SOLVED

Read/Write AzureAD Guest Self Signup via PowerShell

%3CLINGO-SUB%20id%3D%22lingo-sub-2438354%22%20slang%3D%22en-US%22%3ERead%2FWrite%20AzureAD%20Guest%20Self%20Signup%20via%20PowerShell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2438354%22%20slang%3D%22en-US%22%3E%3CP%3ESetting%20the%20Guest%20user%20self-signup%20property%20via%20powershell%20is%20documented%20to%20be%20done%20via%20the%20Msonline%20module's%20%60Set-MsolCompanySettings%60%20cmdlet%20(-AllowAdHocSubscriptions)%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fde-de%2Fpowershell%2Fmodule%2Fmsonline%2Fset-msolcompanysettings%3Fview%3Dazureadps-1.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E(documentation)%3C%2FA%3E%3C%2FP%3E%3CP%3ENow%2C%20I%20don't%20see%20a%20way%20to%20read%20this%20setting.%20There's%20Get-MsolCompanyInformation%20but%20no%20value%20for%20AdHocSubscriptions.%3C%2FP%3E%3CP%3EAlso%2C%20the%20Msonline%20module%20is%20marked%20as%20deprecated%20and%20we%20should%20use%20AzureAD(-Preview)%20module%20instead.%3C%2FP%3E%3CP%3EBut%20there%20I%20can't%20find%20the%20setting.%20It%20might%20be%20me%20just%20being%20unable%20to%20correctly%20search%20the%20documentation.%3C%2FP%3E%3CP%3ESo%20my%20questions%20are%3A%3C%2FP%3E%3COL%3E%3CLI%3E%26nbsp%3Bhow%20can%20I%20read%20the%20setting%20via%20powershell%3F%3C%2FLI%3E%3CLI%3Ewhat%20is%20the%20%22new%22%20way%20to%20set%20this%20setting%20when%20msonline%20module%20is%20deprecated%3F%3C%2FLI%3E%3C%2FOL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2438354%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2441691%22%20slang%3D%22en-US%22%3ERe%3A%20Read%2FWrite%20AzureAD%20Guest%20Self%20Signup%20via%20PowerShell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2441691%22%20slang%3D%22en-US%22%3EIt's%20there%2C%20but%20hidden%3A%3CBR%20%2F%3E%3CBR%20%2F%3EGet-MsolCompanyInformation%20%7C%20select%20AllowAdHocSubscriptions%3CBR%20%2F%3E%3CBR%20%2F%3EOr%20just%20%7C%20fl%20*%20it.%20And%20you%20can%20also%20set%2Fquery%20it%20via%20Graph%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fauthorizationpolicy%3Fview%3Dgraph-rest-beta%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fresources%2Fauthorizationpolicy%3Fview%3Dgraph-rest-beta%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2443968%22%20slang%3D%22en-US%22%3ERe%3A%20Read%2FWrite%20AzureAD%20Guest%20Self%20Signup%20via%20PowerShell%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2443968%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you!%20I%20wasn't%20aware%20of%20this%20concept%20of%20hidden%20properties.%20Would%20I%20have%20been%20able%20to%20figure%20that%20out%20via%20documentation%3F%3C%2FP%3E%3CP%3EAlso%2C%20I%20now%20see%20that%20AllowAdHocSubsciptions%20is%20set%20to%20true%20in%20the%20result%20of%20the%20cmdlet%2C%20but%20Azure%20Portal%20shows%20this%20as%20%22false%22%20in%20the%20External%20Identities-%26gt%3BExternal%20Collaboration%20Settings%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22SRMueller_0-1623663325754.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F288428i4B7D81B571AFEEA9%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22SRMueller_0-1623663325754.png%22%20alt%3D%22SRMueller_0-1623663325754.png%22%20%2F%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22SRMueller_1-1623663350361.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F288429i05DFCB4C2F77C8E1%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22SRMueller_1-1623663350361.png%22%20alt%3D%22SRMueller_1-1623663350361.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Setting the Guest user self-signup property via powershell is documented to be done via the Msonline module's `Set-MsolCompanySettings` cmdlet (-AllowAdHocSubscriptions) (documentation)

Now, I don't see a way to read this setting. There's Get-MsolCompanyInformation but no value for AdHocSubscriptions.

Also, the Msonline module is marked as deprecated and we should use AzureAD(-Preview) module instead.

But there I can't find the setting. It might be me just being unable to correctly search the documentation.

So my questions are:

  1.  how can I read the setting via powershell?
  2. what is the "new" way to set this setting when msonline module is deprecated?

 

4 Replies
best response confirmed by SRMueller (Occasional Contributor)
Solution
It's there, but hidden:

Get-MsolCompanyInformation | select AllowAdHocSubscriptions

Or just | fl * it. And you can also set/query it via Graph: https://docs.microsoft.com/en-us/graph/api/resources/authorizationpolicy?view=graph-rest-beta

@Vasil Michev 

 

Thank you! I wasn't aware of this concept of hidden properties. Would I have been able to figure that out via documentation?

Also, I now see that AllowAdHocSubsciptions is set to true in the result of the cmdlet, but Azure Portal shows this as "false" in the External Identities->External Collaboration Settings

SRMueller_0-1623663325754.pngSRMueller_1-1623663350361.png

 

That's not the same setting as the Guest self-service sign-up.

Yeah, I saw that afterwards. I'm moving on with all the other properties I find. Properties like that, which seem unreachable via the MS Powershell cmdlets, will move to a backlog/do it manually via UI pool.

The main problem I see is with the inconsistent implementation of the cmdlets and the lacking documentation. Or better, the inconsistent quality of the documentation. To make matters worse for me, I just found the PnP PowerShell which is supposed to bring with it more commands. But now I'm stuck figuring out, which tools/cmdlets/tech I should use, i.e. are best practice, according to microsoft and the community.


I want to avoid writing my own MS Graph frontend but maybe that's where this is going in the long run.

Thanks for the support!

 

EDIT: sorry for the edit noise