maester icon indicating copy to clipboard operation
maester copied to clipboard
verified publisher icon maester365

Delegation for Connect-Maester

Open slueders-bag opened this issue 1 year ago • 1 comments

it would be great as an CSP to connect to different tenants by using an parameter like TenantName oder TenantID in the Connect-Maester cmdlet.

slueders-bag avatar Oct 03 '24 09:10 slueders-bag

This would be nice, but becomes challenging since each of the upstream modules uses a different parameter structure and approach. In my experience it is easier to connect through those upstream commands then skip Maester connection in multi-tenant scenarios. example

Considering other modules like PNP.PowerShell and handling that as a custom MSAL wrapper, I feel that has other challenges that make it even less desirable for multi-tenancy.

M365DSC team has a nice table that shows some of the complexity. https://microsoft365dsc.com/user-guide/get-started/authentication-and-permissions/#authentication-methods

soulemike avatar Oct 03 '24 16:10 soulemike

We added Connect-Maester as a convenience for the 80% use case and ideally don't want to duplicate all the functionality in Connect-MgGraph in Graph and similar commands in the other modules.

However I think it will be good for the Maester docs to include guidance on how to use Connect-MgGraph and other commands to switch tenants etc, (and point to the docs for the various modules).

merill avatar Oct 20 '24 21:10 merill