是否可以使用MFA通过单个用户登录提示对Connect-AzAccount和Connect-AzureAD进行身份验证? [英] Is it possible authenticate both Connect-AzAccount and Connect-AzureAD using MFA with a single user login prompt?
问题描述
我设置了一个Visual Studio项目模板,该模板运行安装脚本以自动注册应用程序并为该应用程序创建应用程序见解.问题在于应用程序注册使用AzureAD模块,而应用程序见解(以及需要时创建资源组)使用Az模块,因此我最终需要做
I set up a visual studio project template that runs setup scripts to automatically register an application and create application insights for the app. The problem is the app registration uses the AzureAD module while the application insights (and the resource group creation if needed) use the Az modules, so I end up needing to do
Connect-AzAccount
Connect-AzureAD
哪个会提示用户两次登录.有没有一种方法可以使用其中一个的身份验证来对另一个进行身份验证?
Which prompts the user for their login twice. Is there a way to use the auth from one to authenticate the other?
我也看到过类似的问题,建议使用get-credential,但是由于我的组织具有无法正常工作的多因素身份验证.
I've seen similar questions suggesting using get-credential but since my org has multi factor auth that wont work.
其他建议是使用服务主体,但我不想在模板中存储任何特定内容,并且希望将身份验证绑定到用户.
Other suggestions were to use a service principal but I don't want to store anything specific in the template and want the auth tied to the user.
我知道Az模块具有类似于AzureAD( New-AzADApplication )的功能,但是有些事情我不知道该怎么做.具体来说,设置应用程序权限以在Microsoft图上登录,并将应用程序所有者设置为经过身份验证的用户.这就是为什么我改用AzureAD模块
I know the Az module has functionality similar to the AzureAD (New-AzADApplication) but there are a few things I can't figure out how to do. Specifically, set the applications permissions to sign in on Microsoft graph and set the application owner to the authenticated user. That is why i'm using the AzureAD module instead
推荐答案
如果要在PowerShell中使用同一会话连接Azure和Azure AD,请参考以下脚本
If you want to use the same session to connect Azure and Azure AD in PowerShell, please refer to the following script
Connect-AzAccount
$context=Get-AzContext
Connect-AzureAD -TenantId $context.Tenant.TenantId -AccountId $context.Account.Id
Get-AzureADUser
这篇关于是否可以使用MFA通过单个用户登录提示对Connect-AzAccount和Connect-AzureAD进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
