Invoke on premises PowerShell from an Azure API ?

MS Techie 2,676

Hi,

How can i invoke the PowerShell residing on-premises from Azure API (Like Azure Web App or Azure Function or Azure Logic app)

Please help

Grmacjon-MSFT 15,851 Reputation points

2021-10-18T19:18:42.79+00:00

Hi @MS Techie ,

Can you please give us more details on what you are tying to achieve in your scenario? Which powershell command are you trying to invoke in the Azure portal?

Thanks,
Grace
MS Techie 2,676 Reputation points

2021-10-19T06:29:04.817+00:00

Hi,
i am trying to invoke a on-premises PowerShell , which executes some commands against the on-premises Active Directory via Identity Manager . This Powershell can only be run in on-premises domain .

i want to know , what options do i have to invoke this PowerShell from Azure (from any azure resource like Azure Web App or Function or Logic App etc)
Kennet Bak Kjær 1 Reputation point

2021-10-19T10:29:44.08+00:00

Hi,

I am also looking at function to do some management on On-premise AD instead of using Automation with a hybrid worker, would it be possible

Regards
Kennet
Roderick Bant 2,046 Reputation points

2021-10-19T14:20:57.613+00:00

Hi,

A setup with a hybrid worker for Azure Automation is the recommended way to initiate actions from the Azure side. If using AA is not an option, you might consider running a PowerShell script on-premise via task scheduler and let that script pull waiting jobs from e..g. an Azure Function of WebApp that buffers these 'jobs'. If needed you can push the results of the PowerShell script back to an Azure function via HTTP.

1 answer

Grmacjon-MSFT 15,851 Reputation points

2021-10-19T18:53:30.847+00:00
Hi @MS Techie ,

Thanks for the addional information. You can use Azure App Service Hybrid Connections for you scenario.

There are a number of benefits to the Hybrid Connections capability, including:

- Apps can access on-premises systems and services securely.

The feature doesn't require an internet-accessible endpoint.

It's quick and easy to set up. No gateways required.

Each Hybrid Connection matches to a single host:port combination, helpful for security.

It normally doesn't require firewall holes. The connections are all outbound over standard web ports.

Because the feature is network level, it's agnostic to the language used by your app and the technology used by the endpoint.

It can be used to provide access in multiple networks from a single app.

It's supported in GA for Windows apps and Linux apps. It isn't supported for Windows container apps.

This Azure doc shows you how to Configure an on-premises server for PowerShell remoting

Hope that helps. Please let us know if you have further questions

Thanks,
Grace

----------------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept as answer--
Please sign in to rate this answer.

1 person found this answer helpful.
Kennet Bak Kjær 1 Reputation point

2021-10-20T06:37:10.687+00:00

Hi Grace,

Thanks for the reply, I have looked at Hybrid Connection, and what I can see is the way to access on-premise VMs. But it was because I heard that you could use Function premium and VNET to be able to access a VM in azure directly and excute some powershell script, without using a Hybrid Connection server. Is this a option

Grmacjon-MSFT 15,851 Reputation points

2021-10-22T22:01:15.347+00:00

Thanks for the question @KennetBakKjr-8022 . Can you please create a new thread so we can track this question separately from the original question. Int the meantime. We will check internally with the engineering team to confirm if it is possible to use Function premium and VNET to access a VM.

Best,
Grace
Sign in to comment