Mobile Management and Multifactor Authentication Added to Azure AD PowerShell Preview
Microsoft on Wednesday announced new features for its Azure Active Directory PowerShell module.
The first new capability is the addition of "multifactor authentication" for accessing Azure Active Directory accounts. It adds a secondary check, such as getting a response to an automated instant message or a mobile phone message, in addition to verifying a password, before permitting user access to Azure services.
Microsoft's announcement seemed to describe this new capability specifically in terms of enabling multifactor authentication for IT pros responsible for performing management actions:
"Now when managing your Office 365 services or Azure Active Directory Tenant, you can expect the same secure sign-in experience you currently have with your other Office 365 products," the announcement explained.
Next, Microsoft's preview gives IT pros using Azure Active Directory PowerShell an improved set of commandlets (cmdlets) for use in managing mobile devices.
The two preview improvements -- multifactor authentication and the new Azure Active Directory PowerShell cmdlets -- actually go together conceptually. Microsoft's preview release is designed to facilitate mobile device management by IT pros:
"One of our goals for this public preview is to enable administrators who have accounts protected with MFA [multifactor authentication] to authenticate and use AAD PowerShell, while minimizing the number of changes to the existing cmdlets," Microsoft's announcement explained.
Testers aren't likely to see any changes with the old PowerShell module when using the preview, according to Microsoft. The preview adds a new "AccessToken" parameter to facilitate sign-ins. Microsoft also added four new "Msol" cmdlets for handling devices managed under Azure Active Directory.
The big change with this preview is that previously such device management had to be done via Graph APIs. Now IT pros can use Azure Active Directory PowerShell to accomplish various mobile device management tasks.
Tester can get the preview from Microsoft's Connect page here, although it's not for use in production environments. A caveat before using the preview is to uninstall the current Azure Active Directory PowerShell module first. In addition, it's just available in 64-bit form.
Azure PowerShell 1.0 Preview
Microsoft added a preview of Azure PowerShell 1.0 to its PowerShell Gallery last week. It also promised to release an MSI or WebPI installer version of the preview. This Azure PowerShell 1.0 preview release is just for testing purposes. The current production-grade release is PowerShell 0.9.8.
The preview mostly adds improvements to the Resource Manager module for use with Azure Automation. It also better separates the functions of the Resource Manager module and the Service Management module, according to Microsoft's announcement.
New Azure CLI Release
In other Azure news, Microsoft announced the release of Azure CLI 0.9.10 last week. Azure Command Line Interface is actually a solution that needs to be installed, rather than just an available screen. It facilitates the use of open source commands to create and manage Azure resources, according to Microsoft's documentation.
This latest release of Azure CLI avoids a clumsy log-in issue for IT pros when using a Microsoft account to authenticate access to Azure CLI. Previously, they had to use their Microsoft account to login to Azure Active Directory and then create a user account there just to login to Azure CLI. Now, it's a bit more direct to login using a Microsoft account. It's still somewhat nuanced, though. Microsoft's announcement offers three login scenarios to observe.
Windows PowerShell Cmdlet Help Dev Tool
On the Windows PowerShell side, Microsoft announced last week that it released the code for its internal "Cmdlet Designer" tool as open source. It's available via the CodePlex repository as a Microsoft Public License release.
This PowerShell Cmdlet and Help Designer release is just the source code. To get it to work, a Web service and database are needed.
Microsoft used this tool to create cmdlets when it was building Windows 7, and now the source code is available to the public. It lets developers better focus on cmdlet design while avoiding naming conflicts.
Package Management Previews
Also on the Windows PowerShell side, Microsoft announced earlier this month that it released previews of Package Management modules for PowerShell 4 and PowerShell 3. The Package Management previews include PackageManagement (formerly called "OneGet") and PowerShellGet components.
Microsoft's announcement explained that the PackageManagement component specifically helps with software repository management, as well as discovering software packages.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.