[SOLVED] Non-interactive way to authenticate to Azure AD using AADInternals?

Non-interactive way to authenticate to Azure AD using AADInternals?

I'm attempting to use the AADInternals toolkit to simplify the process of generating an Azure AD bulk enrollment provisioning package. However, it seems as if the provided AADInternals documentation only outlines interactive methods of authentication. Being that I'm trying to automate this process through a Powershell script, does anyone know if there is a way to authenticate the AADInternals toolset non-interactively, say through application-based authentication using Microsoft Graph? I haven't been able to determine this myself yet, but I was hoping someone here might have used AADInternals themselves and accomplished this. Thanks!

Solution

Non-interactive way to authenticate to Azure AD using AADInternals?

I agree with wenbo's comment, In AADInternals documentation and it seems that interactive login is required.
AADInternals primarily focuses on advanced operations with Azure Active Directory and is often used interactively due to the sensitive nature of its functions.

non-interactively, say through application-based authentication using Microsoft Graph?

You can use Microsoft Graph PowerShell SDK is a more modern, reliable, and secure way to automate provisioning tasks in Microsoft Entra ID (formerly Azure Active Directory). The SDK supports non-interactive logins via service principals, making it perfect for automated workflows

You can install PowerShell SDK through this MS-Document.

Create an app registration in the portal and fetch the client ID, tenant ID, and client secret from the app.

Also, assign API permission like below:

Portal: enter image description here

You can use the below command thar will connect non-interactively to authenticate With Azure AD.

Command:

$clientId = "<value>"
$SecuredPassword = "<value>"
$tenantID = "<value>"

$SecuredPasswordPassword = ConvertTo-SecureString `
-String $SecuredPassword -AsPlainText -Force

$ClientSecretCredential = New-Object `
-TypeName System.Management.Automation.PSCredential `
-ArgumentList $clientId, $SecuredPasswordPassword

Connect-MgGraph -TenantId $tenantID -ClientSecretCredential $ClientSecretCredential

Get-Mguser

Output:

Welcome to Microsoft Graph!

Connected via apponly access using 7xxxxxx3d
Readme: https://aka.ms/graph/sdk/powershell
SDK Docs: https://aka.ms/graph/sdk/powershell/docs
API Docs: https://aka.ms/graph/docs

NOTE: You can use the -NoWelcome parameter to suppress this message.


DisplayName                                           Id                                   Mail                                          UserPrincipalName                                  
-----------                                           --                                   ----                                          -----------------                                  
Conf Room Adams                                       fxxxxcb8-511a-4249-aa43-xxxxxxxxxxx Adams@xxxxxxxxxxxxx.OnMicrosoft.com           Adams@xxxxxx.OnMicrosoft.com                
Adele Vance                                           dacxxxxxxx05-4fc6-a787-90740bafxxxx                                              AdeleV@xxxxxxx.OnMicrosoft.com

enter image description here