CloudShell
CloudShell copied to clipboard
Azure
[BUG] Unable to run AzureADPreview commands
To Reproduce
The issue is unable to run AzureADPreview commands in CloudShell even I have installed and imported AzureADPreview Module in CloudShell. But in on-prem environment, I can run these commands without issue.
Below screenshot, left is on-prem, right is Cloud Shell: (as you see, on-prem and CloudShell has installed AzureADPreview module)
But in CloudShell, if I run "Get-AzureADMSPrivilegedRoleDefinition", it said it's not recoginized as a name of a cmdlet, fuction, script file or executable program. On-prem environment runs without any issue:
Commands you ran
Get-AzureADMSPrivilegedRoleDefinition -ProviderId aadRoles -ResourceId 926d99e7-117c-4a6a-8031-0cc481e9da26 Reference document: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/powershell-for-azure-ad-roles
Include error output here
PS /home/yoyo> Import-Module AzureADPreview
Import-Module: Assembly with same name is already loaded
PS /home/yoyo> Get-AzureADMSPrivilegedRoleDefinition
Get-AzureADMSPrivilegedRoleDefinition: The term 'Get-AzureADMSPrivilegedRoleDefinition' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
PS /home/yoyo>
## Expected behavior
Able to run AzureADPreview in CloudShell.
## Is this specific to Cloud Shell?
Please verify if the same issue can be reproduced by running the same tool **outside Cloud Shell** - for example,
by installing it on your own computer. If so, it is likely to be a bug in that tool or in the Azure service it communicates with,
not in Cloud Shell. Please file the issue with the appropriate project.
Yes, this is specific to Cloud Shell. On-prem PowerShell runs well
Hello
I have a similar issue when trying to follow https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-claims-mapping
I am completely stuck.
I tried various proposal online that suggest to do UnInstall-Module AzureAD then install AzureADPreview. Also logout/login before using the command but it didn't work.
PS /home/benoit> Get-InstalledModule | grep ADP
2.0.2.138 AzureADPreview PSGallery Azure Active Directory V2 Preview Module. …
PS /home/benoit> Get-AzureADPolicy
Get-AzureADPolicy: The term 'Get-AzureADPolicy' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Apparently from support ticket: https://docs.microsoft.com/en-us/answers/questions/645848/get-azureadpolicy-is-not-working-under-version-ver-1.html
Also, you CANNOT run this on Core/CloudShell, if that's what you're trying to do. The AzureAD module is only supported on Windows PowerShell.
😫
Thanks @benoittgt it is a shame as we don' t want to dedicate a machine just to run Powershell for Admins (they don' t know their password)
Do you know if this is on the roadmap?
Thanks
Do you know if this is on the roadmap?
Sorry @ChristopheLux I have no idea about this.
The background story is:
The Identity team builds the AzureAD and Microsoft Graph PowerShell modules. They ship AzureAD and AzureADPreview via the PowerShell gallery. AzureADPreview provides access to the preview endpoint of Azure AD and includes extra commands. However as you have found those modules are only compatible with Windows PowerShell and do not work in Cloud Shell, which is based on PowerShell 7 on Linux.
In Cloud Shell, we provide AzureAD.Standard.Preview. This is a version of the AzureAD module (not AzureADPreview) recompiled to be compatible with .NET Standard and hence work in Cloud Shell. However Preview in the name indicates the level of completeness, not access the AzureADPreview features.
The Identity team are concentrating on completing the Graph module at the time of writing and AzureAD/AzureADPreview are receiving only minor updates. We do not expect them to updated to work with PowerShell 7.
So at this point I am afraid that we do not have a timeline for the availability of these commands in Cloud Shell. In the interim the only workaround I am aware of is to run the commands from a separate Windows-based environment such as a VM or on-prem workstation.
Hello Ed,
Thanks a lot for those detailed explanation. Our use case was as we are using a tool to secure admin access where admin does not know their password Cloud Shell seems a good solution. Maybe we should move everything to graph :) Enjoy your day!
While importing module use "-RequiredVersion" parameter
"Connect-AzureAD;
Import-Module Azureadpreview -RequiredVersion 2.0.2.138"
