Blog Post

Microsoft Entra Blog
2 MIN READ

Important update: Deprecation of Azure AD PowerShell and MSOnline PowerShell modules

krbash's avatar
krbash
Icon for Microsoft rankMicrosoft
Apr 01, 2024

In 2021, we described our plans to invest in Microsoft Graph PowerShell SDK as the PowerShell provider for Microsoft Entra and transition away from Azure AD and MSOnline PowerShell modules. In 2023, we announced that the deprecation of Azure AD and MSOnline PowerShell modules would occur on March 30, 2024. We’ve since made substantial progress closing remaining parity gaps in Microsoft Graph PowerShell SDK, and as of March 30, 2024, these PowerShell modules are now deprecated:

 

 

You should migrate your scripts to Microsoft Graph PowerShell SDK as soon as possible. Information about the retirement of these modules can be found below.

 

What happens to MSOnline and Azure AD Modules after March 30, 2024?

 

As of March 30, 2024, Azure AD, Azure AD Preview, and MS Online PowerShell modules are deprecated. Support will only be offered for critical security fixes. They will continue to function through March 30, 2025. Note: Only MSOnline versions 1.1.166.0 (2017) and later are assured to function through March 30, 2025. Use of versions earlier than 1.1.166.0 may experience disruptions after June 30, 2024.

 

Required Actions

 

  1. Identify scripts in your environment that are using Azure AD or MS Online PowerShell modules. 
  2. Take immediate action to migrate scripts that are using MS Online versions below 1.1.166.0. If you’re not ready to migrate to Microsoft Graph PowerShell, you can update to the latest version of MSOnline PowerShell (1.1.183.81) to avoid impact after June 30, 2024. To inspect the version of MS Online module, you can use this PowerShell command: > Get-InstalledModule MSOnline 
  3. Plan to migrate all MS Online (latest version) and Azure AD PowerShell scripts to Microsoft Graph by March 30, 2025.
  4. Migrate these scripts to use Microsoft Graph PowerShell SDK.
     

We’re making substantial new and future investments in the PowerShell experience for managing Entra. Please continue to monitor this space as we announce exciting improvements in the coming months.

 

About Microsoft Graph PowerShell SDK

 

The Microsoft Graph PowerShell SDK provides cmdlets for the entire API surface of Microsoft Graph, including Microsoft Entra ID. It features cross-platform and PowerShell 7 support, offers modern authentication, and is regularly updated. 
 

Resources 

 

Kristopher Bash 
Product Manager, Microsoft Graph 
LinkedIn

 

 

Learn more about Microsoft Entra: 

Updated Mar 26, 2024
Version 1.0
announcements and product news
krbash's avatar
Icon for Microsoft rankMicrosoft
Joined August 21, 2019
View Profile
Microsoft Entra Blog
Stay informed on how to secure access for employees, customers, and non-human identities, from anywhere, to multicloud and on-premises resources, with comprehensive identity and network access solutions powered by AI.

15 Comments

Show More
  • SteveMutungi's avatar
    SteveMutungi
    Former Employee
    Apr 08, 2024

    About: StrongAuthenticationRequirements - Per-User MFA related data from this is not available in Graph whereas it continues to work.

     

    We're working on adding per-user MFA capability to Microsoft Graph. We don't have a confirmed ETA yet.

     

    • TominV's avatar
      TominV
      Copper Contributor
      Dec 19, 2024

      Do you have any update regarding StrongAuthenticationRequirements, please? Do you know in which cmdlet it will be implemented? Will be possible also activation of per-user MFA? 

  • cpunella's avatar
    cpunella
    Copper Contributor
    Apr 08, 2024

    Hi krbash ,

     

    we are really happy to finally dismiss MSOL but as san-admindroid  said, there are still different properties not covered on Graph. Can you please share any plan/ETA on that? 

     

    Thanks

  • san-admindroid's avatar
    san-admindroid
    Copper Contributor
    Apr 02, 2024

    krbash I'm glad to see that the old module gets deprecated. Also sad because the graph PowerShell don't have all the values returned by Get-MsolUser command-let. I would like to display some of the most used properties, they are:

     

    • StrongAuthenticationPhoneAppDetails - the device related information from this property (MsolUser) is not available in Graph User. 
    • StrongAuthenticationRequirements - Per-User MFA related data from this is not available in Graph whereas it continues to work.
    • AlternateMobilePhones
    • CloudExchangeRecipientDisplayType
    • IndirectLicenseErrors
    • LiveId
    • ReleaseTrack
    • ValidationStatus
    • IsBlackberryUser

    I would appreciate that if the following were returned directly from the Get-MgUser or Graph API endpoint for user. Otherwise, it is impossible to get these data. Also a very few information is available which are to be fetched separately for each user. A bigger plus would be making it available for delta query.