0 votes

Hi, what is the correct way to create Adaxes Report that will show all explicit Azure role OWNER assignments?

I know how to do it in PowerShell so just to be sure, there is no builtin Adaxes feature.

$CurrentContext = Get-AzContext
$Subscriptions = Get-AzSubscription -TenantId $CurrentContext.Tenant.Id
foreach ($Subscription in $Subscriptions) {
    $Context = Set-AzContext -TenantId $Subscription.TenantId -SubscriptionId $Subscription.Id -Force

    Get-AzRoleAssignment | ? RoleDefinitionName -eq 'owner'
}

Thanks!

by (960 points)

1 Answer

0 votes
by (289k points)

Hello,

Unfortunately, there is no built-in function in Adaxes to make the desired output. You can try using the script in an Adaxes custom command and output the results into the execution log using method $Context.Logmessage. The following SDK article should be helpful: https://adaxes.com/sdk/CloudServicesScriptContextClass. Should you have issues updating your script accordingly, please, provide all the possible details regarding the desired output with live examples.

0

OK I've solved tis by creating custom columns and fill them using $Context.Items.Add().

Btw does Adaxes support anything like cached reports? So users don't have to run the report over and over again and instead have the possibility to see some cached older version?

0

Hello,

OK I've solved tis by creating custom columns and fill them using $Context.Items.Add().

Thank you for the confirmation, it is much appreciated.

Btw does Adaxes support anything like cached reports?

Unfortunately, there is no such thing as cached reports. The thing is that reports are generated based on the permissions of the logged on user. As such, caching might result in a user seeing something they should not see and vice versa.

0

But for sime kind of reports this could be an option (static reports without any user input).

It would be super useful mainly for cloud reports, because Azure can be slow (throttling) which can make such Report unusable. And unfortunately more and more tasks are managed from Azure these days.

Also you could generate one cache per possible group of permissions to avoid any security concerns.

Think about it :)

0

Hello,

Thank you for the suggestion. We have forwarded it to the corresponding department for consideration.

For your information, we have Azure AD management in our roadmap. The feature will be available in the next major release.

Related questions

0 votes
1 answer

For example, if the scope is a specified OU, running the report will list management history for every object in the OU even if it has had no management operations ... so objects that have not had any recent modifications are excluded from the report results?

asked Aug 13, 2021 by ryan741 (120 points)
0 votes
1 answer

For security purposes, we need to audit the objects that are capable of replicating the directory. As we have a number of individuals that need this report, I would like to ... four domains and would like to see any objects with this permission in any of them

asked May 20, 2022 by jiambor (1.2k points)
0 votes
1 answer

I created a Report asking the report to get the Assinged Microsoft Supbsription license assinged to the Users, When the Reports runs it geta few users but time out ... way to increase the time Out oprtion fro Reports that are getting information from Azure?

asked May 16 by George.Holden (60 points)
0 votes
1 answer

I gone throught Adaxes License is based and its based on user. I wanted to understand, does the license user count is on technical assistance user or AD objects?

asked Jan 23, 2020 by subbu (20 points)
0 votes
0 answers

Here is an example: In Azure the manager shows populated: In Adaxes it shows a blank:

asked Dec 2, 2022 by adaxes_user2 (40 points)
3,548 questions
3,239 answers
8,232 comments
547,814 users