看起来你需要使用非交互式登录,请按以下步骤操作。
Create an Azure Active Directory application and create a secret for the app, save the secret and get values for signing in.
In your AD App -> API permissions
-> Add a permission
-> select Azure Active Directory Graph
-> Application permissions
-> Directory.Read.All
-> click Add permissions
-> click Grant admin consent for xxx
, refer to the screenshot.
Try the script as below, use the values which you get in step 1, it works fine on my side.
Note: You need to use the Task version
with 4.*(preview)
when you use Az
powershell module.
$azureAplicationId ="<your ad app application id>"
$azureTenantId= "<your tenant id>"
$azurePassword = ConvertTo-SecureString "<the secret of your ad app>" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)
Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal
#I just test to get all groups, you could do other operations
Get-AzADGroup