#AzureAD PowerShell v2.0 is now in public preview

October 14, 2016 Chris Spanougakis 3 comments


If you ever used PowerShell, you already know that is a cool tool to use. And if you follow this blog regularly, you should remember that I wrote back an article, in January this year, about Azure AD PowerShell and how to use it. You can check that article here: https://spanougakis.com/2016/01/18/azure-ad-powershell-and-how-to-use-it/

And some time ago I’ve presented how to automate your day-to-day administration tasks in your on-premises AD environment using PowerShell, the recording of the presentation (in Greek) can be found here: https://systemplus.gr/adauto.html

But why do we need a new version of Azure AD PowerShell? This is because the new version will bring a lot of updates to existing cmdlets, mainly because they have to align with the new features and capabilities that Azure AD has to offer. These new capabilities will be included in the new Azure AD PowerShell module, Good news is that the module is available today, so you can start testing!

Azure AD PowerShell v2.0 installation

If you look for a download link, don’t bother, because there is an easier way to download and install it. Just run as an administrator a normal PowerShell window and type:

Install-Module -Name AzureADPreview


The next step should be to import the new module and then check the version that you’ve just installed, running the following commands:

import-module azureadpreview

get-module azureadpreview


Now let’s connect to Azure AD using the following commands:


connect-azuread –credential $azureadcred

The first command prompts for credentials and stores them as $azureadcred. The next command uses those credentials as $azureadcred to connect to the service.



You probably already noticed that there is a change in the names of all cmdlets: instead of typing “connect-msolservice”, we now have to type “connect-azuread”, so practically the entire MSOL module was renamed to AzureAD. If an existing cmdlet was named “New-MSOLUser”, which adds a new user to the directory, the new cmdlet’s name is “New-AzureADUser”.

For a full list of all available cmdlets and how to use them, please read the AzureAD PowerShell reference documentation here: https://msdn.microsoft.com/en-us/library/azure/mt757189.aspx

So let’s examine now some of the new functionality we get:

-SearchString parameter

We can now search for data in our directory based on a string we specify:


Or you could search for a string “Athens”, to get information about the city where the users are located, based on the information we specified on the user accounts:


Note that the SearchString search scope for users currently covers the attributes “City”, “Country”, “Department”, “DisplayName”, “JobTitle”, “Mail”, “mailNickName”, “State”, and “UserPrincipalName.

Configurable Token Lifetimes that are also included in this version are covered in detail here https://azure.microsoft.com/en-us/documentation/articles/active-directory-configurable-token-lifetimes/ and probably this will be something we’ll discuss in a next blog post.

Manage Certificate Authority using PowerShell for Azure AD

  • New-AzureADTrustedCertificateAuthority – Adds a new certificate authority for the tenant
  • Get-AzureADTrustedCertificateAuthorities – Retrieves the list of certificate authority for the tenant
  • Remove-AzureADTrustedCertificateAuthority – Removes a certificate authority for the tenant
  • Set-AzureADTrustedCertificateAuthority – Modifying a certificate authority for the tenant

… and a good idea for another blog post, meanwhile you can find details here: https://azure.microsoft.com/en-us/documentation/articles/active-directory-certificate-based-authentication-ios/#getting-started%20/

Managing Applications using PowerShell for Azure AD

  • New-AzureADApplication
  • Remove-AzureADApplication
  • Set-AzureADApplication

Manage Directory Extensions in PowerShell

  • Get-AzureADApplicationExtensionProperty
  • New-AzureADApplicationExtensionProperty
  • Remove-AzureADApplicationExtensionProperty

Manage Owners for an Application

  • Add-AzureADApplicationOwner
  • Get-AzureADApplicationOwner
  • Remove-AzureADApplicationOwner

Manage credentials for Applications in PowerShell

  • Get-AzureADApplicationKeyCredential
  • New-AzureADApplicationKeyCredential
  • Remove-AzureADApplicationKeyCredential
  • Get-AzureADApplicationPasswordCredential
  • New-AzureADApplicationPasswordCredential
  • Remove-AzureADApplicationPasswordCredential

Take a look at this video by Nasos Kladakis, where you can see how you can use the new Azure AD PowerShell module to configure an application in your directory and assign users to roles for the new application.

Thanks for your time!