Figure 1: Modern Authentication for Azure Active Directory PowerShell
Adam download s and installs this public preview of the Azure Active Directory PowerShell Module so he can begin to create the new user accounts. He signs in using:
Connect-MsolServiceAdam submits his organizational account credentials, and is prompted to enter a verification code that is sent to him via text message:
Now he's authenticated! Using the commands Adam is already familiar with, he is able to query the existing set of users in the tenant:
He notices that he needs to create a user account for our new hire, Jamie. Again, using the commands he is familiar with he is able to do this:
New-MsolUser -UserPrincipalName JWarner@contosomfa.onmicrosoft.com -DisplayName "Jamie Warner" -FirstName "Jamie" -LastName "Warner"
From this point, Adam can assign Jamie a new license, put her in a different directory role, and more! Anything that the old PowerShell module was capable of, Adam can also do in the new one. Existing scripts that Adam created will continue to work with minimal modification, and all with an MFA protected administrative account.
Get-MsolDevice –RegisteredOwnerUpn GMonet@contosomfa.onmicrosoft.com
Based on the Device Name, and other information returned by the cmdlet, we can identify which device is the one we are looking to disable. In this case, it is the first device returned with DeviceId = a7892334-730b-4d49-bd13-54c2a4928009 To disable this device, we simply run the disable cmdlet targeting this specific Device Id:
Disable-MsolDevice –DeviceId a7892334-730b-4d49-bd13-54c2a4928009
Once we confirm our actions, the device is disabled. You can see that now the device has Enabled = False
If Greg ends up finding his laptop, we can always enable this device using the enable cmdlet:
Enable-MsolDevice -DeviceId a7892334-730b-4d49-bd13-54c2a4928009Which will change the device back to Enabled = True If not, we can remove the device to make sure it does not affect Greg's device quota:
Remove-MsolDevice -DeviceId a7892334-730b-4d49-bd13-54c2a4928009
You can see that I can no longer find this device in our directory once we delete it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.