Although it’s easy to write scripts using cmdlets in the Microsoft Graph SDK for PowerShell, you probably don’t want to execute the scripts interactively. In this article, we explain how to use certificate-based (app-only) authentication to run scripts. This is very much an explanation about how to accomplish the task in a testing environment. If you want to run scripts in production, some extra work is needed.
The Microsoft Graph SDK for PowerShell can be used for many purposes, among which is access to Azure AD account sign-in data. In this article, we explain how to use the SDK cmdlets to retrieve sign-in data for both tenant and guest accounts and report what we find. You can use the report to identify potentially unused accounts which might not need some expensive licenses, or guest accounts that are no longer used.
The Microsoft Graph SDK for PowerShell exists to help developers use Graph API calls from PowerShell. It works, but like anything in life, there’s a right way to connect and use the SDK and a wrong way. In this article we explore topics like how to connect to the right tenant, how permissions are managed (or not), and why running Graph SDK cmdlets interactively isn’t something you should do in production. Good as the SDK is, Microsoft has some big issues to solve to address some obvious security issues.
On June 30, 2022, Azure AD and Microsoft Online Services cmdlets will stop working for license management. The result is that you need to upgrade PowerShell scripts which use these cmdlets. The choice is to use Graph API calls or cmdlets from the Microsoft Graph PowerShell SDK. In this article, we explore the steps necessary to upgrade a script to remove service plans from an Office 365 license (SKU).