthenticationRequirement.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserAuthenticationRequirement.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserAuthenticationRequirement.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserAuthenticationRequirement.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserExtension.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserExtension.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserExtension.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserExtension.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserLicenseDetail.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserLicenseDetail.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserLicenseDetail.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserLicenseDetail.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserManager.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserManager.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserManager.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserManager.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserMembership.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserMembership.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserMembership.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserMembership.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserOwnedDevice.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserOwnedDevice.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserOwnedDevice.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserOwnedDevice.Tests.ps1 diff --git a/test/module/EntraBeta/Get-EntraBetaUserRegisteredDevice.Tests.ps1 b/test_legacy/module/EntraBeta/Get-EntraBetaUserRegisteredDevice.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Get-EntraBetaUserRegisteredDevice.Tests.ps1 rename to test_legacy/module/EntraBeta/Get-EntraBetaUserRegisteredDevice.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaAdministrativeUnit.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaAdministrativeUnit.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaAdministrativeUnit.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaApplication.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaApplication.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaApplication.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaApplication.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaAttributeSet.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaAttributeSet.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaAttributeSet.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaAttributeSet.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaDirectorySetting.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaDirectorySetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaDirectorySetting.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaDirectorySetting.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaGroup.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaGroup.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaGroup.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaGroup.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaGroupAppRoleAssignment.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaOauth2PermissionGrant.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaOauth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaOauth2PermissionGrant.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaOauth2PermissionGrant.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaObjectSetting.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaObjectSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaObjectSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaObjectSetting.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 diff --git a/test/module/EntraBeta/New-EntraBetaUser.Tests.ps1 b/test_legacy/module/EntraBeta/New-EntraBetaUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/New-EntraBetaUser.Tests.ps1 rename to test_legacy/module/EntraBeta/New-EntraBetaUser.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaAdministrativeUnit.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaAdministrativeUnit.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaAdministrativeUnit.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaAdministrativeUnitMember.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaApplication.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaApplication.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaApplication.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaApplication.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaApplicationPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaApplicationPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaApplicationPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaApplicationPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaDevice.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaDevice.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaDevice.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaDevice.Tests.ps1 diff --git a/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 new file mode 100644 index 0000000000..adb4445832 --- /dev/null +++ b/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredOwner.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ + Import-Module Microsoft.Graph.Entra.Beta + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta +} + +Describe "Remove-EntraBetaDeviceRegisteredOwner" { + Context "Test for Remove-EntraBetaDeviceRegisteredOwner" { + It "Should return empty object" { + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaDeviceRegisteredOwner -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when OwnerId is empty" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId | Should -Throw "Missing an argument for parameter 'OwnerId'*" } + } + It "Should fail when OwnerId is invalid" { + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "" | Should -Throw "Cannot bind argument to parameter 'OwnerId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed OwnerId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" + + $result = Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredOwner" + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredOwnerByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDeviceRegisteredOwner -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -OwnerId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 new file mode 100644 index 0000000000..732f52617d --- /dev/null +++ b/test_legacy/module/EntraBeta/Remove-EntraBetaDeviceRegisteredUser.Tests.ps1 @@ -0,0 +1,81 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ + Import-Module Microsoft.Graph.Entra.Beta + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta +} + +Describe "Remove-EntraBetaDeviceRegisteredUser" { + Context "Test for Remove-EntraBetaDeviceRegisteredUser" { + It "Should return empty object" { + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should execute successfully with Alias" { + $result = Remove-EntraBetaDeviceRegisteredUser -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should fail when DeviceId is empty" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Missing an argument for parameter 'DeviceId'*" } + } + It "Should fail when DeviceId is invalid" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" | Should -Throw "Cannot bind argument to parameter 'DeviceId' because it is an empty string.*" } + } + It "Should fail when UserId is empty" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId | Should -Throw "Missing an argument for parameter 'UserId'*" } + } + It "Should fail when UserId is invalid" { + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "" | Should -Throw "Cannot bind argument to parameter 'UserId' because it is an empty string.*" } + } + It "Should contain DeviceId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta + + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DeviceId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain DirectoryObjectId in parameters when passed UserId to it" { + Mock -CommandName Remove-MgBetaDeviceRegisteredUserByRef -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta + + $result = Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + $params = Get-Parameters -data $result + $params.DirectoryObjectId | Should -Be "bbbbbbbb-1111-2222-3333-cccccccccccc" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" + + Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" + + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaDeviceRegisteredUser" + + Should -Invoke -CommandName Remove-MgBetaDeviceRegisteredUserByRef -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error" { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaDeviceRegisteredUser -DeviceId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -UserId "bbbbbbbb-1111-2222-3333-cccccccccccc" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/EntraBeta/Remove-EntraBetaDirectorySetting.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaDirectorySetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaDirectorySetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaDirectorySetting.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaFeatureRolloutPolicyDirectoryObject.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaGroup.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaGroup.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaGroup.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaGroup.Tests.ps1 diff --git a/test_legacy/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 new file mode 100644 index 0000000000..dfbf768f05 --- /dev/null +++ b/test_legacy/module/EntraBeta/Remove-EntraBetaGroupAppRoleAssignment.Tests.ps1 @@ -0,0 +1,69 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ + Import-Module Microsoft.Graph.Entra.Beta + } + Import-Module .\test_legacy\module\Common-Functions.ps1 -Force + + Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta +} + +Describe "Remove-EntraBetaGroupAppRoleAssignment" { + Context "Test for Remove-EntraBetaGroupAppRoleAssignment" { + It "Should return empty object" { + $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should return empty object with Alias" { + $result = Remove-EntraBetaGroupAppRoleAssignment -ObjectId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $result | Should -BeNullOrEmpty + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + It "Should fail when GroupId is empty" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Missing an argument for parameter 'GroupId'*" + } + It "Should fail when GroupId is invalid" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" } | Should -Throw "Cannot bind argument to parameter 'GroupId' because it is an empty string." + } + It "Should fail when AppRoleAssignmentId is empty" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId } | Should -Throw "Missing an argument for parameter 'AppRoleAssignmentId'*" + } + It "Should fail when AppRoleAssignmentId is invalid" { + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "" } | Should -Throw "Cannot bind argument to parameter 'AppRoleAssignmentId' because it is an empty string." + } + It "Should contain GroupId in parameters when passed GroupId to it" { + Mock -CommandName Remove-MgBetaGroupAppRoleAssignment -MockWith {$args} -ModuleName Microsoft.Graph.Entra.Beta + + $result = Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + $params = Get-Parameters -data $result + $params.GroupId | Should -Be "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" + } + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Remove-EntraBetaGroupAppRoleAssignment" + Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" + + Should -Invoke -CommandName Remove-MgBetaGroupAppRoleAssignment -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + It "Should execute successfully without throwing an error " { + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Remove-EntraBetaGroupAppRoleAssignment -GroupId "aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb" -AppRoleAssignmentId "a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1" -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/EntraBeta/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaGroupMember.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaGroupMember.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaGroupMember.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaGroupMember.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaGroupOwner.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaGroupOwner.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaGroupOwner.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaGroupOwner.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaObjectSetting.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaObjectSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaObjectSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaObjectSetting.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaScopedRoleMembership.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaScopedRoleMembership.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaScopedRoleMembership.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaScopedRoleMembership.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaServicePrincipalPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaTrustFrameworkPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaUser.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaUser.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaUser.Tests.ps1 diff --git a/test/module/EntraBeta/Remove-EntraBetaUserManager.Tests.ps1 b/test_legacy/module/EntraBeta/Remove-EntraBetaUserManager.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Remove-EntraBetaUserManager.Tests.ps1 rename to test_legacy/module/EntraBeta/Remove-EntraBetaUserManager.Tests.ps1 diff --git a/test/module/EntraBeta/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 b/test_legacy/module/EntraBeta/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 rename to test_legacy/module/EntraBeta/Reset-EntraBetaStrongAuthenticationMethodByUpn.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaAdministrativeUnit.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaAdministrativeUnit.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaAdministrativeUnit.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaAdministrativeUnit.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaApplication.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaApplication.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaApplication.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaApplication.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaApplicationLogo.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaApplicationLogo.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaApplicationLogo.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaApplicationLogo.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaAttributeSet.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaAttributeSet.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaAttributeSet.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaAttributeSet.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinition.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaCustomSecurityAttributeDefinitionAllowedValue.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDevice.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDevice.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDevice.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDevice.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDirSyncConfiguration.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDirSyncConfiguration.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDirSyncConfiguration.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDirSyncConfiguration.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDirSyncEnabled.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDirSyncEnabled.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDirSyncEnabled.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDirSyncEnabled.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDirSyncFeature.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDirSyncFeature.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDirSyncFeature.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDirSyncFeature.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDirectorySetting.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDirectorySetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDirectorySetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDirectorySetting.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaDomainFederationSettings.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaDomainFederationSettings.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaDomainFederationSettings.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaDomainFederationSettings.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaFeatureRolloutPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaGroup.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaGroup.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaGroup.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaGroup.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaGroupLifecyclePolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaObjectSetting.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaObjectSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaObjectSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaObjectSetting.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaPartnerInformation.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaPartnerInformation.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaPartnerInformation.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaPartnerInformation.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaPasswordSingleSignOnCredential.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaPolicy.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaPolicy.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaPolicy.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaPolicy.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaPrivilegedRoleSetting.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaServicePrincipal.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaServicePrincipal.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaServicePrincipal.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaServicePrincipal.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaUser.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaUser.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaUser.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaUser.Tests.ps1 diff --git a/test/module/EntraBeta/Set-EntraBetaUserManager.Tests.ps1 b/test_legacy/module/EntraBeta/Set-EntraBetaUserManager.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Set-EntraBetaUserManager.Tests.ps1 rename to test_legacy/module/EntraBeta/Set-EntraBetaUserManager.Tests.ps1 diff --git a/test/module/EntraBeta/Update-EntraBetaOauth2PermissionGrant.Tests.ps1 b/test_legacy/module/EntraBeta/Update-EntraBetaOauth2PermissionGrant.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Update-EntraBetaOauth2PermissionGrant.Tests.ps1 rename to test_legacy/module/EntraBeta/Update-EntraBetaOauth2PermissionGrant.Tests.ps1 diff --git a/test_legacy/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 b/test_legacy/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 new file mode 100644 index 0000000000..3def6c7581 --- /dev/null +++ b/test_legacy/module/EntraBeta/Update-EntraBetaSignedInUserPassword.Tests.ps1 @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------ +# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +# ------------------------------------------------------------------------------ + +[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] +param() + +BeforeAll { + if((Get-Module -Name Microsoft.Graph.Entra.Beta) -eq $null){ + Import-Module Microsoft.Graph.Entra.Beta + } + Import-Module (Join-Path $psscriptroot "..\Common-Functions.ps1") -Force + + Mock -CommandName Invoke-GraphRequest -MockWith {} -ModuleName Microsoft.Graph.Entra.Beta +} + +Describe "Tests for Update-EntraBetaSignedInUserPassword"{ + Context "Test for Update-EntraBetaSignedInUserPassword" { + It "should updates the password for the signed-in user."{ + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra.Beta -Times 1 + } + + It "Should fail when CurrentPassword is null" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword -NewPassword $NewPassword} | Should -Throw "Missing an argument for parameter 'CurrentPassword'*" + } + + It "Should fail when CurrentPassword is empty" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword "" -NewPassword $NewPassword } | Should -Throw "Cannot process argument transformation on parameter 'CurrentPassword'*" + } + + It "Should fail when NewPassword is null" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword } | Should -Throw "Missing an argument for parameter 'NewPassword'*" + } + + It "Should fail when NewPassword is empty" { + { $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword "" } | Should -Throw "Cannot process argument transformation on parameter 'NewPassword'*" + } + + It "Should contain 'User-Agent' header" { + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + $result = Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword + $result | Should -BeNullOrEmpty + $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion Update-EntraBetaSignedInUserPassword" + Should -Invoke -CommandName Invoke-GraphRequest -ModuleName Microsoft.Graph.Entra.Beta -Times 1 -ParameterFilter { + $Headers.'User-Agent' | Should -Be $userAgentHeaderValue + $true + } + } + + It "Should execute successfully without throwing an error " { + $CurrentPassword = ConvertTo-SecureString 'test@123' -AsPlainText -Force + $NewPassword = ConvertTo-SecureString 'test@1234' -AsPlainText -Force + # Disable confirmation prompts + $originalDebugPreference = $DebugPreference + $DebugPreference = 'Continue' + + try { + # Act & Assert: Ensure the function doesn't throw an exception + { Update-EntraBetaSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword -Debug } | Should -Not -Throw + } finally { + # Restore original confirmation preference + $DebugPreference = $originalDebugPreference + } + } + } +} \ No newline at end of file diff --git a/test/module/EntraBeta/Update-EntraBetaUserAuthenticationRequirement.Tests.ps1 b/test_legacy/module/EntraBeta/Update-EntraBetaUserAuthenticationRequirement.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Update-EntraBetaUserAuthenticationRequirement.Tests.ps1 rename to test_legacy/module/EntraBeta/Update-EntraBetaUserAuthenticationRequirement.Tests.ps1 diff --git a/test/module/EntraBeta/Update-EntraBetaUserFromFederated.Tests.ps1 b/test_legacy/module/EntraBeta/Update-EntraBetaUserFromFederated.Tests.ps1 similarity index 100% rename from test/module/EntraBeta/Update-EntraBetaUserFromFederated.Tests.ps1 rename to test_legacy/module/EntraBeta/Update-EntraBetaUserFromFederated.Tests.ps1