Uncategorized

Azure AD PowerShell: What the version?!?

Azure Active Directory PowerShell is awesome. There are so many things you can do using it, and if you aren’t using it today I highly suggest it. That being said, there’s currently many versions available for download from Microsoft, and it’s confusing what you can do in each version. Now with the preview release of version 2, things are even more complicated.

This article will be an attempt at documenting what versions can do what, where to get them, and what you should be using. I’ll keep the version numbers updated as well as I can as time goes on.

Quick note: Preview versions are just that. They are previews of features that will hopefully be available in a general availability release later on. If you’re comfortable with the occasional error, go ahead and install them on your machine. If however you are not, or if you are running scripts on a scheduled basis (such as on a server), please do not install any preview versions.

Before getting started, to check what version you are currently running, use the following command in a PowerShell window:


Microsoft Online Sign In Assistant

Right now, all versions of the Azure AD PowerShell module require you to have the Microsoft Online Sign In Assistant installed. This facilitates the initial login/connection to Azure AD. If you don’t have it installed (check in Add/Remove Programs), go ahead and install that first. The download can be found here: http://go.microsoft.com/fwlink/?LinkID=286152. Make sure that you install the 64 bit edition (using Azure AD PowerShell on a 32 bit system is not supported any more).


Azure AD PowerShell Module – GA – 1.1.166.0

Published on 8/15/2016, version 1.1.166.0 is the current general availability release. It can be downloaded at http://bit.ly/2eTyVOQ. This version cannot coexist with any other versions starting with “1.”. If you are upgrading from some older versions, you will need to uninstall the old modules from Add/Remove Programs (may be listed as Windows Azure Active Directory Module for PowerShell)

Notable things this release includes:

  • The ability to use MFA enabled accounts to sign in to Azure AD. Below are the old and new sign in windows:
    aadsigninold vs aadsignin
    Note: When connecting to Exchange Online, SharePoint Online, or Skype Online, you will still get the old sign in window. New one is only for Azure AD (Connect-MsolService).
  • Additional Set-MsolCompany commandlets, mainly for MDM purposes
    • Get-MsolCompanyAllowedDataLocation
    • Set-MsolCompanyMultiNationalEnabled
    • Set-MsolCompanyAllowedDataLocation

Notable missing features:

  • Get-MsolSettings and related commands
    • Includes the ability to edit Azure AD policies to disable creation of Office 365 groups (good post by Tony Redmond on this, although his advice that it works in versions 1.1.117.0 or higher isn’t the case anymore because of this release)

Azure AD PowerShell Module – Preview – 1.1.130.0

Published on 6/20/2016, version 1.1.130.0 is the current preview release. It can be downloaded at http://bit.ly/2eTyVOQ (same link). This version cannot coexist with any other versions starting with “1.”. If you are upgrading from some older versions, you will need to uninstall the old modules from Add/Remove Programs (may be listed as Windows Azure Active Directory Module for PowerShell)

The first thing you may notice is that this preview version is a lower version number than the GA release above. Confusing right? Well it comes down to that some features (like the MDM commandlets above) were ready to go GA, but not others.

Notable features included:

  • New sign in method, same as above
  • Ability to edit Azure AD policies/settings using the Get-MsolSettings commands
    • Again, notably includes the ability to edit Azure AD policies to disable creation of Office 365 groups

Notable missing features:

  • Set-MsolCompany commandlets, mainly for MDM purposes, available in GA release above

Azure AD PowerShell Module v2 – Preview – 2.0.0.7

Published 10/6/2016, this is a whole new version of the AzureAD commandlets. Microsoft is using this new version to align the commandlets with the true functions they perform, and add new ones as well. Since the original v1 of Azure AD PowerShell was originally designed when it was referred to as “Microsoft Online Services,” this version starts the transition from the “msol” commandlets to “azuread”. Per Microsoft:

This preview release marks a first step on a journey to renew the existing MSOL PowerShell cmdlets which you are so familiar with. One of the key features of this release is a close alignment of the PowerShell functionality with the Graph API capabilities. We are also moving towards a faster and more agile release process for new or updated functionality of these cmdlets.

Over time, we will fully replace the existing MSOL cmdlets. You will see regular new functionality updates to this preview release until the complete replacement is available.

That last line might cause some concern, but I would venture to guess it will be well over a year before the MSOL commandlets are phased out, so don’t rush to replace all your existing scripts just yet.

To install this version, simply open a PowerShell window as an Admin and type the following:

Note: this version can coexist with the v1 versions above.

For a full up to date notes on what this version adds, check out the documentation from Microsoft.

I can’t recommend this version as the only version you use, but it’s worth checking out and getting used to the new v2 commands.


Sources:

  • https://thoughtsofanidlemind.com/2016/06/07/controlling-the-creation-of-office-365-groups-using-an-azure-active-directory-policy/
  • http://social.technet.microsoft.com/wiki/contents/articles/28552.microsoft-azure-active-directory-powershell-module-version-release-history.aspx
  • https://msdn.microsoft.com/en-us/library/azure/jj151815(v=azure.98).aspx

Leave a Reply

Your email address will not be published. Required fields are marked *