AzureAD
Önemli
Azure AD ve MSOnline PowerShell modülleri 30 Mart 2024 itibarıyla kullanım dışı bırakılmıştır. Daha fazla bilgi edinmek için kullanımdan kaldırma güncelleştirmesini okuyun). Bu tarihten sonra bu modüllere yönelik destek, Microsoft Graph PowerShell SDK'sına geçiş yardımı ve güvenlik düzeltmeleriyle sınırlıdır. Kullanım dışı bırakılan modüller Mart 30 2025'e kadar çalışmaya devam edecektir.
Microsoft Entra ID (eski adıyla Azure AD) ile etkileşime geçmek için Microsoft Graph PowerShell'e geçiş öneririz. Sık sorulan geçiş soruları için Bkz. Geçiş hakkında SSS. Not: MSOnline'ın 1.0.x sürümleri 30 Haziran 2024'den sonra kesinti yaşayabilir.
Grafik için Azure Active Directory PowerShell modülü, PowerShell Galerisi’nden indirilebilir ve yüklenebilir. Galeri PowerShellGet modülünü kullanır. PowerShellGet modülü PowerShell 3.0 veya daha yeni bir sürümü gerektirir ve aşağıdaki işletim sistemlerinden birini gerektirir:
- Windows 10
- Windows 8.1 Pro
- Windows 8.1 Enterprise
- Windows 7 SP1
- Windows Server 2016 TP5
- Windows Server 2012 R2
- Windows Server 2008 R2 SP1
PowerShellGet ayrıca .NET Framework 4.5 veya üzerini gerektirir. .NET Framework 4.5 veya üzeri sürümü buradan yükleyebilirsiniz.
AzureAD cmdlet'lerinin yüklenmesi hakkında daha ayrıntılı bilgi için bkz. Graph için Azure Active Directory PowerShell.
Bunlar, Graph için Azure Active Directory PowerShell modülündeki cmdlet'lerdir.
Yönetim Birimleri
| Add-AzureADMSAdministrativeUnitMember |
Adds an administrative unit member. |
| Add-AzureADMSScopedRoleMembership |
Adds a scoped role membership to an administrative unit. |
| Get-AzureADMSAdministrativeUnit |
Gets an administrative unit. |
| Get-AzureADMSAdministrativeUnitMember |
Gets a member of an administrative unit. |
| Get-AzureADMSScopedRoleMembership |
Gets a scoped role membership from an administrative unit. |
| New-AzureADMSAdministrativeUnit |
Creates an administrative unit. |
| Remove-AzureADMSAdministrativeUnit |
Removes an administrative unit. |
| Remove-AzureADMSAdministrativeUnitMember |
Removes an administrative unit member. |
| Remove-AzureADMSScopedRoleMembership |
Removes a scoped role membership. |
Uygulama Ara Sunucusu Uygulama Yönetimi
| Get-AzureADApplicationProxyApplication |
The Get-AzureADApplicationProxyApplication cmdlet retrieves an application configured for Application Proxy in Azure Active Directory. |
| Get-AzureADApplicationProxyApplicationConnectorGroup |
The Get-AzureADApplicationProxyApplicationConnectorGroup cmdlet retrieves the connector group assigned for a specific application. |
| New-AzureADApplicationProxyApplication |
The New-AzureADApplicationProxyApplication cmdlet creates a new application configured for Application Proxy in Azure Active Directory. |
| Remove-AzureADApplicationProxyApplication |
Deletes an Application Proxy application. |
| Remove-AzureADApplicationProxyApplicationConnectorGroup |
The Remove-AzureADApplicationProxyApplicationConnectorGroup cmdlet sets the connector group assigned for the specified application to 'Default' and removes the current assignment. |
| Set-AzureADApplicationProxyApplication |
The Set-AzureADApplicationProxyApplication allows you to modify and set configurations for an application in Azure Active Directory configured to use ApplicationProxy. |
| Set-AzureADApplicationProxyApplicationCustomDomainCertificate |
The Set-AzureADApplicationProxyApplicationCustomDomainCertificate cmdlet assigns a certificate to an application configured for Application Proxy in Azure Active Directory (AD). This will upload the certificate and allow the application to use Custom Domains. |
| Set-AzureADApplicationProxyApplicationSingleSignOn |
The Set-AzureADApplicationProxyApplicationSingleSignOn cmdlet allows you to set and modify single sign-on (SSO) settings for an application configured for Application Proxy in Azure Active Directory. |
Uygulama Ara Sunucusu BağlayıcıSı Yönetimi
| Get-AzureADApplicationProxyConnector |
The Get-AzureADApplicationProxyApplicationConnector cmdlet a list of all connectors, or if specified, details of a specific connector. |
| Get-AzureADApplicationProxyConnectorGroup |
The Get-AzureADApplicationProxyConnectorGroup cmdlet retrieves a list of all connector groups, or if specified, details of a specific connector group. |
| Get-AzureADApplicationProxyConnectorGroupMembers |
The Get-AzureADApplicationProxyConnectorGroupMembers gets all the Application Proxy connectors associated with the given connector group. |
| Get-AzureADApplicationProxyConnectorMemberOf |
The Get-AzureADApplicationProxyConnectorMemberOf command gets the ConnectorGroup that the specified Connector is a member of. |
| New-AzureADApplicationProxyConnectorGroup |
The New-AzureADApplicationProxyConnectorGroup cmdlet creates a new Application Proxy Connector group. |
| Remove-AzureADApplicationProxyConnectorGroup |
The Remove-AzureADApplicationProxyConnectorGroup cmdlet deletes an Application Proxy Connector group. |
| Set-AzureADApplicationProxyApplicationConnectorGroup |
The Set-AzureADApplicationProxyApplicationConnectorGroup cmdlet assigns the given connector group to a specified application. |
| Set-AzureADApplicationProxyConnector |
The Set-AzureADApplicationProxyConnector cmdlet allows reassignment of the connector to another connector group. |
| Set-AzureADApplicationProxyConnectorGroup |
The Set-AzureADApplicationProxyConnectorGroup cmdlet allows you to change the name of a given Application Proxy connector group. |
Uygulamalar
| Add-AzureADApplicationOwner |
Adds an owner to an application. |
| Get-AzureADApplication |
Gets an application. |
| Get-AzureADApplicationExtensionProperty |
Gets application extension properties. |
| Get-AzureADApplicationKeyCredential |
Gets the key credentials for an application. |
| Get-AzureADApplicationLogo |
Retrieve the logo of an application |
| Get-AzureADApplicationOwner |
Gets the owner of an application. |
| Get-AzureADApplicationPasswordCredential |
Gets the password credential for an application. |
| Get-AzureADApplicationServiceEndpoint |
Retrieve the service endpoint of an application |
| Get-AzureADDeletedApplication |
Retrieves the list of previously deleted applications |
| New-AzureADApplication |
Creates an application. |
| New-AzureADApplicationExtensionProperty |
Creates an application extension property. |
| New-AzureADApplicationKeyCredential |
Creates a key credential for an application. |
| New-AzureADApplicationPasswordCredential |
Creates a password credential for an application. |
| Remove-AzureADApplication |
Delete an application by objectId. |
| Remove-AzureADApplicationExtensionProperty |
Removes an application extension property. |
| Remove-AzureADApplicationKeyCredential |
Removes a key credential from an application. |
| Remove-AzureADApplicationOwner |
Removes an owner from an application. |
| Remove-AzureADApplicationPasswordCredential |
Removes a password credential from an application. |
| Set-AzureADApplication |
Updates an application. |
| Set-AzureADApplicationLogo |
Sets the logo for an Application |
AzureAD
| Add-AzureADMSApplicationOwner |
Adds an owner for an application object. |
| Add-AzureADMSServicePrincipalDelegatedPermissionClassification |
Add a classification for a delegated permission. |
| Get-AzureADApplicationProxyConnectorGroupMember |
{{ Fill in the Synopsis }} |
| Get-AzureADCurrentSessionInfo |
This cmdlet will return the current session state |
| Get-AzureADMSApplication |
Retrieves the list of applications within the organization. |
| Get-AzureADMSApplicationExtensionProperty |
Retrieves the list of extension properties on an application object. |
| Get-AzureADMSApplicationOwner |
Retrieves the list of owners for an application object. |
| Get-AzureADMSConditionalAccessPolicy |
Gets an Azure Active Directory conditional access policy. |
| Get-AzureADMSDeletedDirectoryObject |
This cmdlet is used to retrieve a soft deleted directory object from the directory |
| Get-AzureADMSDeletedGroup |
This cmdlet is used to retrieve the soft deleted groups in a directory. |
| Get-AzureADMSIdentityProvider |
This cmdlet is used to retrieve the configured identity providers in the directory. |
| Get-AzureADMSNamedLocationPolicy |
Gets an Azure Active Directory named location policy. |
| Get-AzureADMSPermissionGrantConditionSet |
Get an Azure Active Directory permission grant condition set by id. |
| Get-AzureADMSPermissionGrantPolicy |
Gets a permission grant policy. |
| Get-AzureADMSServicePrincipalDelegatedPermissionClassification |
Retreive the delegated permission classification objects on a service principal. |
| Get-CrossCloudVerificationCode |
Gets the verification code used to validate the ownership of the domain in another connected cloud. Important: Only applies to a verified domain. |
| New-AzureADMSApplication |
Creates (registers) a new application object. |
| New-AzureADMSApplicationExtensionProperty |
Creates an extension property on an application object. |
| New-AzureADMSApplicationKey |
Adds a new key to an application. |
| New-AzureADMSApplicationPassword |
Adds a strong password to an application. |
| New-AzureADMSConditionalAccessPolicy |
Creates a new conditional access policy in Azure Active Directory. |
| New-AzureADMSIdentityProvider |
This cmdlet is used to configure a new identity provider in the directory. |
| New-AzureADMSNamedLocationPolicy |
Creates a new named location policy in Azure Active Directory. |
| New-AzureADMSPermissionGrantConditionSet |
Create a new Azure Active Directory permission grant condition set in a given policy. |
| New-AzureADMSPermissionGrantPolicy |
Creates a permission grant policy. |
| Remove-AzureADDeletedApplication |
{{ Fill in the Synopsis }} |
| Remove-AzureADMSApplication |
Deletes an application object. |
| Remove-AzureADMSApplicationExtensionProperty |
Deletes an extension property from an application object. |
| Remove-AzureADMSApplicationKey |
Removes a key from an application. |
| Remove-AzureADMSApplicationOwner |
Removes an owner from an application object. |
| Remove-AzureADMSApplicationPassword |
Remove a password from an application. |
| Remove-AzureADMSApplicationVerifiedPublisher |
Removes the verified publisher from an application. |
| Remove-AzureADMSConditionalAccessPolicy |
Deletes a conditional access policy in Azure Active Directory by Id. |
| Remove-AzureADMSDeletedDirectoryObject |
This cmdlet is used to permanently delete a previously deleted directory object |
| Remove-AzureADMSIdentityProvider |
This cmdlet is used to delete an identity provider in the directory. |
| Remove-AzureADMSNamedLocationPolicy |
Deletes an Azure Active Directory named location policy by PolicyId. |
| Remove-AzureADMSPermissionGrantConditionSet |
Delete an Azure Active Directory permission grant condition set by id |
| Remove-AzureADMSPermissionGrantPolicy |
Removes a permission grant policy. |
| Remove-AzureADMSServicePrincipalDelegatedPermissionClassification |
Remove delegated permission classification. |
| Restore-AzureADMSDeletedDirectoryObject |
This cmdlet is used to restore a previously deleted object. |
| Set-AzureADMSAdministrativeUnit |
Updates an administrative unit. |
| Set-AzureADMSApplication |
Updates the properties of an application object. |
| Set-AzureADMSApplicationLogo |
Sets the logo for an application object. |
| Set-AzureADMSApplicationVerifiedPublisher |
Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. |
| Set-AzureADMSConditionalAccessPolicy |
Updates a conditional access policy in Azure Active Directory by Id. |
| Set-AzureADMSIdentityProvider |
This cmdlet is used to update the properties of an existing identity provider configured in the directory. |
| Set-AzureADMSNamedLocationPolicy |
Updates a named location policy in Azure Active Directory by PolicyId. |
| Set-AzureADMSPermissionGrantConditionSet |
Update an existing Azure Active Directory permission grant condition set. |
| Set-AzureADMSPermissionGrantPolicy |
Updates a permission grant policy. |
Certificate Authorities
| Get-AzureADTrustedCertificateAuthority |
Gets the trusted certificate authority. |
| New-AzureADTrustedCertificateAuthority |
Creates a trusted certificate authority. |
| Remove-AzureADTrustedCertificateAuthority |
Removes a trusted certificate authority. |
| Set-AzureADTrustedCertificateAuthority |
Updates a trusted certificate authority. |
Connect to your directory
| Connect-AzureAD |
Connects with an authenticated account to use Active Directory cmdlet requests. |
| Disconnect-AzureAD |
Disconnects the current session from an Azure Active Directory tenant. |
Kişiler
| Get-AzureADContact |
Gets a contact from Azure Active Directory. |
| Get-AzureADContactDirectReport |
Get the direct reports for a contact. |
| Get-AzureADContactManager |
Gets the manager of a contact. |
| Get-AzureADContactMembership |
Get a contact membership. |
| Get-AzureADContactThumbnailPhoto |
Retrieves the thumbnail photo of a contact |
| Remove-AzureADContact |
Removes a contact. |
| Remove-AzureADContactManager |
Removes a contact's manager. |
| Select-AzureADGroupIdsContactIsMemberOf |
Get groups in which a contact is a member. |
Sözleşmeler
| Get-AzureADContract |
Gets a contract. |
Silinen Nesneler
| Restore-AzureADDeletedApplication |
Restores a previously deleted application |
Cihazlar
| Add-AzureADDeviceRegisteredOwner |
Adds a registered owner for a device. |
| Add-AzureADDeviceRegisteredUser |
Adds a registered user for a device. |
| Get-AzureADDevice |
Gets a device from Active Directory. |
| Get-AzureADDeviceConfiguration |
This cmdlet retrieves the device configuration object |
| Get-AzureADDeviceRegisteredOwner |
Gets the registered owner of a device. |
| Get-AzureADDeviceRegisteredUser |
Gets a registered user. |
| New-AzureADDevice |
Creates a device. |
| Remove-AzureADDevice |
Deletes a device. |
| Remove-AzureADDeviceRegisteredOwner |
Removes the registered owner of a device. |
| Remove-AzureADDeviceRegisteredUser |
Removes a registered user from a device. |
| Set-AzureADDevice |
Updates a device. |
Directory
| Get-AzureADSubscribedSku |
Gets subscribed SKUs to Microsoft services. |
| Get-AzureADTenantDetail |
Gets the details of a tenant. |
| Set-AzureADTenantDetail |
Set contact details for a tenant |
Dizin Nesneleri
| Get-AzureADObjectByObjectId |
Retrieves the object(s) specified by the objectIds parameter |
Dizin Rolleri
| Add-AzureADDirectoryRoleMember |
Adds a member to a directory role. |
| Enable-AzureADDirectoryRole |
Activates an existing directory role in Azure Active Directory. |
| Get-AzureADDirectoryRole |
Gets a directory role. |
| Get-AzureADDirectoryRoleMember |
Gets members of a directory role. |
| Get-AzureADDirectoryRoleTemplate |
Gets directory role templates. |
| Get-AzureADMSRoleAssignment |
Gets information about role assignments in Azure AD. |
| Get-AzureADMSRoleDefinition |
Gets information about role definitions in Azure AD. |
| New-AzureADMSRoleAssignment |
Creates an Azure AD role assignment. |
| New-AzureADMSRoleDefinition |
Creates an Azure AD role definition. |
| Remove-AzureADDirectoryRoleMember |
Removes a member of a directory role. |
| Remove-AzureADMSRoleAssignment |
Removes an Azure AD role assignment. |
| Remove-AzureADMSRoleDefinition |
Removes an Azure AD role definition. |
| Set-AzureADMSRoleDefinition |
Update an existing Azure AD role definition. |
Etki Alanları
| Confirm-AzureADDomain |
Validate the ownership of a domain. |
| Get-AzureADDomain |
Gets a domain. |
| Get-AzureADDomainNameReference |
This cmdlet retrieves the objects that are referenced by a given domain name |
| Get-AzureADDomainServiceConfigurationRecord |
Gets the domain's service configuration records from the serviceConfigurationRecords navigation property. |
| Get-AzureADDomainVerificationDnsRecord |
Retrieve the domain verification DNS record for a domain |
| New-AzureADDomain |
Creates a domain. |
| Remove-AzureADDomain |
Removes a domain. |
| Set-AzureADDomain |
Updates a domain. |
Uzantı Özellikleri
| Get-AzureADExtensionProperty |
Gets extension properties registered with Azure AD. |
Gruplar
| Add-AzureADGroupMember |
Adds a member to a group. |
| Add-AzureADGroupOwner |
Adds an owner to a group. |
| Add-AzureADMSLifecyclePolicyGroup |
Adds a group to a lifecycle policy |
| Get-AzureADGroup |
Gets a group (via Microsoft Graph). |
| Get-AzureADGroupAppRoleAssignment |
Gets a group application role assignment. |
| Get-AzureADGroupMember |
Gets a member of a group. |
| Get-AzureADGroupOwner |
Gets an owner of a group. |
| Get-AzureADMSGroup |
Gets information about groups in the Microsoft Entra ID (via MS Graph). |
| Get-AzureADMSGroupLifecyclePolicy |
Retrieves the properties and relationships of a groupLifecyclePolicies object in Azure Active Directory. If you specify no parameters, this cmdlet gets all groupLifecyclePolicies. |
| Get-AzureADMSLifecyclePolicyGroup |
Retrieves the lifecycle policy object to which a group belongs. |
| New-AzureADGroup |
Creates a group. |
| New-AzureADGroupAppRoleAssignment |
Assign a group of users to an application role. |
| New-AzureADMSGroup |
Creates an Azure AD group. |
| New-AzureADMSGroupLifecyclePolicy |
Creates a new groupLifecyclePolicy |
| Remove-AzureADGroup |
Removes a group. |
| Remove-AzureADGroupAppRoleAssignment |
Delete a group application role assignment. |
| Remove-AzureADGroupMember |
Removes a member from a group. |
| Remove-AzureADGroupOwner |
Removes an owner from a group. |
| Remove-AzureADMSGroup |
Removes an Azure AD group. |
| Remove-AzureADMSGroupLifecyclePolicy |
Deletes a groupLifecyclePolicies object |
| Remove-AzureADMSLifecyclePolicyGroup |
Removes a group from a lifecycle policy |
| Reset-AzureADMSLifeCycleGroup |
Renews a group by updating the RenewedDateTime property on a group to the current DateTime. |
| Select-AzureADGroupIdsGroupIsMemberOf |
Gets group IDs that a group is a member of. |
| Set-AzureADGroup |
Updates a specific group in Azure Active Directory |
| Set-AzureADMSGroup |
Sets the properties for an existing Azure AD group. |
| Set-AzureADMSGroupLifecyclePolicy |
Updates a specific group Lifecycle Policy in Azure Active Directory |
OAuth2
| Get-AzureADOAuth2PermissionGrant |
Gets OAuth2PermissionGrant entities. |
| Remove-AzureADOAuth2PermissionGrant |
Removes an oAuth2PermissionGrant. |
İlkeler
| Get-AzureADMSAuthorizationPolicy |
Gets an authorization policy, which represents a policy that can control Azure Active Directory authorization settings. |
| Set-AzureADMSAuthorizationPolicy |
Updates an authorization policy, which represents a policy that can control Azure Active Directory authorization settings. |
Hizmet Sorumluları
| Add-AzureADServicePrincipalOwner |
Adds an owner to a service principal. |
| Get-AzureADServiceAppRoleAssignedTo |
Gets app role assignments for this app or service, granted to users, groups and other service principals. |
| Get-AzureADServiceAppRoleAssignment |
Gets a service principal application role assignment. |
| Get-AzureADServicePrincipal |
Gets a service principal. |
| Get-AzureADServicePrincipalCreatedObject |
Get objects created by a service principal. |
| Get-AzureADServicePrincipalKeyCredential |
Get key credentials for a service principal. |
| Get-AzureADServicePrincipalMembership |
Get a service principal membership. |
| Get-AzureADServicePrincipalOAuth2PermissionGrant |
Gets an oAuth2PermissionGrant object. |
| Get-AzureADServicePrincipalOwnedObject |
Gets an object owned by a service principal. |
| Get-AzureADServicePrincipalOwner |
Get the owner of a service principal. |
| Get-AzureADServicePrincipalPasswordCredential |
Get credentials for a service principal. |
| New-AzureADServiceAppRoleAssignment |
Assigns an app role to a user, a group, or another service principal. |
| New-AzureADServicePrincipal |
Creates a service principal. |
| New-AzureADServicePrincipalKeyCredential |
Create a new key credential for a service principal |
| New-AzureADServicePrincipalPasswordCredential |
Creates a password credential for a service principal. |
| Remove-AzureADServiceAppRoleAssignment |
Removes a service principal application role assignment. |
| Remove-AzureADServicePrincipal |
Removes a service principal. |
| Remove-AzureADServicePrincipalKeyCredential |
Removes a key credential from a service principal. |
| Remove-AzureADServicePrincipalOwner |
Removes an owner from a service principal. |
| Remove-AzureADServicePrincipalPasswordCredential |
Removes a password credential from a service principal. |
| Select-AzureADGroupIdsServicePrincipalIsMemberOf |
Selects the groups in which a service principal is a member. |
| Set-AzureADServicePrincipal |
Updates a service principal. |
Kullanıcılar
| Get-AzureADUser |
Gets a user. |
| Get-AzureADUserAppRoleAssignment |
Get a user application role assignment. |
| Get-AzureADUserCreatedObject |
Get objects created by the user. |
| Get-AzureADUserDirectReport |
Get the user's direct reports. |
| Get-AzureADUserExtension |
Gets a user extension. |
| Get-AzureADUserLicenseDetail |
Retrieves license details for a user |
| Get-AzureADUserManager |
Gets the manager of a user. |
| Get-AzureADUserMembership |
Get user memberships. |
| Get-AzureADUserOAuth2PermissionGrant |
Gets an oAuth2PermissionGrant object. |
| Get-AzureADUserOwnedDevice |
Get registered devices owned by a user. |
| Get-AzureADUserOwnedObject |
Get objects owned by a user. |
| Get-AzureADUserRegisteredDevice |
Get devices registered by a user. |
| Get-AzureADUserThumbnailPhoto |
Retrieve the thumbnail photo of a user |
| New-AzureADMSInvitation |
This cmdlet is used to invite a new external user to your directory. |
| New-AzureADUser |
Creates an Azure AD user. |
| New-AzureADUserAppRoleAssignment |
Assigns a user to an application role. |
| Remove-AzureADUser |
Removes a user. |
| Remove-AzureADUserAppRoleAssignment |
Removes a user application role assignment. |
| Remove-AzureADUserExtension |
Removes a user extension. |
| Remove-AzureADUserManager |
Removes a user's manager. |
| Revoke-AzureADSignedInUserAllRefreshToken |
Invalidates the refresh tokens issued to applications for the current user. |
| Revoke-AzureADUserAllRefreshToken |
Invalidates the refresh tokens issued to applications for a user. |
| Select-AzureADGroupIdsUserIsMemberOf |
Selects the groups that a user is a member of. |
| Set-AzureADUser |
Updates a user. |
| Set-AzureADUserExtension |
Sets a user extension. |
| Set-AzureADUserLicense |
Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. Note The Set-AzureADUserLicense cmdlet is deprecated. Learn how to assign licenses with Microsoft Graph PowerShell. For more info, see the Assign License Microsoft Graph API. |
| Set-AzureADUserManager |
Updates a user's manager. |
| Set-AzureADUserPassword |
Sets the password of a user. |
| Set-AzureADUserThumbnailPhoto |
Set the thumbnail photo for a user |
| Update-AzureADSignedInUserPassword |
Updates the password for the signed-in user. |