AzureAD module for Graph Notes

1.  How to install AzureAD module without internet connection
1. Download nupkg file from PowerShell Gallery
2. for module that has dependences, you can download all nupkg files into same folder
3. copy nupkg file to a dedicated folder
4. Assuming you have NuGet available, run "Register-PSRepository -Name <pickAName4YourRepository> -SourceLocation <absolute path to nupkg file>"
5. You can now "find-module -repository <repositoryName>"
6. "Install-Module -Name <moduleName>"
7. placeholder
2. Install modules behind company proxy
2. run below as admin
3. [System.Net.WebRequest]::DefaultWebProxy.Credentials = Get-Credential
4. [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
3. ODATA filter syntax
1. Get-AzureADUser -Filter "proxyAddresses/any(c:c eq 'smtp:user@domain.com')"
2. Get-AzureADUser -Filter "Department eq 'HP'"
3. Get-AzureADDirectoryROle -filter "DisplayName eq 'application administrator'"
4. Find reference on Oasis website
5. placeholder
4. Connect to graph behind proxy

# [NOTE] Set up proxy. Below works for PS 5
[System.Net.WebRequest]::DefaultWebProxy.Credentials = Get-Credential
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

 

# Powershell 7 is using [System.Net.HttpWebRequest]::DefaultWebProxy instead of [System.Net.WebRequest]
[System.Net.HttpWebRequest]::DefaultWebProxy = New-Object System.Net.WebProxy($null)  

  # this may work in companies where it can authenticate automatically
[System.Net.HttpWebRequest]::DefaultWebProxy.Credentials = Get-Credential

# Prompt for credential in companies that needs authN to use proxy

 [System.Net.HttpWebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials 

# this can be used when proxy uses your default credential (it could be your domain credential, it could be your Azure cendenital, depending on your environment)

1. placeholder

[PowerShell] When ExpandProperty is not good enough

The ExpandProperty parameter in select-object cmdlet is useful to view full values of a compound property (e.g. when a property's value is an array or an object). However the limitation is also obvious. It accepts only one property, so we are forced to write a script block to process all results, using a different way to convert/expand properties one by one, before we can finally assembly the output.

The other way to do it is to use inline expression. See below

$targetedProperties=@(

    samaccountname,

    @{l='membership'; e={$_.memberof}}

    @{l='allEmailAddresses'; e={$_.proxyAddresses}}

) 

$uObj = get-aduser 'johnDoe' -properties *

$expandedObj = $uObj | select $targetedProperties

 

Array that includes most meaningful AD attributes for admins

$meaningfulP = @(

    "AccountExpirationDate"

    #"accountExpires" # above converted value is readable to human - blank means never

    "AccountLockoutTime"

    "AccountNotDelegated"

    "AllowReversiblePasswordEncryption"

    #"BadLogonCount" # these are temporary values that are reset by AD periodically

    #"badPasswordTime"

    #"badPwdCount"

    "c"

    "CannotChangePassword"

    "CanonicalName"

    "City"

    "CN"

    "co"

    "codePage"

    "Company"

    "Country"

    "countryCode"

    "Created"

    "createTimeStamp"

    "Deleted"

    "Department"

    #"departmentNumber"

    @{l="deptNumber";e={$_.departmentNumber}}

    "Description"

    "DisplayName"

    "DistinguishedName"

    "Division"

    "EmailAddress"

    "EmployeeID"

    "EmployeeNumber"

    "employeeType"

    "Enabled"

    "extensionAttribute12"

    "extensionAttribute14"

    "extensionAttribute2"

    "extensionAttribute3"

    "extensionAttribute4"

    "extensionAttribute5"

    "extensionAttribute6"

    "extensionAttribute8"

    "extensionAttribute9"

    "Fax"

    "GivenName"

    "HomeDirectory"

    "HomedirRequired"

    "HomeDrive"

    "HomePage"

    "HomePhone"

    "Initials"

    "instanceType"

    "isDeleted"

    "l"

    "LastBadPasswordAttempt"

    "LastKnownParent"

    "LastLogonDate"

    "legacyExchangeDN"

    "LockedOut"

    "lockoutTime"

    "logonCount"

    "LogonWorkstations"

    "mail"

    "mailNickname"

    "Manager"

    #"MemberOf"

    @{l='membership';e={($_.Memberof)[0..20]}} #to prevent this value to become too large to fit into Excel cell limit

    "MNSLogonAccount"

    "MobilePhone"

    "Modified"

    "modifyTimeStamp"

    "Name"

    "ObjectCategory"

    "ObjectClass"

    "Office"

    "OfficePhone"

    "Organization"

    "OtherName"

    "PasswordExpired"

    "PasswordLastSet"

    "PasswordNeverExpires"

    "PasswordNotRequired"

    "physicalDeliveryOfficeName"

    "POBox"

    "PostalCode"

    "preferredLanguage"

    "ProfilePath"

    "ProtectedFromAccidentalDeletion"

    #"proxyAddresses"

    @{l='allEmailAddr';e={$_.proxyAddresses}}

    "SamAccountName"

    "sAMAccountType"

    "ScriptPath"

    "sDRightsEffective"

    #"ServicePrincipalNames"

    @{l='SPN';e={$_.ServicePrincipalNames}}

    "SmartcardLogonRequired"

    "sn"

    "st"

    "State"

    "StreetAddress"

    "Surname"

    "targetAddress"

    "Title"

    "TrustedForDelegation"

    "TrustedToAuthForDelegation"

    "UseDESKeyOnly"

    "userAccountControl"

    "UserPrincipalName"

    "whenChanged"

    "whenCreated"

)

Typescript with VS code notes

Header Placeholder

Normal Text place holder

1. To add a different launch profile (i.e. run same source file with different settings, or specify a different start script etc.). Open launch.json file in editor, click on "Add Configuration" button. Resulting file below
   
       // Sample launch.json

       "version": "0.2.0",

       "configurations": [

           {

               "type": "node",

               "request": "launch",

               "name": "Run Dist/index.js",

               "program": "./dist/index.js",

               "envFile": "${workspaceFolder}/.env",

               "outFiles": [

                   "${workspaceFolder}/**/*.js"

               ]

           },

           {

               "type": "node",

               "request": "launch",

               "name": "Run testSMS.js",

               "program": "./dist/testSMS.js",

               "envFile": "${workspaceFolder}/.env",

               "outFiles": [

                   "${workspaceFolder}/**/*.js"

               ]

           }

       ]

   }
2. Select a launch item to run
1. Click "Run & Debug" button
2. at top left corner, click on dropdown list besides green triangle, it should list 2 launch items listed in above sample file, one called "run index.js", the other called "run testsms.js".
3. Select either one to run
3. Any environment variables you specified in envFile above, you will have to define them as well in other running environments. For example, if you run the script from command line using "node.exe" then you have to "set env variables". If run in Azure app service, it should be defined under app service, configuration \ application settings section
4. Bulletpoint placeholder

How to update a library

1. Do NOT update the library source code in main program
2. open a separate code window, make changes
3. finish change and commit/sync
4. "npm version patch" to update patch number. (or use other npm version  parameter to update minor version or major version)
5. "npm publish" to publish it to NPM repository
6. back to main program, 
1. if package.json uses "^version#" in dependencies section, run "npm update", it should pull the latest version
2. if package.json uses "version #" dependencies section, then edit the version# to be latest version, then remove library folder, and "npm install"