使用PowerShell检查Microsoft Azure Active Directory应用程序中是否存在IdentifierUris [英] Check if IdentifierUris exists in Microsoft Azure Active Directory Application using PowerShell

问题描述

我正在使用以下PowerShell脚本创建Azure Active Directory应用程序

I am using following PowerShell script to create Azure Active Directory Application

$appName = "data-factory-app"
$appURI = "www.datafactoryapp.com"
$appExists = Get-AzADApplication -DisplayName $appName
if (-not $appExists)
{
 if (-not $appExists.IdentifierUris
 New-AzADApplication -DisplayName $appName -IdentifierUris $appURI
}
else 
{
 Write-Output "Application Already Exists"
}

我正在检查Display Name，我还需要检查IdentifierUris是否存在但找不到任何命令.谁能帮忙

I am performing check for Display Name, I also need to perform check on IdentifierUris if it exists but cannot find any command. could anyone help

推荐答案

为此，我建议使用

For this, I recommend using the Get-AzureADApplication cmdlet from the AzureAD PowerShell module (the cmdlets are of the form -AzureAD), instead of the cmdlet from the Azure PowerShell 2.0 module (where the cmdlets are of the form -AzAD).

使用此cmdlet，可以像在Azure AD Graph API中一样指定过滤器

With this cmdlet, you can specify a filter as you would in the Azure AD Graph API $filter parameter, and get what you're looking for in one request.

要获得与给定显示名称​​或匹配的任何标识符URI(从技术上来说是一个列表)的所有Application对象，都可以执行以下操作:

To get all Application objects with a given display name or at any identifier URI (technically it's a list) matching the one you've given, you can do the following:

$appName = "data-factory-app"
$appURI  = "www.datafactoryapp.com"
$filter  = "displayName eq '{0}' or identifierUris/any(u:u eq '{1}')" -f $appName, $appURI
$appExists = Get-AzureADApplication -Filter $filter

if (-not $appExists) {
     # No application exists with that display name or identifier URI
} else {
     # An application already exists with that display name or identifier URI!
}

如果出于某些原因，您必须使用Azure PowerShell模块(Az)，则需要进行两个单独的调用来进行检查:

If for some reason you must use the Azure PowerShell module (Az), then you will need to make two separate calls to check:

$appName = "data-factory-app"
$appURI  = "www.datafactoryapp.com"

$appExistsWithDisplayName = Get-AzADApplication -DisplayName $appName
if (-not $appExistsWithDisplayName) {

    $appExistsWithIdentifierUri = Get-AzADApplication -IdentifierUri $appURI
    if (-not $appExistsWithIdentifierUri)) {
        # No application exists with that display name or identifier URI
    } else {
        # An application already exists with that identifier URI
    }
} else {
     # An application already exists with that display name
}

这篇关于使用PowerShell检查Microsoft Azure Active Directory应用程序中是否存在IdentifierUris的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！