Microsoft Sets New Deprecation Schedule for Azure AD PowerShell

MVP

 

Lots of news has emerged from Microsoft recently regarding the deprecation of the Azure AD PowerShell module and the older MSOL module. Although dates have slipped from the original June 30, 2022 deadline, the signs are that Microsoft will retire the modules in early 2023. However, the Azure AD and MSOL license management cmdlets will stop working on August 26, 2022, so that’s the immediate priority for script upgrades.

https://office365itpros.com/2022/03/17/azure-ad-powershell-deprecation/

2 Replies

@TonyRedmond We have been using the Azure Ad scripts with Azure automation account to automate the on boarding process from workday application, And the runbooks are configured with Powershell scripts using Azure Ad module. Below are some concerns on this migration to Microsoft Graph powershell.

 

We are using user to authenticate to Azure AD for scripts with user management rights. Now as the things are migrating to Microsoft graph powershell, the Azure AD role won't work as Mcirosoft Graph powerhsell have its own permissions , So what is the best practice for connecting to MS graph powerhsell with minimum permissions for user creating and license management tasks ?

 

1. Figure out what the minimum set of permissions are needed for each discrete piece of work (script). This might help: https://practical365.com/microsoft-graph-api-permission/
2. Create separate apps with the correct permissions for each script (or set of scripts, if they share the same permissions).