Requesting access with Azure AD Privileged Identity Management from PowerShell

-
Using Azure AD Privileged Identity Management (PIM for short) as a method to control access to Azure resource are nice security feature. It makes it more trackable and gives the granted roles for a defined time period. 

You can add approval as a necessary add-on security feature, use MFA or other adjustments. Read more about PIM here.

BUT! it can also feel like a pain in the... if you use it a lot. So I created a small and simple PowerShell script to request the access for me.
In my Github repo you can find the "Req-GlobalAdmin.ps1". It should be fairly easy to change it to other roles. Just play around with the line:

"Get-AzureADMSPrivilegedRoleDefinition -ProviderId aadRoles -ResourceId $TennantID | Where-Object {$_.DisplayName -Match 'Global Administrator'} | Select-Object -ExpandProperty Id"
So the script are located here:

And more info and possibilities are to be found at Microsoft Docs here

Popular posts from this blog

Installing Android on a Hyper-V virtual machine

-
Image
Working with mobile device management (MDM) require a lot of testing. With Windows 10 testing is no problem (except those things that demand to be done on a physical device by different reasons), they can easily be run virtual. But when it comes to phones and tablets it have not been that easy. Visual Studio and some other solutions where out there, but they did not come with Store access or they had dependence which excluded Hyper-V from running. Some Emulators runs in a Hyper-V VM with Windows 10, but not on the host itself. So, if you got it to work it was usually slow and painful.
Read more

Quick guide on how to run BgInfo background as Group Policy login

-
Image
I know, it's simple. But I always forget some minor details when it have been a while since last time. So this blogpost is more a reminder to my self. Goal = Get same background picture an all PC (and/or Server) Doing it very simplified and easy in this guide, but you should normally use  folder structure for the files and a suitable Group Policy or more for the setting themself.
Read more

MDT: TimeZoneName and index number list

-
Remebering time zone name and number are a hasle so here are the list for the next time you (or I) need it. Norwegian settings for MDT are: TimeZone=110 TimeZoneName=W. Europe Standard Time (InputLocale=0414:00000414) (KeyboardLocale=nb-NO) The complete list are as following:
Read more