Which connector group publishes and Azure Application Proxy app?

I had the issue that I need Enterprise Applications to be published via another Connector Group. Azure doesn’t only not show a reliable value of how many app are using a specific Connector Group, but also doesn’t show which those are. So I wrote this little script to take care of it:

Azure Application Proxy – Replace Certificate

Every year again… comes a new SSL-certificate and want to be replaced. Since doing so within the Azure Portal is quite a tedious task, here’s a script that gets the work done quite easily and fast. Simply adjust the constants in the script’s header, and you’re all set.

PowerShell and REST API: Part 1

It took me quite a while figuring this one out and understanding it. I hope this article helps you save some time. So you want to “automate stuff” with PowerShell via REST API, without a user account? Here’s your tutorial. Remark: In order to do anything, we still need to authenticate somehow… This is done Read more about PowerShell and REST API: Part 1[…]

Report all Azure AD role assignments

Having “historically grown” structures it could happen that you lose the overview of all role assisgnments in Azure AD. With this script you can create a report:

 

Enable MFA for all Azure AD users

“Safety first”… well, security first fits better. There are two ways to trigger MFA within the Microsoft Cloud environment: Conditional Access Directly on the user object within Azure AD If there is company policy for example, which requires all administrative accounts to have MFA enabled within their user objects this script help:

This script Read more about Enable MFA for all Azure AD users[…]

Weiterleitung von Mails via PowerShell

Ein Kollege hatte das Problem, dass er einige Tausend Mails weiterleiten musste und die Outlook-Regel nicht gegriffen hat. dafür habe ihm ein kleines Script geschrieben, welches alle Mails in Posteingang an eine definierte Zieladresse weiterleitet:

Man kann mit “Folders.Item(‘…’).Folder.Item(‘…’)…etc….” weiter durch die Ordnerstruktur browsen. Im Internet finden sich noch weitere Befehle, die man im Read more about Weiterleitung von Mails via PowerShell[…]

Custom RBAC Role in Azure

Um innerhalb vom Azure Resource Manager granularere Berechtigungen zu verteilen, braucht man customized Rollen. Dieses lassen sich per Shell erstellen. In diesem Beispiel möchte ich den Kollegen Contributor Rechte auf deren ResourceGroups geben, jedoch verhindern, dass sie irgendetwas am Netzwerk-Stack ändern können:

Möchte man nun nicht nur Befehle ausschließen, sondern in weiteren Rollen auch Read more about Custom RBAC Role in Azure[…]