Identity and Access Management

Entra ID Tenant ID & Custom Domains PowerShell Module

Buried in my PowerShell Snippets Vol 4 post from 2021 is the PowerShell script and a link to a PowerShell Module I authored named AzureADTenantID. Its sole purpose was to take a domain name (e.g., darrenjrobinson.com) and lookup return any associated Azure AD (now Entra ID) TenantID. I personally use this module quite frequently. Judging by the downloads on it, it is also popular with others.

More recently I’ve needed to also identify quickly any domains associated with an Exchange Online / Entra ID (Azure AD) Tenant. Looking into the Microsoft Documentation this information can be retrieved using Autodiscover.

I’ve updated my module with an additional cmdlet to return Exchange Online Domains which will infer Entra ID Custom Domains if the associated organisation is following the recommendation of UPN matching Email. And of course, that Exchange Online is being used.

Features

  • Queries the ‘Well-Known’ Entra ID (Azure AD) Open ID Connect (OIDC) Authorization Endpoint using a domain name and returns the TenantId
  • Queries the Exchange Online Autodiscover service using a domain name and returns all other registered domains.
  • Aliases for new Entra ID naming:
    • Get-AzureADTenantId = Get-EntraIDTenantId
    • Get-AzureADCustomDomains = Get-EntraIDCustomDomains
  • Works with Windows PowerShell and PowerShell (6.x+)

Installation

Install from the PowerShell Gallery on Windows PowerShell 5.1+ or PowerShell Core 6.x or PowerShell.

Install-Module -name AzureADTenantID

Entra ID (AAD) Tenant ID

Use the Get-AzureADTenantId or Get-EntraIDTenantId cmdlets to lookup and return the TenantId. 

Get-AzureADTenantId -domain 'microsoft.com'
or
Get-EntraIDTenantId -domain 'microsoft.com'

or

'microsoft.com' | Get-AzureADTenantId
or
'microsoft.com' | Get-EntraIDTenantId

Exchange Online Domains (which usually infers EntraID (AAD) custom domains so that email and UPN matches for users.)

The Get-AzureADCustomDomains and Get-EntraIDCustomDomains cmdlets default to WW Cloud

Get-AzureADCustomDomains -domain 'microsoft.com'
or
Get-EntraIDCustomDomains -domain 'microsoft.com'

For GCC-H use the -GCCH switch

Get-AzureADCustomDomains -domain 'microsoft.com' -GCCH
or
Get-EntraIDCustomDomains -domain 'microsoft.com' -GCCH

or

'microsoft.com' | Get-AzureADCustomDomains  
or
'microsoft.com' | Get-EntraIDCustomDomains -GCCH
Darren Robinson

Bespoke learnings from a Microsoft Identity and Access Management Architect using lots of Microsoft Identity Manager, Azure Active Directory, PowerShell, SailPoint IdentityNow and Lithnet products and services.

Leave a Comment
Share
Published by
Darren Robinson
Tags: AzureADEntra IDPowerShell
3 years ago

Recent Posts

Entra Auth Tracer – A Browser Extension for Deep Inspection of Microsoft Entra Authentication Flows

If you've ever needed to debug a Microsoft Entra (Azure AD) authentication flow, you'll know…

2 weeks ago

Entra Provision On Demand PowerShell Module

It’s 2026 and somehow I keep finding myself back in 2016, integrating heritage applications into…

3 weeks ago

Entra News MCP Server

I’ve just published an MCP server that turns Merill & Joshua’s weekly Entra News newsletter…

4 weeks ago

Entra ECMA2Host Tools PowerShell Module

If you've ever worked with the ECMA2Host for Entra Outbound Provisioning you'll be immediately presented…

4 months ago

PowerShell 7 Support Arrives for the Granfeldt PowerShell Management Agent

For over a decade, the Granfeldt PowerShell Management Agent (PSMA) has been the bedrock for…

6 months ago

PowerShell MCP Azure Function Server

Recently under the experimental Azure Functions build Microsoft Developer Advocates have shown enabling Azure Functions…

7 months ago

This website uses cookies.