Jan 17 2022 10:31 PM
Hi there,
I want to schedule some script in PowerShell and i would need to login into Azure AD first.
Is it possible to login to Azure AD without a prompt as the script needs to be automates/scheduled
Can I use app registration with client ID and Clients secret with powershell.
I also have a dedicated account which doesn't have MFA.
Any resources would be appreciated
Thanks
Jan 18 2022 10:39 AM
Jan 18 2022 12:48 PM
Jan 18 2022 01:42 PM
Jan 18 2022 08:09 PM
Jan 18 2022 08:11 PM
Jan 19 2022 12:46 AM
A user principal with a never expiring password and no MFA is the worst you can do for the security of your solution. Use, at least, a service principal - they're meant for non-attended automation.
The AzureAD module you are trying to use (Connect-AzureAD) is deprecating and is replaced by the MS Graph SDK I mentioned above. If you want to log into Azure AD with a service principal and MS Graph, you can simply use this:
Connect-MgGraph -TenantId "your tenant id" -AppId "service principal app id" -CertificateThumbprint "cert thumbprint"
Of course, you must grant to the service principal the required roles/permissions in your Azure AD tenant.
If the execution context of your automation allows for it, i.e., it runs from Azure Automation or from an Azure/Arc machine, you can leverage Managed Identities, which are a special type of service principal for which Azure manages the credentials for you. You don't need to use certificates nor passwords. More details here: Managed identities for Azure resources | Microsoft Docs
May 26 2022 04:15 PM
# Save User Credentials
# New-StoredCredential -Target MyAccount -Username <Username> -Password <Password>
# User Authentication
$ua = Get-StoredCredential -Target MyAccount
$credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $ua.UserName,$ua.Password
# Login to your Azure Account
Connect-AzAccount -Tenant '<TenantID>' -Credential $credential
Still working until now.
Apr 05 2023 08:05 AM
Apr 05 2023 05:28 PM
How about using access token?