0 votes

I'm trying to create a custom command to Sign out a user of all Office 365 sessions via powershell.
Unfortunately the cmdlet requires the AzureAD module which is not supported by the Adaxes "internal" powershell.

In the script repository I found the quite clever way of starting a new powershell instance which has support for the required module (https://www.adaxes.com/script-repositor ... e-s442.htm). However, I do not have a way to pass the stored Office 365 credential to the scriptblock and the Adaxes powershell module does not seem to have a way to get this credential (GetOffice365Credential).

Is there any way to either make the AzureAD module work with the powershell instance Adaxes uses or get the stored O365 credential with the Adaxes powershell module?

We're using Adaxes version 2017.2

by (70 points)

1 Answer

+1 vote
by (206k points)
selected by
Best answer

Hello Mark,

Have a look at the following script from our repository: https://www.adaxes.com/script-repositor ... e-s290.htm.

0

Thank you! Invoke-Command did the trick since it's possible to pass arguments to it.

This is what I ended up doing:

$scriptBlock = {
    import-Module AzureAD

    $creds = $args[0]
    $userid = $args[1]

    Connect-AzureAD -Credential $creds
    Revoke-AzureAdUserAllRefreshToken -objectID $userid
}

# Bind to member
$member = $Context.BindToObject("Adaxes://[domain]/%distinguishedName%")

# Get Office 365 Properties
$office365Properties = $member.GetOffice365Properties()

try {
    $objectId = [Guid]$member.Get("adm-O365ObjectId")
    $objectId = $objectId.ToString()
}
catch {
    $Context.LogMessage("The member doesn't have an Office 365 account", "Warning")
    return
}

# Get Office 365 Tenant credentials
$office365Cred = $Context.GetOffice365Credential()

Invoke-Command -ComputerName localhost -ScriptBlock $scriptBlock -ArgumentList $office365Cred, $objectId

Related questions

0 votes
1 answer

In Web Configuration, under advanced section we have set the Iddle Sessiom time out limit to 20 minutes and also the Authentication idle time out limit to 20 minutes, however ... there is any other way we can enforce re-login after session times out ? Thanks

asked Feb 13 by rsaran (70 points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (150 points)
0 votes
1 answer

What would be the best way to create a Business Unit for all users in a domain that have Office 365 licenses assigned to them? I can do it with powershell but I would like to have the Info as a Business Unit and I don't want to re-invent the wheel. Thanks, Tim

asked Jun 20, 2017 by timskag (150 points)
0 votes
1 answer

We turned on SSO using SAML logins via the Azure Active Directory to the Admin and Help Desk web portals in Adaxes. Common, Self Sevice, and a couple of other portals ... preferred. Is there a setting I am missing somewhere? Adaxes version 3.12.17215.0 Thanks

asked Mar 2, 2020 by jiambor (1.2k points)
0 votes
1 answer

We are looking to help managers configure Out of Office responses for their employees. The approach we are thinking is a link on the Adaxes Help Desk portal that would ... remove the information gathered. Is there a different approach we can take? Thanks! Jake

asked Sep 21, 2015 by jakesomething (190 points)
2,554 questions
2,297 answers
6,126 comments
662,013 users