How to use Azure Managed Identities with Graph API or other Resources

Microsoft (Graph) API’s or API permissions for Managed Identities But you can only add Azure RBAC roles to a Managed Identity, right? That’s not true, in the blog post below I explain how you can add resource permissions to a Managed Identity. In my work I mainly use this for Azure Automation. By using Managed … Continue reading How to use Azure Managed Identities with Graph API or other Resources

New PowerShell module for Microsoft Graph API reports

Azure AD & Microsoft 365 reports in a single module In my work we use a lot of Microsoft APIs, especially the Microsoft Graph API.Since the Graph API has many ways to optimize and change in bulk, I started with the Optimized.Mga module. Only thing I noticed was that I often made the same reports … Continue reading New PowerShell module for Microsoft Graph API reports

How to use Key Vault Secrets in Azure Automation PowerShell

Azure Key Vault > Azure Automation Credential Manager Azure Automation has its own Credential Manager.This is the easiest to use, but has no history or version control.So you can’t see when the value was last changed, or who made the change within the portal (this can be done via Log Analytics). The Azure Key Vault … Continue reading How to use Key Vault Secrets in Azure Automation PowerShell

How to start a Runbook on specific Hybrid Worker Azure Automation

Disclaimer: this is a work around that is not always useful I am currently hired by a client who has one Hybrid Worker Group (and to whom we are not allowed to make any adjustments). There are runbooks that have to work with the data from other runbooks, but because the data is so much … Continue reading How to start a Runbook on specific Hybrid Worker Azure Automation

How to download a file from an Azure Storage Blob PowerShell

Download a file from Storage Blobs with Rest API’s and PowerShell We are setting up a completely new Azure Automation environment for a new customer. This is all done through Azure DevOps CI/CD. Static files such as an html or zip file are no longer on an on-premise server, but from now on in an … Continue reading How to download a file from an Azure Storage Blob PowerShell

How to upload a file to an Azure Storage Blob PowerShell

Upload files to A storage blob using powerShell We are configuring an Azure Automation environment. This is all done through Azure DevOps CI/CD. We won’t use a static files server for files like html content or zip files, but we will upload them to an Azure Storage Blob instead. We been working on uploading files … Continue reading How to upload a file to an Azure Storage Blob PowerShell

How to get AzureAD Users LastLogin for stale accounts PowerShell

Which property comes closest to the LastLogin property? LastLogin is an attribute known from Active Directory, but this property is not present in AzureAD. Property RefreshTokensValidFromDateTime is closest to the LastLogin property. This property determines how long the token is valid for the last Login and when the local token must renew. Unfortunately this is … Continue reading How to get AzureAD Users LastLogin for stale accounts PowerShell

How to get AzureAD Group Members nested groups in PowerShell

Why would we put groups in groups? Groups in groups is used by enterprise companies that have main groups for, for example, Group based Licensing in AzureAD. And there are many more examples to mention.The disadvantage of groups in groups is that at a certain point you no longer know whether someone is in the … Continue reading How to get AzureAD Group Members nested groups in PowerShell

Is it listed? From Domain, to email, and even IP addresses including the ranges Exchange Online

Is what listed? With the PowerShell script on Github you can find a domain name, email address, and IP address in Exchange Online that is located in one of the following places: Transport rules Anti Spam Policies Anti-Phishing Policies Inbound Connectors Outbound Connectors Connection Filter Policies NEW: Inbox Rules (Briefly explained in Various Choices). The … Continue reading Is it listed? From Domain, to email, and even IP addresses including the ranges Exchange Online

Disable PowerShell for users in Exchange by Bas Wijdenes

Regular users can run PowerShell commands on their own Mailbox I recently found out that PowerShell is enabled by default for all users in Exchange Online including the normal user mailbox. There was a user who had been hacked, and the hacker had placed a forward in the mailbox via PowerShell, but well about this … Continue reading Disable PowerShell for users in Exchange by Bas Wijdenes