Procedure
- Check if the Microsoft Entra ID Module is installed on the Windows operating
system you are using.
-
If yes, go to Step 2.
-
If not, run the following command in the PowerShell command prompt to install the module first:
Install-Module MSOnline
.
-
- Create a
.ps1
file, copy and paste the following script into the file, and then save it.Specify $user and $pass with the credentials of the Office 365 Global Administrator account you used to grant permission when generating an authentication token.$appID = "32eb7c81-01f8-4f56-b847-687b755fb160" $user = "<email address of the Office 365 Global Administrator account>" $pass = "<password of the Office 365 Global Administrator account>" $Creds = New-Object System.Management.Automation.PsCredential($user, (ConvertTo-SecureString $pass -AsPlainText -Force)) Connect-MSOLSERVICE -Credential $Creds $msSP = Get-MsolServicePrincipal -AppPrincipalId $appID #ID of the Application $objectId = $msSP.ObjectId Add-MsolRoleMember -RoleName "User Administrator" -RoleMemberType ServicePrincipal -RoleMemberObjectId $objectId
- Launch Windows PowerShell as an administrator and wait a moment for the PS command prompt to appear.
- Navigate to the directory where the script lives.
- Run the following command to execute the script:
.\<filename>.ps1
After the script is successfully executed, use the Threat Mitigation API to take actions on user accounts as necessary.