I wanted to check what all characters can be present in Subscription id of Azure Subscription. I saw documentation here but it mentions format of id as something like 0000-0000-0000-000000000000. It does no tells me what all characters are valid in the format. e.g. can Subscription id contain "_" or any other character
I tried referring documentation but could not find the required information
Azure subscription ID is a globally unique identifier (GUID).
The following article discuss how to validate GUID using Regular Expression. I think it would help you link here
Here is the RegEx for your question
#"^(\{{0,1}([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}\}{0,1})$"
Related
Good afternoon
I have selected stackoverflow for this question because probably mainly programmers are confronted with this question:
This is the issue:
We want to read the notes field (not the description) from the Azure AD groups
Contrary to what we might expect (and what the command names suggests), most commands in Microsofts PowerShell Modules to Access the Azure AD do not return an Azure AD Object, but only a small subset of its properties.
For example, both Get-AzADGroup and Get-AzureADGroup are only half-heartedly implemented and don't offer a solution to get all properties. The Microsoft "Docs" ignores this basic subject.
Therefore the Question:
Can a Runbook read all Azure AD Group Properties (or at least the Notes field)? In OnPremise AD, this property is called .Info
Thanks a lot for any help!
Kind regards,
Thomas
According to some test, the command Get-AzADGroup and Get-AzureADGroup will not show the field Notes or Info even if add | fl after the command. And it seems the Notes(Info) field is not synced to cloud for groups. Here I found a feedback which similar to your situation, you can vote it on this page or raise a new feedback ticket for your requirements.
I am using the next endpoint https://graph.microsoft.com/v1.0/users to get all users in my azure tenant but it is not showing all information about the users, it doesnt show information as: creation date, last login date, password last change date and others.
How can I get the information required?
Thanks in advance.
Regards,
Arsenio
https://graph.microsoft.com/v1.0/users api only lists the basic properties. If you need to get the other properties, you need to use $select to get them.
https://graph.microsoft.com/v1.0/users?$select=createdDateTime,displayName
All the available user properties are listed here.
Unfortunately, you cannot get all this info from the one API call and some of them you cannot get at all. For example, last login info you can get from auditLogs endpoint or using select field modification from user API:
https://graph.microsoft.com/v1.0/users?$select=displayName,createdDateTime
All field that you can extract from user API you can find here.
For extracting information about some of users activities you can use directoryAudit call, but I'm not sure that you can extract last password change from it.
I am used to access my customers AD's via LDAP.
Now I have a customer with their data in Azure AD, and I can not find any explanation for what the properties are called in Azure given that I know what the name is in LDAP.
As an example is the old title now called JobTitle, postalAddress is now StreetAddress and objectGUID seems to have been changed into ImmutableId and have been base64 encoded.
Is there anywhere I can find a list where I can see what properties corresponds to something else in Azure Graph API?
I have previously found something like that when I started out with LDAP at the following url: http://www.kouti.com/tables/userattributes.htm
Does anyone know how to order the results of a query to the Azure AD Graph API using the nuget assembly (https://www.nuget.org/packages/Microsoft.Azure.ActiveDirectory.GraphClient/) by "Created Date" (i.e. when the user was created in the directory?
I can't find any documentation about a property which would contain this. Is the result set automatically ordered in this way?
There is a restriction at the moment on the '$orderby' expressions that can be specified for a Graph API query. From the documentation -
The following restrictions apply to $orderby expressions:
Two sort orders are currently supported: DisplayName for User and Group objects, and UserPrincipalName for User objects. The default sort order for users is by UserPrincipalName.
So even if the 'Created Date' was exposed as property on the User I doubt the query will work.
We're using an application that authenticates using Azure ACS with a Google ID. But the nameidentifier that we get from Google keeps changing. It appears that this is based on the IP address which fluctuates when using Azure. So I'd like to have the output claim type be something other than the nameidentifier.
However if I change the output claim type (in the Rule Group panel) for the input nameidentifier to emailaddress we get a server error when trying to authenticate: Sequence contains more than one element
Is there a trick to setting up the rule groups for Google so you get back a token that doesn't change all the time?
As you already suspected, the ID is unique per realm/domain, but this should be based on the ACS namespace, not the URL of your application.
Now, using emailaddress is much safer in case you might need to use a different ACS namespace or if you no longer want to use ACS at all. In order to map the emailaddress claim to the namidentifier (output claim), you'll need to delete the actual nameidentifier first: