你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
AzureADPreview
重要
截至 2024 年 3 月 30 日,Azure AD 和 MSOnline PowerShell 模块已弃用。 若要了解详细信息,请阅读 弃用更新。 在此日期之后,对这些模块的支持仅限于 Microsoft Graph PowerShell SDK 和安全修补程序的迁移帮助。 弃用的模块将继续运行到 2025 年 3 月 30 日。
建议迁移到 Microsoft Graph PowerShell ,以便与 Microsoft Entra ID (以前为 Azure AD) 进行交互。 有关常见迁移问题,请参阅 迁移常见问题解答。 注意: 1.0.x 版 MSOnline 可能会在 2024 年 6 月 30 日之后遇到中断。
可以从 PowerShell 库下载并安装 Azure Active Directory PowerShell for Graph 预览版模块 ,www.powershellgallery.com。 该库使用 PowerShellGet 模块。 PowerShellGet 模块需要 PowerShell 3.0 或更高版本,并且需要以下操作系统之一:
Windows 10 Windows 8.1 专业版 Windows 8.1 企业版 Windows 7 SP1 Windows Server 2016 TP5 Windows Server 2012 R2 Windows Server 2008 R2 SP1
PowerShellGet 也需要 .NET Framework 4.5 或更高版本。 你可从此处安装 .NET Framework 4.5 或更高版本。 有关详细信息,请参阅此链接有关 AzureAD cmdlet 安装的更多详细信息,请参阅:Azure Active Directory PowerShell for Graph。
这些是 Azure Active Directory PowerShell for Graph 预览版模块中的 cmdlet。
管理单元
Add-AzureADAdministrativeUnitMember |
Adds an administrative unit member. |
Add-AzureADMSAdministrativeUnitMember |
Adds an administrative unit member. |
Add-AzureADMSScopedRoleMembership |
Adds a scoped role membership to an administrative unit. |
Add-AzureADScopedRoleMembership |
Adds a scoped role membership to an administrative unit. |
Get-AzureADAdministrativeUnit |
Gets an administrative unit. |
Get-AzureADAdministrativeUnitMember |
Gets a member of an administrative unit. |
Get-AzureADMSAdministrativeUnit |
Gets an administrative unit. |
Get-AzureADMSAdministrativeUnitMember |
Gets a member of an administrative unit. |
Get-AzureADMSGroupPermissionGrant |
Retrieves a list of permission grants that have been consented for this group. |
Get-AzureADMSScopedRoleMembership |
Gets a scoped role membership from an administrative unit. |
Get-AzureADScopedRoleMembership |
Gets a scoped role membership from an administrative unit. |
New-AzureADAdministrativeUnit |
Creates an administrative unit. |
New-AzureADMSAdministrativeUnit |
Creates an administrative unit. |
New-AzureADMSAdministrativeUnitMember |
Create a new object as a member of the administrativeUnit. Currently only group objects are supported. |
Remove-AzureADAdministrativeUnit |
Removes an administrative unit. |
Remove-AzureADAdministrativeUnitMember |
Removes an administrative unit member. |
Remove-AzureADMSAdministrativeUnit |
Removes an administrative unit. |
Remove-AzureADMSAdministrativeUnitMember |
Removes an administrative unit member. |
Remove-AzureADMSScopedRoleMembership |
Removes a scoped role membership. |
Remove-AzureADScopedRoleMembership |
Removes a scoped role membership. |
Set-AzureADAdministrativeUnit |
Updates an administrative unit. |
Set-AzureADMSAdministrativeUnit |
Updates an administrative unit. |
应用程序
Add-AzureADMSApplicationOwner |
Adds an owner for an application object. |
Get-AzureADMSApplication |
Retrieves the list of applications within the organization. |
Get-AzureADMSApplicationExtensionProperty |
Retrieves the list of extension properties on an application object. |
Get-AzureADMSApplicationOwner |
Retrieves the list of owners for an application object. |
New-AzureADMSApplication |
Creates (registers) a new application object. |
New-AzureADMSApplicationExtensionProperty |
Creates an extension property on an application object. |
New-AzureADMSApplicationKey |
Adds a new key to an application. |
New-AzureADMSApplicationPassword |
Adds a strong password to an application. |
Remove-AzureADMSApplication |
Deletes an application object. |
Remove-AzureADMSApplicationExtensionProperty |
Deletes an extension property from an application object. |
Remove-AzureADMSApplicationKey |
Removes a key from an application. |
Remove-AzureADMSApplicationOwner |
Removes an owner from an application object. |
Remove-AzureADMSApplicationPassword |
Remove a password from an application. |
Set-AzureADMSApplication |
Updates the properties of an application object. |
Set-AzureADMSApplicationLogo |
Sets the logo for an application object. |
应用程序代理应用程序管理
Get-AzureADApplicationProxyApplication |
The Get-AzureADApplicationProxyApplication cmdlet retrieves an application configured for Application Proxy in Azure Active Directory. |
Get-AzureADApplicationProxyApplicationConnectorGroup |
The Get-AzureADApplicationProxyApplicationConnectorGroup cmdlet retrieves the connector group assigned for a specific application. |
New-AzureADApplicationProxyApplication |
The New-AzureADApplicationProxyApplication cmdlet creates a new application configured for Application Proxy in Azure Active Directory. |
Remove-AzureADApplicationProxyApplication |
Deletes an Application Proxy application. |
Remove-AzureADApplicationProxyApplicationConnectorGroup |
The Remove-AzureADApplicationProxyApplicationConnectorGroup cmdlet sets the connector group assigned for the specified application to 'Default' and removes the current assignment. |
Set-AzureADApplicationProxyApplication |
The Set-AzureADApplicationProxyApplication allows you to modify and set configurations for an application in Azure Active Directory configured to use ApplicationProxy. |
Set-AzureADApplicationProxyApplicationCustomDomainCertificate |
The Set-AzureADApplicationProxyApplicationCustomDomainCertificate cmdlet assigns a certificate to an application configured for Application Proxy in Azure Active Directory (AD). This will upload the certificate and allow the application to use Custom Domains. |
Set-AzureADApplicationProxyApplicationSingleSignOn |
The Set-AzureADApplicationProxyApplicationSingleSignOn cmdlet allows you to set and modify single sign-on (SSO) settings for an application configured for Application Proxy in Azure Active Directory. |
应用程序代理连接器管理
Get-AzureADApplicationProxyConnector |
The Get-AzureADApplicationProxyApplicationConnector cmdlet a list of all connectors, or if specified, details of a specific connector. |
Get-AzureADApplicationProxyConnectorGroup |
The Get-AzureADApplicationProxyConnectorGroup cmdlet retrieves a list of all connector groups, or if specified, details of a specific connector group. |
Get-AzureADApplicationProxyConnectorGroupMembers |
The Get-AzureADApplicationProxyConnectorGroupMembers gets all the Application Proxy connectors associated with the given connector group. |
Get-AzureADApplicationProxyConnectorMemberOf |
The Get-AzureADApplicationProxyConnectorMemberOf command gets the ConnectorGroup that the specified Connector is a member of. |
New-AzureADApplicationProxyConnectorGroup |
The New-AzureADApplicationProxyConnectorGroup cmdlet creates a new Application Proxy Connector group. |
Remove-AzureADApplicationProxyConnectorGroup |
The Remove-AzureADApplicationProxyApplicationConnectorGroup cmdlet deletes an Application Proxy Connector group. |
Set-AzureADApplicationProxyApplicationConnectorGroup |
The Set-AzureADApplicationProxyApplicationConnectorGroup cmdlet assigns the given connector group to a specified application. |
Set-AzureADApplicationProxyConnector |
The Set-AzureADApplicationProxyConnector cmdlet allows reassignment of the connector to another connector group. |
Set-AzureADApplicationProxyConnectorGroup |
The Set-AzureADApplicationProxyConnectorGroup cmdlet allows you to change the name of a given Application Proxy connector group. |
应用程序
Add-AzureADApplicationOwner |
Adds an owner to an application. |
Add-AzureADApplicationPolicy |
The Add-AzureADApplicationPolicy cmdlet is not available at this time. |
Get-AzureADApplication |
Gets an application. |
Get-AzureADApplicationExtensionProperty |
Gets application extension properties. |
Get-AzureADApplicationKeyCredential |
Gets the key credentials for an application. |
Get-AzureADApplicationLogo |
Retrieve the logo of an application |
Get-AzureADApplicationOwner |
Gets the owner of an application. |
Get-AzureADApplicationPasswordCredential |
Gets the password credential for an application. |
Get-AzureADApplicationPolicy |
Gets an application policy. |
Get-AzureADApplicationServiceEndpoint |
Retrieve the service endpoint of an application |
Get-AzureADDeletedApplication |
Retrieves the list of previously deleted applications |
New-AzureADApplication |
Creates an application. |
New-AzureADApplicationExtensionProperty |
Creates an application extension property. |
New-AzureADApplicationKeyCredential |
Creates a key credential for an application. |
New-AzureADApplicationPasswordCredential |
Creates a password credential for an application. |
Remove-AzureADApplication |
Delete an application by objectId. |
Remove-AzureADApplicationExtensionProperty |
Removes an application extension property. |
Remove-AzureADApplicationKeyCredential |
Removes a key credential from an application. |
Remove-AzureADApplicationOwner |
Removes an owner from an application. |
Remove-AzureADApplicationPasswordCredential |
Removes a password credential from an application. |
Remove-AzureADMSApplicationVerifiedPublisher |
Removes the verified publisher from an application. |
Set-AzureADApplication |
Updates an application. |
Set-AzureADApplicationLogo |
Sets the logo for an Application |
Set-AzureADMSApplicationVerifiedPublisher |
Sets the verified publisher of an application to a verified Microsoft Partner Network (MPN) identifier. |
AzureADPreview
Add-AzureADMSServicePrincipalDelegatedPermissionClassification |
Add a classification for a delegated permission. |
Get-AzureADApplicationSignInDetailedSummary |
Get detailed sign in summaries |
Get-AzureADApplicationSignInSummary |
Get signin summary by last number of days |
Get-AzureADExternalDomainFederation |
Get an externalDomainFederation by external domain name. |
Get-AzureADMSApplicationTemplate |
Retrieve a list of applicationTemplate objects |
Get-AzureADMSConditionalAccessPolicy |
Gets an Azure Active Directory conditional access policy. |
Get-AzureADMSNamedLocationPolicy |
Gets an Azure Active Directory named location policy. |
Get-AzureADMSPasswordSingleSignOnCredential |
Gets the password SSO credentials |
Get-AzureADMSPermissionGrantConditionSet |
Get an Azure Active Directory permission grant condition set by id. |
Get-AzureADMSPermissionGrantPolicy |
Gets a permission grant policy. |
Get-AzureADMSServicePrincipalDelegatedPermissionClassification |
Retreive the delegated permission classification objects on a service principal. |
Get-AzureADPrivilegedRole |
{{ Fill in the Synopsis }} |
Get-AzureADPrivilegedRoleAssignment |
{{ Fill in the Synopsis }} |
Get-CrossCloudVerificationCode |
{{ Fill in the Synopsis }} |
New-AzureADExternalDomainFederation |
Create a new externalDomainFederation in Azure Active Directory |
New-AzureADMSApplicationFromApplicationTemplate |
Instantiates an application |
New-AzureADMSConditionalAccessPolicy |
Creates a new conditional access policy in Azure Active Directory. |
New-AzureADMSNamedLocationPolicy |
Creates a new named location policy in Azure Active Directory. |
New-AzureADMSPasswordSingleSignOnCredential |
Creates the password SSO credentials |
New-AzureADMSPermissionGrantConditionSet |
Create a new Azure Active Directory permission grant condition set in a given policy. |
New-AzureADMSPermissionGrantPolicy |
Creates a permission grant policy. |
New-AzureADPrivilegedRoleAssignment |
{{ Fill in the Synopsis }} |
Remove-AzureADApplicationPolicy |
Removes an application policy. |
Remove-AzureADDeletedApplication |
{{ Fill in the Synopsis }} |
Remove-AzureADExternalDomainFederation |
Delete an externalDomainFederation by external domain name. |
Remove-AzureADMSConditionalAccessPolicy |
Deletes a conditional access policy in Azure Active Directory by Id. |
Remove-AzureADMSNamedLocationPolicy |
Deletes an Azure Active Directory named location policy by PolicyId. |
Remove-AzureADMSPasswordSingleSignOnCredential |
Removes the password SSO credentials |
Remove-AzureADMSPermissionGrantConditionSet |
Delete an Azure Active Directory permission grant condition set by id |
Remove-AzureADMSPermissionGrantPolicy |
Removes a permission grant policy. |
Remove-AzureADMSServicePrincipalDelegatedPermissionClassification |
Remove delegated permission classification. |
Remove-AzureADServicePrincipalPolicy | |
Set-AzureADMSConditionalAccessPolicy |
Updates a conditional access policy in Azure Active Directory by Id. |
Set-AzureADMSNamedLocationPolicy |
Updates a named location policy in Azure Active Directory by PolicyId. |
Set-AzureADMSPasswordSingleSignOnCredential |
Sets the password SSO credentials |
Set-AzureADMSPermissionGrantConditionSet |
Update an existing Azure Active Directory permission grant condition set. |
Set-AzureADMSPermissionGrantPolicy |
Updates a permission grant policy. |
证书颁发机构
Get-AzureADTrustedCertificateAuthority |
Gets the trusted certificate authority. |
New-AzureADTrustedCertificateAuthority |
Creates a trusted certificate authority. |
Remove-AzureADTrustedCertificateAuthority |
Removes a trusted certificate authority. |
Set-AzureADTrustedCertificateAuthority |
Updates a trusted certificate authority. |
连接到目录
Connect-AzureAD |
Connects with an authenticated account to use Active Directory cmdlet requests. |
Disconnect-AzureAD |
Disconnects the current session from an Azure Active Directory tenant. |
Get-AzureADCurrentSessionInfo |
This cmdlet will return the current session state |
联系人
Get-AzureADContact |
Gets a contact from Azure Active Directory. |
Get-AzureADContactDirectReport |
Get the direct reports for a contact. |
Get-AzureADContactManager |
Gets the manager of a contact. |
Get-AzureADContactMembership |
Get a contact membership. |
Get-AzureADContactThumbnailPhoto |
Retrieves the thumbnail photo of a contact |
Remove-AzureADContact |
Removes a contact. |
Remove-AzureADContactManager |
Removes a contact's manager. |
Select-AzureADGroupIdsContactIsMemberOf |
Get groups in which a contact is a member. |
协定
Get-AzureADContract |
Gets a contract. |
自定义安全属性
Add-AzureADMScustomSecurityAttributeDefinitionAllowedValues |
Adds a predefined value for a custom security attribute definition. |
Get-AzureADMSAttributeSet |
Gets a list of attribute sets. |
Get-AzureADMSCustomSecurityAttributeDefinition |
Gets a list of custom security attribute definitions. |
Get-AzureADMSCustomSecurityAttributeDefinitionAllowedValue |
Gets the predefined value for a custom security attribute definition. |
New-AzureADMSAttributeSet |
Adds a new attribute set. |
New-AzureADMSCustomSecurityAttributeDefinition |
Adds a new custom security attribute definition. |
Set-AzureADMSAttributeSet |
Updates an existing attribute set. |
Set-AzureADMSCustomSecurityAttributeDefinition |
Updates an existing custom security attribute definition. |
Set-AzureADMSCustomSecurityAttributeDefinitionAllowedValue |
Updates an existing custom security attribute definition predefined value. |
已删除的对象
Get-AzureADMSDeletedDirectoryObject |
This cmdlet is used to retrieve a soft deleted directory object from the directory |
Get-AzureADMSDeletedGroup |
This cmdlet is used to retrieve the soft deleted groups in a directory. |
Remove-AzureADMSDeletedDirectoryObject |
This cmdlet is used to permanently delete a previously deleted directory object |
Restore-AzureADDeletedApplication |
Restores a previously deleted application |
Restore-AzureADMSDeletedDirectoryObject |
This cmdlet is used to restore a previously deleted object. |
设备
Add-AzureADDeviceRegisteredOwner |
Adds a registered owner for a device. |
Add-AzureADDeviceRegisteredUser |
Adds a registered user for a device. |
Get-AzureADDevice |
Gets a device from Active Directory. |
Get-AzureADDeviceConfiguration |
This cmdlet retrieves the device configuration object |
Get-AzureADDeviceRegisteredOwner |
Gets the registered owner of a device. |
Get-AzureADDeviceRegisteredUser |
Gets a registered user. |
New-AzureADDevice |
Creates a device. |
Remove-AzureADDevice |
Deletes a device. |
Remove-AzureADDeviceRegisteredOwner |
Removes the registered owner of a device. |
Remove-AzureADDeviceRegisteredUser |
Removes a registered user from a device. |
Set-AzureADDevice |
Updates a device. |
Directory
Get-AzureADSubscribedSku |
Gets subscribed SKUs to Microsoft services. |
Get-AzureADTenantDetail |
Gets the details of a tenant. |
Set-AzureADTenantDetail |
Set contact details for a tenant |
目录审核
Get-AzureADAuditDirectoryLogs |
Get directory audit logs |
Get-AzureADAuditSignInLogs |
Get audit logs of sign ins. |
目录对象
Get-AzureADObjectByObjectId |
Retrieves the object(s) specified by the objectIds parameter |
目录角色
Add-AzureADDirectoryRoleMember |
Adds a member to a directory role. |
Enable-AzureADDirectoryRole |
Activates an existing directory role in Azure Active Directory. |
Get-AzureADDirectoryRole |
Gets a directory role. |
Get-AzureADDirectoryRoleMember |
Gets members of a directory role. |
Get-AzureADDirectoryRoleTemplate |
Gets directory role templates. |
Remove-AzureADDirectoryRoleMember |
Removes a member of a directory role. |
目录设置
Get-AzureADDirectorySetting |
Gets a directory setting. |
Get-AzureADDirectorySettingTemplate |
Gets a directory setting template. |
New-AzureADDirectorySetting |
Creates a directory settings object. |
Remove-AzureADDirectorySetting |
Deletes a directory setting in Azure Active Directory. |
Set-AzureADDirectorySetting |
Updates a directory setting in Azure Active Directory. |
域
Confirm-AzureADDomain |
Validate the ownership of a domain. |
Get-AzureADDomain |
Gets a domain. |
Get-AzureADDomainNameReference |
This cmdlet retrieves the objects that are referenced by a given domain name |
Get-AzureADDomainServiceConfigurationRecord |
Gets the domain's service configuration records from the serviceConfigurationRecords navigation property. |
Get-AzureADDomainVerificationDnsRecord |
Retrieve the domain verification DNS record for a domain |
New-AzureADDomain |
Creates a domain. |
Remove-AzureADDomain |
Removes a domain. |
Set-AzureADDomain |
Updates a domain. |
扩展属性
Get-AzureADExtensionProperty |
Gets extension properties registered with Azure AD. |
组
Add-AzureADGroupMember |
Adds a member to a group. |
Add-AzureADGroupOwner |
Adds an owner to a group. |
Add-AzureADMSLifecyclePolicyGroup |
Adds a group to a lifecycle policy |
Get-AzureADGroup |
Gets a group. |
Get-AzureADGroupAppRoleAssignment |
Gets a group application role assignment. |
Get-AzureADGroupMember |
Gets a member of a group. |
Get-AzureADGroupOwner |
Gets an owner of a group. |
Get-AzureADMSGroup |
Gets information about groups in Azure AD. |
Get-AzureADMSGroupLifecyclePolicy |
Retrieves the properties and relationships of a groupLifecyclePolicies object in Azure Active Directory |
Get-AzureADMSLifecyclePolicyGroup |
Retrieves the lifecycle policy object to which a group belongs. |
New-AzureADGroup |
Creates a group. |
New-AzureADGroupAppRoleAssignment |
Assign a group of users to an application role. |
New-AzureADMSGroup |
Creates an Azure AD group. |
New-AzureADMSGroupLifecyclePolicy |
Creates a new groupLifecyclePolicy |
Remove-AzureADGroup |
Removes a group. |
Remove-AzureADGroupAppRoleAssignment |
Delete a group application role assignment. |
Remove-AzureADGroupMember |
Removes a member from a group. |
Remove-AzureADGroupOwner |
Removes an owner from a group. |
Remove-AzureADMSGroup |
Removes an Azure AD group. |
Remove-AzureADMSGroupLifecyclePolicy |
Deletes a groupLifecyclePolicies object |
Remove-AzureADMSLifecyclePolicyGroup |
Removes a group from a lifecycle policy |
Reset-AzureADMSLifeCycleGroup |
Renews a group by updating the RenewedDateTime property on a group to the current DateTime. |
Select-AzureADGroupIdsGroupIsMemberOf |
Gets group IDs that a group is a member of. |
Set-AzureADGroup |
Updates a specific group in Azure Active Directory |
Set-AzureADMSGroup |
{{Fill in the Synopsis}} |
Set-AzureADMSGroupLifecyclePolicy |
Updates a specific group Lifecycle Policy in Azure Active Directory |
标识提供者管理
Get-AzureADMSIdentityProvider |
This cmdlet is used to retrieve the configured identity providers in the directory. |
New-AzureADMSIdentityProvider |
This cmdlet is used to configure a new identity provider in the directory. |
Remove-AzureADMSIdentityProvider |
This cmdlet is used to delete an identity provider in the directory. |
Set-AzureADMSIdentityProvider |
This cmdlet is used to update the properties of an existing identity provider configured in the directory. |
OAuth2
Get-AzureADOAuth2PermissionGrant |
Gets OAuth2PermissionGrant entities. |
Remove-AzureADOAuth2PermissionGrant |
Removes an oAuth2PermissionGrant. |
对象设置
Get-AzureADObjectSetting |
Gets an object setting. |
New-AzureADObjectSetting |
Creates a settings object. |
Remove-AzureADObjectSetting |
Deletes settings in Azure Active Directory. |
Set-AzureADObjectSetting |
Updates object settings. |
策略
Get-AzureADMSAuthorizationPolicy |
Gets an authorization policy. |
Get-AzureADPolicy |
Gets a policy. |
Get-AzureADPolicyAppliedObject | |
New-AzureADPolicy |
Creates a policy. |
Remove-AzureADPolicy |
Removes a policy. |
Set-AzureADMSAuthorizationPolicy |
Updates an authorization policy. |
Set-AzureADPolicy |
Updates a policy. |
特权角色管理
Add-AzureADMSPrivilegedResource |
Use this API to add a new azure AD MS privileged resource. |
Close-AzureADMSPrivilegedRoleAssignmentRequest |
Cancel a AzureADMSPrivilegedRoleAssignmentRequest |
Get-AzureADMSPrivilegedResource |
Get azure AD MS privileged resource |
Get-AzureADMSPrivilegedRoleAssignment |
Get role assignments for a specific provider and resource |
Get-AzureADMSPrivilegedRoleAssignmentRequest |
Get role assignment request for a specific resource |
Get-AzureADMSPrivilegedRoleDefinition |
Get role definitions |
Get-AzureADMSPrivilegedRoleSetting |
Get role settings |
Open-AzureADMSPrivilegedRoleAssignmentRequest |
Create a role assignment request |
Set-AzureADMSPrivilegedRoleAssignmentRequest |
Update a role assignment request |
Set-AzureADMSPrivilegedRoleSetting |
Update role setting |
角色管理
Get-AzureADMSRoleAssignment |
Gets information about role assignments in Azure AD. |
Get-AzureADMSRoleDefinition |
Gets information about role definitions in Azure AD. |
New-AzureADMSRoleAssignment |
Creates an Azure AD role assignment. |
New-AzureADMSRoleDefinition |
Creates an Azure AD role definition. |
Remove-AzureADMSRoleAssignment |
Removes a role assignment. |
Remove-AzureADMSRoleDefinition |
Removes a role definition. |
Set-AzureADMSRoleDefinition |
Update a role definition. |
服务主体
Add-AzureADServicePrincipalOwner |
Adds an owner to a service principal. |
Add-AzureADServicePrincipalPolicy |
Adds a service principal policy. |
Get-AzureADMSServicePrincipal |
Gets a service principal. |
Get-AzureADServiceAppRoleAssignedTo |
{{Fill in the Synopsis}} |
Get-AzureADServiceAppRoleAssignment |
Gets a service principal application role assignment. |
Get-AzureADServicePrincipal |
Gets a service principal. |
Get-AzureADServicePrincipalCreatedObject |
Get objects created by a service principal. |
Get-AzureADServicePrincipalKeyCredential |
Get key credentials for a service principal. |
Get-AzureADServicePrincipalMembership |
Get a service principal membership. |
Get-AzureADServicePrincipalOAuth2PermissionGrant |
Gets an oAuth2PermissionGrant object. |
Get-AzureADServicePrincipalOwnedObject |
Gets an object owned by a service principal. |
Get-AzureADServicePrincipalOwner |
Get the owner of a service principal. |
Get-AzureADServicePrincipalPasswordCredential |
Get credentials for a service principal. |
Get-AzureADServicePrincipalPolicy | |
New-AzureADServiceAppRoleAssignment |
Assigns a service principal to an application role. |
New-AzureADServicePrincipal |
Creates a service principal. |
New-AzureADServicePrincipalKeyCredential |
Create a new key credential for a service principal |
New-AzureADServicePrincipalPasswordCredential |
Creates a password credential for a service principal. |
Remove-AzureADServiceAppRoleAssignment |
Removes a service principal application role assignment. |
Remove-AzureADServicePrincipal |
Removes a service principal. |
Remove-AzureADServicePrincipalKeyCredential |
Removes a key credential from a service principal. |
Remove-AzureADServicePrincipalOwner |
Removes an owner from a service principal. |
Remove-AzureADServicePrincipalPasswordCredential |
Removes a password credential from a service principal. |
Select-AzureADGroupIdsServicePrincipalIsMemberOf |
Selects the groups in which a service principal is a member. |
Set-AzureADMSServicePrincipal |
Updates a service principal. |
Set-AzureADServicePrincipal |
Updates a service principal. |
分阶段推出
Add-AzureADMSFeatureRolloutPolicyDirectoryObject |
Allows an admin to add a group to the cloud authentication roll-out policy in Azure AD. Users in this group will start authenticating to the cloud per policy. |
Get-AzureADMSFeatureRolloutPolicy |
Gets the policy for cloud authentication roll-out in Azure Active Directory. |
New-AzureADMSFeatureRolloutPolicy |
Allows an admin to create the policy for cloud authentication roll-out in Azure AD. |
Remove-AzureADMSFeatureRolloutPolicy |
Allows an admin to remove the policy for cloud authentication roll-out in Azure AD. |
Remove-AzureADMSFeatureRolloutPolicyDirectoryObject |
Allows an admin to remove a group from the cloud authentication rollout policy in Azure AD. Users in this group will revert back to the authenticating using the global policy (in most cases this will be federation). |
Set-AzureADMSFeatureRolloutPolicy |
Allows an admin to modify the policy for cloud authentication roll-out in Azure AD. |
信任框架策略管理
Get-AzureADMSTrustFrameworkPolicy |
This cmdlet is used to retrieve the created trust framework policies (custom policies) in the directory. |
New-AzureADMSTrustFrameworkPolicy |
This cmdlet is used to create a trust framework policy (custom policy) in the directory. |
Remove-AzureADMSTrustFrameworkPolicy |
This cmdlet is used to delete a trust framework policy (custom policy) in the directory. |
Set-AzureADMSTrustFrameworkPolicy |
This cmdlet is used to update a trust framework policy (custom policy) in the directory. |
用户
Get-AzureADMSUser |
Gets a user. |
Get-AzureADUser |
Gets a user. |
Get-AzureADUserAppRoleAssignment |
Get a user application role assignment. |
Get-AzureADUserCreatedObject |
Get objects created by the user. |
Get-AzureADUserDirectReport |
Get the user's direct reports. |
Get-AzureADUserExtension |
Gets a user extension. |
Get-AzureADUserLicenseDetail |
Retrieves license details for a user |
Get-AzureADUserManager |
Gets the manager of a user. |
Get-AzureADUserMembership |
Get user memberships. |
Get-AzureADUserOAuth2PermissionGrant |
Gets an oAuth2PermissionGrant object. |
Get-AzureADUserOwnedDevice |
Get registered devices owned by a user. |
Get-AzureADUserOwnedObject |
Get objects owned by a user. |
Get-AzureADUserRegisteredDevice |
Get devices registered by a user. |
Get-AzureADUserThumbnailPhoto |
Retrieve the thumbnail photo of a user |
New-AzureADMSInvitation |
This cmdlet is used to invite a new external user to your directory. |
New-AzureADUser |
Creates an AD user. |
New-AzureADUserAppRoleAssignment |
Assigns a user to an application role. |
Remove-AzureADUser |
Removes a user. |
Remove-AzureADUserAppRoleAssignment |
Removes a user application role assignment. |
Remove-AzureADUserExtension |
Removes a user extension. |
Remove-AzureADUserManager |
Removes a user's manager. |
Revoke-AzureADSignedInUserAllRefreshToken |
Invalidates the refresh tokens issued to applications for the current user. |
Revoke-AzureADUserAllRefreshToken |
Invalidates the refresh tokens issued to applications for a user. |
Select-AzureADGroupIdsUserIsMemberOf |
Selects the groups that a user is a member of. |
Set-AzureADMSUser |
Updates a user. |
Set-AzureADUser |
Updates a user. |
Set-AzureADUserExtension |
Sets a user extension. |
Set-AzureADUserLicense |
Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. Note The Set-AzureADUserLicense cmdlet is deprecated. Learn how to assign licenses with Microsoft Graph PowerShell. For more info, see the Assign License Microsoft Graph API. |
Set-AzureADUserManager |
Updates a user's manager. |
Set-AzureADUserPassword |
Sets the password of a user. |
Set-AzureADUserThumbnailPhoto |
Set the thumbnail photo for a user |
Update-AzureADSignedInUserPassword |
Updates the password for the signed-in user. |