The Microsoft Graph operates on a least permission model, which means that developers are forced to ask for permissions for the actions they wish to perform. This is a very different approach to the way traditional PowerShell modules work, so it's an area to focus on when converting scripts which use cmdlets from the Azure AD and MSOL modules to the Microsoft Graph PowerShell SDK. In this article, we look at four ways to find out what permissions are needed to perform different actions and explain how the Graph use the permissions.
Microsoft has announced a six month extension for support of the Azure AD Graph API. The new deadline is the end of 2022, which gives Microsoft 365 tenants some extra time to convert PowerShell scripts which use the Azure AD and MSOL modules. The original deadline for retirement of the Azure AD license management cmdlets remains at June 30, 2022.
On this week's show, Paul and Steve are joined by Microsoft MVP Tom Morgan to discuss Teams Development. As an IT Pro, find out why it's worth expanding your skillset - plus we've all the latest news in the world of Microsoft 365 as always.
Azure Automation runbooks can run Exchange Online PowerShell code on sandbox machines. Is this a good way of getting work done? In this article, we examine how to create an Azure automation account, a RunAs account, and some runbooks for PowerShell code to run against Exchange Online and other Microsoft 365 data.
Lots happened in 2021. Looking back on events, Tony Redmond has figured out five themes that will influence Microsoft 365 tenants in 2022. You might disagree with the list Tony created (and let us know why). At least it's a prompt to be proactive and think about how developments will affect your tenant operations in 2022.
Although it's easy to write scripts using cmdlets in the Microsoft Graph PowerShell, SDK you probably don't want to execute the scripts interactively. In this article, we explain how to use certificate-based (app-only) authentication to run scripts. This is very much an explanation about how to accomplish the task in a testing environment. If you want to run scripts in production, some extra work is needed.
The Microsoft Graph SDK for PowerShell can be used for many purposes, among which is access to Azure AD account sign-in data. In this article, we explain how to use the SDK cmdlets to retrieve sign-in data for both tenant and guest accounts and report what we find. You can use the report to identify potentially unused accounts which might not need some expensive licenses, or guest accounts that are no longer used.
Along with the general availability of a new Graph Export API for Teams, Microsoft is introducing new licensing and charging models. Understanding the charging incurred for different uses will take some time to sort out and could pose real challenges for ISVs working in the migration space. Developers need to understand terms like model A and model B, seeded capacity, and consumption units and how these apply to their apps. The question now is if this is a test bed for Microsoft to apply similar charges to other APIs.
The Microsoft Graph SDK for PowerShell exists to help developers use Graph API calls from PowerShell. It works, but like anything in life, there's a right way to connect and use the SDK and a wrong way. In this article we explore topics like how to connect to the right tenant, how permissions are managed (or not), and why running Graph SDK cmdlets interactively isn't something you should do in production. Good as the SDK is, Microsoft has some big issues to solve to address some obvious security issues.
Within large organizations utilizing Teams, generating reports on channel storage and then migrating this data is extremely difficult. To help map out how Teams uses SharePoint, this article introduces a simple Graph API/PowerShell script to report Teams channels and their SharePoint locations and walks you through the steps so you can run the report yourself.