PowerShell

Using Entra ID Governance and Sentinel to assure user alignment with HR data

by

Have you ever asked yourself this question after setting up Microsoft Entra ID Lifecycle Workflows and API-driven user provisioning: “What happens if one of my colleagues changes a user attribute in Active Directory (AD), will Entra ID Governance correct it?” The answer to this question is: “No, it won’t”. Or like an IT consultant would … Read more

Assign Teams Phone number to users with Lifecycle Workflows in Entra ID Governance

by

When new employees are about to start in a company, one of the tasks that needs to be done before the employees have its first day is to assign a phone number to them, so they are able to make and receive phone call in their everyday work. If you are using Microsoft Teams in … Read more

Create a user mailbox using Lifecycle Workflows in Microsoft Entra ID Governance

by

When I started using Microsoft Entra ID Governance Lifecycle workflows to handle Joiners in my company, the first task I wanted to accomplish using the Lifecycle workflows was the creating of a new employee’s mailbox in a hybrid environment. Creating of user mailboxes is not an out-of-of-the-box task in Lifecycle Workflows, but it can be … Read more

Using API-driven user provisioning with an Azure SQL database as a source of truth

by

Automating API-Driven User Provisioning with an Azure SQL Database. This post guides you through setting up an Azure SQL database and, integrating it with your HR system’s API, and then automating user creation and updates in Active Directory using API-driven provisioning to on-premises Active Directory

Securely storing and retrieving credentials with Azure Key Vault in PowerShell scripts

by

When you are writing PowerShell scripts to automate various tasks in your everyday life in IT, the hardest part is often how to store the credentials to be used in your code in a secure way. In this blog post I want to show you how you can use an Azure Key Vault to store … Read more

Getting started with API-driven Inbound User Provisioning to On-Premises AD

by

API-driven Inbound User Provisioning to On-Premises AD is a feature that I personally have been really excited about for quite some time. I started working with it when it was in public preview around June 2023 and it went to General Availability in early 2024.API-driven Inbound User Provisioning is streamlined way of managing users in … Read more

Connect to Microsoft Teams PowerShell using Azure App reg. (Service principal) 

by

Intro
Not long ago Microsoft finally release a new version for the Microsoft Teams PowerShell module (4.8.0) that adds the ability to authenticate to Microsoft Teams using a Azure App reg. 
Using a Azure App reg. Is in my opnion the most secure way to authenticate when you are running scheduled task (or simlar). So if you are not using this method in your automation scripts with Teams, you should start ajusting (on your own risk ofc). 
The ability to use this method to authenticate has not been working for at least 1½ year (as of this writing) so I’m very excited to share the method with you guys. 

Read more

Monitor Azure App registration secret / certificate expiry with PowerShell

by

I came across a need to know when a certificates and secrets are about to expire on Azure app registrations, but there was no native way for me do this, expect to just scroll down the application registration list and look for “Expirer soon”, and that didn’t really do it for me.
So, I decided to look for way to get notified a number of days before a secret or a certificate will expire using PowerShell. I ended up writing this script and then running it using an Automation Account in Azure, but you can run this script everywhere, if you have the Microsoft Graph PowerShell module installed on the platform of your choice.

Read more