Forum Discussion
Patrick Rote
Jan 18, 2022Iron Contributor
Connect to Azure AD from Powershell without prompt - what are my options?
Hi there,
I want to schedule some script in PowerShell and i would need to login into Azure AD first.
Is it possible to login to Azure AD without a prompt as the script needs to be automates/scheduled
Can I use app registration with client ID and Clients secret with powershell.
I also have a dedicated account which doesn't have MFA.
Any resources would be appreciated
Thanks
- tringlerCopper ContributorYou can just pass your username/password to Connect-AzAccount.
- Patrick RoteIron ContributorThanks Tringler . Can you please give me an example. I'm using Connect-AzureAD
- lukemurraynzLearn ExpertYes you can use SPN or certificates
https://docs.microsoft.com/en-us/powershell/azure/authenticate-azureps?view=azps-7.1.0- hspintoMicrosoftIf you want to automate tasks against Azure AD, you should be leveraging Microsoft Graph instead. There's a PowerShell SDK (https://docs.microsoft.com/en-us/graph/powershell/installation). It supports authenticating with an SPN, but I would recommend using a Managed Identity, if possible.
- Patrick RoteIron ContributorThanks hspinto for your response.
I have a dedicated acct that password doesn't expire and no MFA. Will this work?
What is Managed Identity and how can i achieve this?
- Alan2022Iron Contributor
Hi Patrick Rote
# Save User Credentials # New-StoredCredential -Target MyAccount -Username <Username> -Password <Password> # User Authentication $ua = Get-StoredCredential -Target MyAccount $credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $ua.UserName,$ua.Password # Login to your Azure Account Connect-AzAccount -Tenant '<TenantID>' -Credential $credential
Still working until now.
- ERobillardBrass ContributorHspinto is correct, and the luck of Alan2022 will become useless after June 23. If you stuck with Connect-AzAccount your prize is getting to get to write this twice. Here's an article on upgrading from the AD API to MSGraph: https://learn.microsoft.com/en-us/powershell/microsoftgraph/migration-steps?view=graph-powershell-1.0
How about using access token?