Identity and Access Management

Entra ID Tenant ID & Custom Domains PowerShell Module

Buried in my PowerShell Snippets Vol 4 post from 2021 is the PowerShell script and a link to a PowerShell Module I authored named AzureADTenantID. Its sole purpose was to take a domain name (e.g., darrenjrobinson.com) and lookup return any associated Azure AD (now Entra ID) TenantID. I personally use this module quite frequently. Judging by the downloads on it, it is also popular with others.

More recently I’ve needed to also identify quickly any domains associated with an Exchange Online / Entra ID (Azure AD) Tenant. Looking into the Microsoft Documentation this information can be retrieved using Autodiscover.

I’ve updated my module with an additional cmdlet to return Exchange Online Domains which will infer Entra ID Custom Domains if the associated organisation is following the recommendation of UPN matching Email. And of course, that Exchange Online is being used.

Features

  • Queries the ‘Well-Known’ Entra ID (Azure AD) Open ID Connect (OIDC) Authorization Endpoint using a domain name and returns the TenantId
  • Queries the Exchange Online Autodiscover service using a domain name and returns all other registered domains.
  • Aliases for new Entra ID naming:
    • Get-AzureADTenantId = Get-EntraIDTenantId
    • Get-AzureADCustomDomains = Get-EntraIDCustomDomains
  • Works with Windows PowerShell and PowerShell (6.x+)

Installation

Install from the PowerShell Gallery on Windows PowerShell 5.1+ or PowerShell Core 6.x or PowerShell.

Install-Module -name AzureADTenantID

Entra ID (AAD) Tenant ID

Use the Get-AzureADTenantId or Get-EntraIDTenantId cmdlets to lookup and return the TenantId. 

Get-AzureADTenantId -domain 'microsoft.com'
or
Get-EntraIDTenantId -domain 'microsoft.com'

or

'microsoft.com' | Get-AzureADTenantId
or
'microsoft.com' | Get-EntraIDTenantId

Exchange Online Domains (which usually infers EntraID (AAD) custom domains so that email and UPN matches for users.)

The Get-AzureADCustomDomains and Get-EntraIDCustomDomains cmdlets default to WW Cloud

Get-AzureADCustomDomains -domain 'microsoft.com'
or
Get-EntraIDCustomDomains -domain 'microsoft.com'

For GCC-H use the -GCCH switch

Get-AzureADCustomDomains -domain 'microsoft.com' -GCCH
or
Get-EntraIDCustomDomains -domain 'microsoft.com' -GCCH

or

'microsoft.com' | Get-AzureADCustomDomains  
or
'microsoft.com' | Get-EntraIDCustomDomains -GCCH
Darren Robinson

Bespoke learnings from a Microsoft Identity and Access Management Architect using lots of Microsoft Identity Manager, Azure Active Directory, PowerShell, SailPoint IdentityNow and Lithnet products and services.

Leave a Comment
Share
Published by
Darren Robinson
Tags: AzureADEntra IDPowerShell
8 months ago

Recent Posts

Visualising your IP Address using PowerShell and AI

A few weeks back the Microsoft AI Tour was in Sydney Australia. There was a…

3 weeks ago

Where the heck is the PowerShell Module loading from?

If you're anything like me you always have PowerShell open, and often both PowerShell and…

4 months ago

Express Verified ID Setup

Decentralised Identity is a technology I'm passionate about and have written many posts and tools…

5 months ago

Orchestrating 1Password with PowerShell

Over two years ago I authored a PowerShell Module that enabled the automation of 1Password.…

8 months ago

Windows Subsystem for Linux instance has terminated

Short post on how to recovery from "The Windows Subsystem for Linux instance has terminated"…

9 months ago

Goodbye Azure AD, Hello Entra ID

Today Microsoft made big announcements about its Microsoft Entra suite of identity and security products…

9 months ago

This website uses cookies.