ReportCloudServicesScriptContext

The ReportCloudServicesScriptContext class is used to work with cloud services. To access an instance of this class, use the CloudServices property of the predefined PowerShell variable called $Context in your scripts used to generate reports or report custom columns.

Inheritance: Object

Methods

  • Method

  • Description

  • GetAzureTenant()

  • Returns information about the Azure AD tenant of the specified object.

  • GetAzureAuthAccessToken(IADs)

  • Returns an Azure authentication token for the Microsoft 365 tenant the specified object is associated with. The token can be used for Microsoft Graph API only.

  • GetAzureAuthAccessToken(IADs, string)

  • Returns an Azure authentication token to be used to authenticate to the specified resource in the Microsoft 365 tenant the specified object is associated with.

  • ConnectExchangeOnline()

  • Creates a PowerShell connection to the Exchange Online organization the specified object is associated with.

Details

GetAzureTenant()

Returns information about the Azure AD tenant of the specified object. For an on-premises AD object the method returns information about the Microsoft 365 tenant the object is associated with.

AzureTenantInfo GetAzureTenant(IADs obj)

Remarks

For on-premises AD objects not associated with any Microsoft 365 tenant the method returns null.

GetAzureAuthAccessToken(IADs)

Returns an Azure authentication token for the Microsoft 365 tenant the specified object is associated with. The token can be used for Microsoft Graph API only.

string GetAzureAuthAccessToken(IADs object)

Examples

The following code sample gets the date when a user last logged on to Azure AD.

# Get access token for Microsoft Graph API
$user = $Context.BindToObjectByDN("CN=John Smith,DC=company,DC=com")
$token = $Context.CloudServices.GetAzureAuthAccessToken($user)

# Get the last logon date
$url = 'https://graph.microsoft.com/beta/users/' + $user.AzureId + `
'?$select=signInActivity'
$response = Invoke-RestMethod -Method GET `
    -uri $url `
    -Headers @{Authorization="Bearer $token"}

$lastLogonDate = $response.value[0].signInActivity.lastSignInDateTime

GetAzureAuthAccessToken(IADs, string)

Returns an Azure authentication token to be used to authenticate to the specified resource in the Microsoft 365 tenant the specified object is associated with.

string GetAzureAuthAccessToken(IADs object, string resourceId)

Parameters

  • object - Specifies the object associated with the Microsoft 365 tenant for which to retrieve an authentication token.
  • resourceId - Specifies the identifier of the resource for which to retrieve an authentication token.

Examples

The following code sample uses Azure Active Directory Graph API to get Azure AD groups a user is a member of.

# Get access token for Azure Active Directory Graph
$user = $Context.BindToObjectByDN("CN=John Smith,CN=Users,DC=company,DC=com")
$token = $Context.CloudServices.GetAzureAuthAccessToken($user, "https://graph.microsoft.com")

# Get groups the user is a member of
Connect-MGGraph -AccessToken $token
$groups = Get-MgUserMemberOf -UserId $user.AzureId

ConnectExchangeOnline()

Creates a PowerShell connection to the Exchange Online organization the specified object is associated with.

void ConnectExchangeOnline(IADs object)

Examples

The following code sample gets the Litigation Hold status of a user mailbox.

# Bind to the user
$user = $Context.BindToObjectByDN("CN=John Smith,CN=Users,DC=company,DC=com")

$Context.CloudServices.ConnectExchangeOnline($user)

# Get litigation hold status
$userMailbox = Get-MailBox -Identity $user.AzureId
$litigationHoldStatus = $userMailbox.LitigationHoldEnabled

Requirements

Minimum required version: 2023

See also

© Softerra 2022. All rights reserved.
Send feedback