How to Access Azure AD in PowerShell

Just as you can use PowerShell to manage on-premises Active Directory environments, you can use PowerShell to manage Azure AD.

Azure AD can be managed through the GUI-based management console, but using PowerShell provides several advantages. For example, PowerShell makes it easy to perform bulk management operations. If you need to change multiple user accounts, you could do so more quickly and easily in PowerShell than by manually editing each account through the GUI.

PowerShell also lets you perform scripted operations, which can result in greater efficiencies. For instance, when a new user joins your company, you can use a PowerShell script to handle the account creation and onboarding process.

Before we learn how to connect Azure AD to PowerShell, note that Microsoft lets you use both PowerShell and the GUI-based management console. You can switch tools as needed. That means you can use PowerShell when it makes sense to do so, then switch to the GUI environment for everything else.

Install the Azure AD PowerShell Module

To connect Azure AD to PowerShell, you must first install the Azure AD PowerShell module. The module is not installed in PowerShell by default.

PowerShell includes several thousand cmdlets to manage Windows. However, PowerShell can manage more than just the Windows operating system. It can be used with a variety of Microsoft server products, Azure AD, and even Linux machines. That’s where modules come into play.

Related:How To Import the PowerShell Active Directory Module

For readers who are unfamiliar with the concept of PowerShell modules, modules are what makes PowerShell extensible. Modules are a collection of custom cmdlets you can add to PowerShell’s native capabilities. For example, the Azure AD module includes cmdlets related to managing Azure AD. Incidentally, PowerShell makes it relatively easy to create modules and custom cmdlets.

If you are curious to see the modules currently installed on your system, enter the Get-InstalledModule cmdlet. As you can see in Figure 1, the command will produce a list.

Azure AD PowerShelll 1

Figure 1. You can use the Get-InstalledModule cmdlet to find out what modules are installed.

To install the Azure AD module, enter the following commands:

Get-Module AzureAD -ListAvailableInstall-Module AzureAD

If this command results in an error, make sure that you are working from an elevated (administrative) PowerShell session.

You can use this same technique to install a more recent version of the Azure AD module if it is already installed on your computer. Just append the -Force parameter to the Install-Module command. You can see what this looks like in Figure 2.

Azure AD PowerShelll 2

Figure 2. You will need to append the -Force parameter to upgrade to a newer module version.

Connect Azure AD to PowerShell

Once the Azure AD module has been installed, enter the following commands to establish a connection to Azure AD:

$Cred=Get-CredentialConnect-AzureAD -Credential $Cred

The first command causes PowerShell to display a password prompt. Here, you will need to enter your Azure AD credentials.

The second command establishes the connection to Azure AD. Figure 3 shows what this looks like, although some of the connection-related data has been redacted for privacy reasons.

Azure AD PowerShelll 3

Figure 3. This is how you establish a connection to Azure AD.

Using the Azure AD Module Cmdlets

At this point, you have established the necessary connection and can begin managing Azure AD from the command line.

If you aren’t quite sure what to do next, I suggest looking at the PowerShell cmdlets included in the Azure AD module. To do so, enter the following command:

Get-Command -Module AzureAD

Azure AD PowerShelll 4

Figure 4. You can use the Get-Command cmdlet to see a list of the available commands.

Find the syntax for any of these commands by either looking up the cmdlet online or entering Get-Help followed by the command you need the syntax for.

Azure AD PowerShelll 5

Figure 5. You can use the Get-Help command to display the syntax for any unfamiliar cmdlets.