Forum Discussion
Solved
Azure AD Assessment Tool from Microsoft not working anymore because of "disabled" enterprise app
Hi everyone, i was using https://github.com/AzureAD/AzureADAssessment for some time now to easy get a good list of all high privileged users and enterprise app. But it does not work anymore beca...
- StephanGee I have updated the instructions with steps to create the custom app.
The assessment is currently in maintenance mode. There is an open source effort that I'm involved in along with Microsoft MVPs that you might be interested in. See https://maester.dev
Solved it:
Create an app reg with "Mobile and desktop applications" redirect uri
Redirect URI https://login.microsoftonline.com/common/oauth2/nativeclient
Allow public client flows to yes.
Use Connect-AADAssessment -Clientid "your app id here" and connect with a user that has appropriate rights
It will add them - then you can use "Invoke-AADAssessmentDataCollection" to get the data.
I had a "Web" Redirect URI - so this did not work. My fault.