tag:blogger.com,1999:blog-60437537064005141862024-03-13T09:11:16.554-07:00Anuj ChaudharySoftware EngineeringAnuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.comBlogger121125tag:blogger.com,1999:blog-6043753706400514186.post-11522322130568649742020-09-30T19:12:00.002-07:002020-09-30T19:22:32.007-07:00Azure AD PowerShell for Azure Resources in PIMHave you wondered how to user Azure AD PowerShell for Azure Resources in PIM. This is a little tricky since the id's in OData do not support slashes but the id's for Azure resources contains slashes. Hence the id for these resources are mapped to a GUID in Graph.<div>To query the azure resources in Graph, you will need to pass an ExternalId filter and the rest should be straight forward.</div><div>Below is an example of adding a user as Eligible Owner on a subscription.</div><div><br /></div><div>The pre-requisite is that you have already installed Azure AD Preview PowerShell by following these steps <a href="https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0">https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0</a></div><div><br /></div><div><div>Connect-AzureAD</div><div>$resource = Get-AzureADMSPrivilegedResource -Provider azureResources -Filter "ExternalId eq '/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d'"</div><div>$roleDefinition = Get-AzureADMSPrivilegedRoleDefinition -ProviderId azureResources -ResourceId $resource.Id -Filter "DisplayName eq 'Owner'"</div><div>$subject = Get-AzureADUser -Filter "userPrincipalName eq 'upn'"</div><div><br /></div><div>$schedule = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedSchedule</div><div>$schedule.Type = "Once"</div><div>$schedule.StartDateTime = (Get-Date).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ")</div><div>$schedule.EndDateTime = (Get-Date).AddDays(30).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ")</div><div><br /></div><div>Open-AzureADMSPrivilegedRoleAssignmentRequest -ProviderId azureResources -Schedule $schedule -ResourceId $resource.Id -RoleDefinitionId $roleDefinition.Id -SubjectId $subject.ObjectId -AssignmentState "Eligible" -Type "AdminAdd" -Reason "Test"</div><div><br /></div></div><div><br /></div><div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-71476000371690357062020-02-14T18:44:00.003-08:002020-09-30T19:22:56.146-07:00Connect to Azure AD PowerShell with MFA<div dir="ltr" style="text-align: left;" trbidi="on">
Sometimes you might want to connect to Azure AD PowerShell
with MFA but there is no way for the PowerShell to prompt you for MFA unless
you have MFA enforced on the account.<br />
<br />
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
The scenario which I had was calling a cmdlet for Privileged
Identity Management where I was activating a role which requires MFA <a href="https://docs.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0-preview#privileged_role_management">https://docs.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0-preview#privileged_role_management</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The solution is to get an access token with MFA and pass the
token while connecting to PowerShell.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
The pre-requisite is that you have already installed Azure
AD Preview PowerShell by following these steps <a href="https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0">https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div><div dir="ltr" trbidi="on"># Install msal.ps</div><div dir="ltr" trbidi="on">if(!(Get-Module | Where-Object {$_.Name -eq 'PowerShellGet' -and $_.Version -ge '2.2.4.1'})) { Install-Module PowerShellGet -Force }</div><div dir="ltr" trbidi="on">if(!(Get-Package msal.ps)) { Install-Package msal.ps }</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on"># Get token for MS Graph by prompting for MFA</div><div dir="ltr" trbidi="on">$MsResponse = Get-MSALToken -Scopes @("https://graph.microsoft.com/.default") -ClientId "1b730954-1685-4b74-9bfd-dac224a7b894" -RedirectUri "urn:ietf:wg:oauth:2.0:oob" -Authority "https://login.microsoftonline.com/common" -Interactive -ExtraQueryParameters @{claims='{"access_token" : {"amr": { "values": ["mfa"] }}}'}</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on"># Get token for AAD Graph</div><div dir="ltr" trbidi="on">$AadResponse = Get-MSALToken -Scopes @("https://graph.windows.net/.default") -ClientId "1b730954-1685-4b74-9bfd-dac224a7b894" -RedirectUri "urn:ietf:wg:oauth:2.0:oob" -Authority "https://login.microsoftonline.com/common"</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on">Connect-AzureAD -AadAccessToken $AadResponse.AccessToken -MsAccessToken $MsResponse.AccessToken -AccountId: "upn" -tenantId: "tenantId"</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on"># Call cmdlet which requires MFA</div><div dir="ltr" trbidi="on">$resource = Get-AzureADMSPrivilegedResource -ProviderId AadRoles</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on">$roleDefinition = Get-AzureADMSPrivilegedRoleDefinition -ProviderId AadRoles -ResourceId $resource.Id -Filter "DisplayName eq 'Global Administrator'"</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on">$subject = Get-AzureADUser -Filter "userPrincipalName eq 'upn'"</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on">$schedule = New-Object Microsoft.Open.MSGraph.Model.AzureADMSPrivilegedSchedule</div><div dir="ltr" trbidi="on">$schedule.Type = "Once"</div><div dir="ltr" trbidi="on">$schedule.Duration="PT1H"</div><div dir="ltr" trbidi="on">$schedule.StartDateTime = (Get-Date).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ")</div><div dir="ltr" trbidi="on"><br /></div><div dir="ltr" trbidi="on">Open-AzureADMSPrivilegedRoleAssignmentRequest -ProviderId AadRoles -Schedule $schedule -ResourceId $resource.Id -RoleDefinitionId $roleDefinition.Id -SubjectId $subject.ObjectId -AssignmentState "Active" -Type "UserAdd" -Reason "Test"</div><div><br /></div>
<br />
<div>
<br /></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com11tag:blogger.com,1999:blog-6043753706400514186.post-78884506337666723632019-08-02T11:14:00.006-07:002020-09-15T18:52:25.137-07:00Handle Conditional Access challenge for Privileged Identity Management on Microsoft Graph<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
Privileged Identity Management (PIM) for Azure resources api’s are available on
Microsoft Graph (MSGraph) so that developers can automate the PIM operations
like activation, assignment, etc. To learn more, see <a href="http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html">http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Some organizations enable conditional policies like Multi factor
authentication (MFA) for accessing any Azure resources. When users go to PIM
through Azure Portal, they are prompted for MFA while logging into the Azure
Portal. When they access the PIM UI, everything works since they have already
performed MFA.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
However, if the users are accessing PIM api’s for Azure
resources through MSGraph, they might not be prompted for MFA on login since no
conditional access policy might be enabled for MSGraph. When a PIM api is
called, it fails with 400 Bad Request invalid_grant error<code><span style="font-family: "consolas"; font-size: 10pt; line-height: 107%;"> </span></code>since
a conditional access policy is not met for Azure resources. <o:p></o:p></div>
<div class="MsoNormal">
Example:</div>
<div class="MsoNormal">
<i>HTTP/1.1 400 Bad Request<o:p></o:p></i></div>
<div class="MsoNormal"><div class="MsoNormal">{</div><div class="MsoNormal"> "error": {</div><div class="MsoNormal"> "code": "invalid_grant",</div><div class="MsoNormal"> "message": "{\"Name\":\"MsalUiRequiredException\",\"Message\":\"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '797f4846-ba00-4fd7-ba43-dac1f8f63013'.\\r\\nTrace ID: 7bdbe148-89e6-4493-a150-93dac7a06c00\\r\\nCorrelation ID: ff221ee5-ebb9-42d0-8f70-dbffde1b2104\\r\\nTimestamp: 2020-09-16 01:16:03Z\",\"Claims\":\"{\\\"access_token\\\":{\\\"capolids\\\":{\\\"essential\\\":true,\\\"values\\\":[\\\"051744ca-6abe-4095-b526-14a7f4033309\\\"]}}}\"}",</div><div class="MsoNormal"> "innerError": {</div><div class="MsoNormal"> "date": "2020-09-16T01:16:03",</div><div class="MsoNormal"> "request-id": "82cd21d1-6413-4512-a2d1-fa1d0a3c5826",</div><div class="MsoNormal"> "client-request-id": "82cd21d1-6413-4512-a2d1-fa1d0a3c5826"</div><div class="MsoNormal"> }</div><div class="MsoNormal"> }</div><div class="MsoNormal">}</div></div>
<div class="MsoNormal">
<i><br /></i></div>
<div class="MsoNormal">
To handle this, the user needs to catch the error, get the claims challenge and send in a login request with claims challenge as an extra query string parameter.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
To learn more, see <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/conditional-access-dev-guide#scenario-app-performing-the-on-behalf-of-flow">https://docs.microsoft.com/en-us/azure/active-directory/develop/conditional-access-dev-guide#scenario-app-performing-the-on-behalf-of-flow</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif" style="font-family: inherit;"><span>Below is a PowerShell sample which showcases on
how to handle the </span><span>conditional</span><span> access challenge when calling PIM api's on MSGraph. Just save this as a .ps1 file and run it with PowerShell.</span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><br /></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u>Sceenshot</u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-f0XKwGB6bBw/XUR9K279o4I/AAAAAAAAEcQ/O3meoX1GpfQO6nAjgqntTZg1cI7mXQgzACLcBGAs/s1600/CA.PNG" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="183" data-original-width="834" height="139" src="https://1.bp.blogspot.com/-f0XKwGB6bBw/XUR9K279o4I/AAAAAAAAEcQ/O3meoX1GpfQO6nAjgqntTZg1cI7mXQgzACLcBGAs/s640/CA.PNG" width="640" /></a></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><br /></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><br /></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u><br /></u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><b><u>Source code</u></b></span></span></div>
<div class="MsoNormal">
<span face=""calibri" , sans-serif"><span style="font-size: 11pt;"><br /></span></span></div>
<div class="MsoNormal"><div class="MsoNormal"><span style="font-size: 14.6667px;">#Acquire AAD token</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">function AcquireToken($claims){</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $clientID = "dabc52c4-106b-4179-9df2-2f791f44ba14"</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $redirectUri = "https://pimmsgraph"</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $authority = "https://login.microsoftonline.com/common"</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> if($claims -ne $null)</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $authResult = Get-MSALToken -Scopes @("https://graph.microsoft.com/.default") -ClientId $ClientID -RedirectUri $redirectUri -Authority $authority -Interactive -ExtraQueryParameters @{claims=$claims}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Set-Variable -Name mfaDone -Value $true -Scope Global</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> else</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $authResult = Get-MSALToken -Scopes @("https://graph.microsoft.com/.default") -ClientId $ClientID -RedirectUri $redirectUri -Authority $authority -Interactive</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> if($authResult -ne $null)</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Write-Host "User logged in successfully ..." -ForegroundColor Green</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Set-Variable -Name headerParams -Value @{'Authorization'="$($authResult.AccessTokenType) $($authResult.AccessToken)"} -Scope Global</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Set-Variable -Name assigneeId -Value $authResult.UserInfo.UniqueId -Scope Global</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">} </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">#List resources</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">function ListResources(){</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $url = $serviceRoot + "resources?`$filter=(type+eq+'subscription')" </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Write-Host $url</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $resources = ConvertFrom-Json $response.Content</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $i = 0</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $obj = @()</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> foreach ($resource in $resources.value)</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $item = New-Object psobject -Property @{</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Id = ++$i</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> ResourceId = $resource.id</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> ResourceName = $resource.displayName</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> ResourceType = $resource.type</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $obj = $obj + $item</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">return $obj</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">#Disaplay resources</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">function DisplayResources(){</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $resources = ListResources</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $resources | Format-Table -AutoSize -Wrap Id,ResourceName,ResourceType</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">############################################################################################################################################################################</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$global:serviceRoot = "https://graph.microsoft.com/beta/privilegedAccess/azureResources/"</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$global:MSGraphRoot = "https://graph.microsoft.com/v1.0/"</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$global:headerParams = ""</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$global:assigneeId = ""</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$global:mfaDone = $false;</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"># Install msal.ps</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">if(!(Get-Module | Where-Object {$_.Name -eq 'PowerShellGet' -and $_.Version -ge '2.2.4.1'})) { Install-Module PowerShellGet -Force }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">if(!(Get-Package msal.ps)) { Install-Package msal.ps }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">$Authed = AcquireToken $global:clientID $global:redirectUri $global:resourceAppIdURI $global:authority $false</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">if ($Authed -eq $false)</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">{</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> return</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">try</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">{</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> DisplayResources</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">catch</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">{</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $stream = $_.Exception.Response.GetResponseStream()</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $stream.Position = 0;</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $err = $streamReader.ReadToEnd()</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $streamReader.Close()</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $stream.Close()</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> if($err.Contains("invalid_grant"))</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $errorObject = ConvertFrom-Json $err</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $message = ConvertFrom-Json $errorObject.error.message</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> $claims = $message.claims</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Write-Host "Prompting the user again since since a conditional access policy is enabled..." -ForegroundColor Green</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> AcquireToken $claims</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> DisplayResources</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> else</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> {</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> Write-Host $err -ForegroundColor Red</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> }</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">}</span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"><br /></span></div><div class="MsoNormal"><span style="font-size: 14.6667px;"> </span></div><div class="MsoNormal"><span style="font-size: 14.6667px;">Write-Host ""</span></div></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-33501331082768619532019-06-20T13:55:00.000-07:002019-06-20T13:55:32.313-07:00SQL interceptors<div dir="ltr" style="text-align: left;" trbidi="on">
SQL interceptors are a way to apply filtering by tenant for
securing multi-tenant applications. Here is a good read on it <a href="http://xabikos.com/2014/11/18/Create-a-multitenant-application-with-Entity-Framework-Code-First-Part-2/">http://xabikos.com/2014/11/18/Create-a-multitenant-application-with-Entity-Framework-Code-First-Part-2/</a><br />
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
However, you need to be careful with it since they modify
your query at runtime.<span style="mso-spacerun: yes;"> </span><o:p></o:p></div>
<div class="MsoNormal">
Specifically, DbExpressionBuilder.Bind(databaseExpression) in
the interceptor causes a random variable to be created which creates a random
query text for the same query on every reinitialize which is generally a
recycle on the VM where the application is running.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This puts unnecessary unnecessary pressure on QDS (Query Data Store).</div>
<div class="MsoNormal">
Also, if you force a query plan for a specific query hash,
a new query hash will be generated the next time so the forced plan will not work.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
To fix this, make sure to bind it with a specific variable
name like DbExpressionBuilder.BindAs(databaseExpression, "Filter")<o:p></o:p></div>
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-54571545750471976052019-06-20T13:49:00.000-07:002019-06-20T13:58:14.761-07:00Troubleshooting SQL Azure issues<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-size: large;"><b>Query Performance Insights</b></span><br />
<h1>
<o:p></o:p></h1>
<div class="MsoNormal">
The most common place to look for SQL Azure issues is Query
Performance Insights on Azure portal <a href="https://docs.microsoft.com/en-us/azure/sql-database/sql-database-query-performance">https://docs.microsoft.com/en-us/azure/sql-database/sql-database-query-performance</a><o:p></o:p></div>
<h1>
<span style="font-size: large;">Troubleshoot SQL query timeouts</span></h1>
<h1>
<o:p></o:p></h1>
<div class="MsoNormal">
There are various Data Management Views (DMV’s) created by
SQL Azure team <a href="https://docs.microsoft.com/en-us/azure/sql-database/sql-database-monitoring-with-dmvs">https://docs.microsoft.com/en-us/azure/sql-database/sql-database-monitoring-with-dmvs</a>
<o:p></o:p></div>
<div class="MsoNormal">
I tweaked them a little below:<o:p></o:p></div>
<h2>
<span style="font-size: small;"><br /></span></h2>
<h2>
<span style="font-size: small;">Find query hashes which are timing out</span><o:p></o:p></h2>
<div>
<br /></div>
<div>
Look for Aborted_Execution_Count column.</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
Top 15 CPU consuming queries by query hash<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
note that a query<span style="mso-spacerun: yes;"> </span>hash can have many
query id if not parameterized or not parameterized properly<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
it grabs a sample query text by min<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">WITH
AggregatedCPU AS (SELECT q.query_hash, p.query_plan_hash, SUM(count_executions
* avg_cpu_time / 1000.0) AS total_cpu_millisec, SUM(count_executions *
avg_cpu_time / 1000.0)/ SUM(count_executions) AS avg_cpu_millisec,
MAX(rs.max_cpu_time / 1000.00) AS max_cpu_millisec, MAX(max_logical_io_reads)
max_logical_reads, COUNT(DISTINCT p.plan_id) AS number_of_distinct_plans,
COUNT(DISTINCT p.query_id) AS number_of_distinct_query_ids, SUM(CASE WHEN rs.execution_type_desc='Aborted'
THEN count_executions ELSE 0 END) AS Aborted_Execution_Count, SUM(CASE WHEN
rs.execution_type_desc='Regular' THEN count_executions ELSE 0 END) AS
Regular_Execution_Count, SUM(CASE WHEN rs.execution_type_desc='Exception' THEN
count_executions ELSE 0 END) AS Exception_Execution_Count,
SUM(count_executions) AS total_executions, MIN(qt.query_sql_text) AS
sampled_query_text<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>FROM
sys.query_store_query_text AS qt<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_query AS q ON qt.query_text_id=q.query_text_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_plan AS p ON q.query_id=p.query_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_runtime_stats AS rs ON rs.plan_id=p.plan_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_runtime_stats_interval AS rsi ON
rsi.runtime_stats_interval_id=rs.runtime_stats_interval_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>WHERE
rs.execution_type_desc IN ('Regular', 'Aborted', 'Exception')AND
rsi.start_time>=DATEADD(HOUR, -24, GETUTCDATE())<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>GROUP BY q.query_hash,
p.query_plan_hash), OrderedCPU AS (SELECT query_hash, query_plan_hash,
total_cpu_millisec, avg_cpu_millisec, max_cpu_millisec, max_logical_reads,
number_of_distinct_plans, number_of_distinct_query_ids, total_executions,
Aborted_Execution_Count, Regular_Execution_Count, Exception_Execution_Count,
sampled_query_text, ROW_NUMBER() OVER (ORDER BY total_cpu_millisec DESC,
query_hash ASC) AS RN<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>FROM AggregatedCPU)<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">SELECT
OD.query_hash, OD.query_plan_hash, OD.total_cpu_millisec, OD.avg_cpu_millisec,
OD.max_cpu_millisec, OD.max_logical_reads, OD.number_of_distinct_plans,
OD.number_of_distinct_query_ids, OD.total_executions, OD.Aborted_Execution_Count,
OD.Regular_Execution_Count, OD.Exception_Execution_Count,
OD.sampled_query_text, OD.RN<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">FROM
OrderedCPU AS OD<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">WHERE
OD.RN<=15<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">ORDER
BY total_cpu_millisec DESC;</span><o:p></o:p></i></div>
<h2>
<span style="font-size: small;"><br /></span></h2>
<h2>
<span style="font-size: small;">Compare query plans for timing out query hash</span><o:p></o:p></h2>
<div class="MsoNormal">
<br />
Look for avg_cpu_millisec column. The query plan with lower
value is better. If there is only one query plan, then you need to change your
query to use the right indexes.<o:p></o:p></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
Top 15 CPU consuming queries by query hash<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
note that a query<span style="mso-spacerun: yes;"> </span>hash can have many
query id if not parameterized or not parameterized properly<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">--
it grabs a sample query text by min<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">WITH
AggregatedCPU AS (SELECT q.query_hash, p.query_plan_hash, SUM(count_executions
* avg_cpu_time / 1000.0) AS total_cpu_millisec, SUM(count_executions *
avg_cpu_time / 1000.0)/ SUM(count_executions) AS avg_cpu_millisec,
MAX(rs.max_cpu_time / 1000.00) AS max_cpu_millisec, MAX(max_logical_io_reads)
max_logical_reads, COUNT(DISTINCT p.plan_id) AS number_of_distinct_plans,
COUNT(DISTINCT p.query_id) AS number_of_distinct_query_ids, SUM(CASE WHEN
rs.execution_type_desc='Aborted' THEN count_executions ELSE 0 END) AS
Aborted_Execution_Count, SUM(CASE WHEN rs.execution_type_desc='Regular' THEN
count_executions ELSE 0 END) AS Regular_Execution_Count, SUM(CASE WHEN rs.execution_type_desc='Exception'
THEN count_executions ELSE 0 END) AS Exception_Execution_Count,
SUM(count_executions) AS total_executions, MIN(qt.query_sql_text) AS
sampled_query_text<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>FROM
sys.query_store_query_text AS qt<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>JOIN sys.query_store_query AS q ON
qt.query_text_id=q.query_text_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_plan AS p ON q.query_id=p.query_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_runtime_stats AS rs ON rs.plan_id=p.plan_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>JOIN
sys.query_store_runtime_stats_interval AS rsi ON
rsi.runtime_stats_interval_id=rs.runtime_stats_interval_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>WHERE
rs.execution_type_desc IN ('Regular', 'Aborted', 'Exception')AND
rsi.start_time>=DATEADD(HOUR, -24, GETUTCDATE())<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>GROUP BY q.query_hash,
p.query_plan_hash), OrderedCPU AS (SELECT query_hash, query_plan_hash,
total_cpu_millisec, avg_cpu_millisec, max_cpu_millisec, max_logical_reads,
number_of_distinct_plans, number_of_distinct_query_ids, total_executions,
Aborted_Execution_Count, Regular_Execution_Count, Exception_Execution_Count,
sampled_query_text, ROW_NUMBER() OVER (ORDER BY total_cpu_millisec DESC,
query_hash ASC) AS RN<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>FROM AggregatedCPU)<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">SELECT
OD.query_hash, OD.query_plan_hash, OD.total_cpu_millisec, OD.avg_cpu_millisec,
OD.max_cpu_millisec, OD.max_logical_reads, OD.number_of_distinct_plans,
OD.number_of_distinct_query_ids, OD.total_executions, OD.Aborted_Execution_Count,
OD.Regular_Execution_Count, OD.Exception_Execution_Count,
OD.sampled_query_text, OD.RN<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">FROM
OrderedCPU AS OD<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">WHERE
OD.query_hash= query_hash<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">ORDER
BY total_cpu_millisec DESC;</span></i><o:p></o:p></div>
<h2>
<span style="font-size: small;"><br /></span></h2>
<h2>
<span style="font-size: small;">Analyze the query plan</span><o:p></o:p></h2>
<div class="MsoNormal">
<br />
Once you have the query plan hash for which the query is
timing out, you can view and analyze it by running this query<o:p></o:p></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">select
qsq.query_hash<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsp.query_plan_hash<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsq.query_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsp.plan_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsq.query_text_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsq.is_internal_query<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsrts.first_execution_time<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsrts.last_execution_time<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsqt.query_sql_text<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,CAST(qsp.query_plan AS XML)<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>,qsrts.count_executions<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">from<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>[sys].[query_store_runtime_stats] qsrts<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>inner join [sys].[query_store_plan] qsp on
qsrts.plan_id = qsp.plan_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>inner join [sys].[query_store_query] qsq on
qsp.query_id = qsq.query_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;"><span style="mso-spacerun: yes;"> </span>inner join [sys].[query_store_query_text] qsqt
on qsq.query_text_id = qsqt.query_text_id<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">where<span style="mso-spacerun: yes;"> </span>qsp.query_plan_hash = query_plan_hash</span><o:p></o:p></i></div>
<h2>
<span style="font-size: small;"><br /></span></h2>
<h2>
<span style="font-size: small;">Force a query plan</span><o:p></o:p></h2>
<div class="MsoNormal">
<br />
If you have multiple query plans for a query, where one
query plan is performing far better than the other, you can force that query
plan. You need to analyze both query plans before you decide a force a specific
plan so that it will work for both large and small volume of data.<o:p></o:p></div>
<div class="MsoNormal">
https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-query-store-force-plan-transact-sql?view=sql-server-2017<o:p></o:p><br />
<br /></div>
<div class="MsoNormal">
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">select
* from sys.query_store_plan where is_forced_plan=1<o:p></o:p></span></i></div>
<br />
<div class="MsoNormal">
<i><span style="background: lightgrey; mso-highlight: lightgrey;">EXEC
sp_query_store_force_plan query_id, plan_id;<o:p></o:p></span></i></div>
</div>
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-66378438001729643002018-10-25T18:00:00.000-07:002018-10-25T18:00:51.129-07:00MSDN blog posts<div dir="ltr" style="text-align: left;" trbidi="on">
My MSDN blog posts have been moved here.<br />
Please see the list of redirections below:<br />
<br />
<b>PowerShell sample for Privileged Identity Management (PIM) for Azure AD Roles</b><br />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
<a href="https://blogs.msdn.microsoft.com/anujchaudhary/2018/06/07/powershell-sample-for-privileged-identity-management-pim-for-azure-ad-roles/">https://blogs.msdn.microsoft.com/anujchaudhary/2018/06/07/powershell-sample-for-privileged-identity-management-pim-for-azure-ad-roles/</a> <b>></b> <a href="http://www.anujchaudhary.com/2018/06/powershell-sample-for-privileged_7.html">http://www.anujchaudhary.com/2018/06/powershell-sample-for-privileged_7.html</a></div>
<br style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;" />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
</div>
<b>PowerShell sample for Privileged Identity Management (PIM) for Azure Resources</b><br />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
<a href="https://blogs.msdn.microsoft.com/anujchaudhary/2018/02/07/powershell-sample-for-privileged-identity-management-pim-for-azure-resources/">https://blogs.msdn.microsoft.com/anujchaudhary/2018/02/07/powershell-sample-for-privileged-identity-management-pim-for-azure-resources/</a> <b>></b> <a href="http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html">http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html</a></div>
<br style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;" />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
</div>
<b>Securing Azure resources with Privileged Identity Management</b><br />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
<a href="https://blogs.msdn.microsoft.com/anujchaudhary/2018/04/12/securing-azure-resources-with-privileged-identity-management/">https://blogs.msdn.microsoft.com/anujchaudhary/2018/04/12/securing-azure-resources-with-privileged-identity-management/</a> <b>></b> <a href="http://www.anujchaudhary.com/2018/04/securing-azure-resources-with.html">http://www.anujchaudhary.com/2018/04/securing-azure-resources-with.html</a></div>
<br style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;" />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
</div>
<b>Windows Azure: Automated UI testing using the power of cloud</b><br />
<div style="color: #222222; font-family: "Segoe UI", "Helvetica Neue", Helvetica, Arial, Verdana; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;">
<a href="http://blogs.msdn.com/b/anujchaudhary/archive/2012/11/02/windows-azure-automated-ui-testing-using-the-power-of-cloud.aspx">http://blogs.msdn.com/b/anujchaudhary/archive/2012/11/02/windows-azure-automated-ui-testing-using-the-power-of-cloud.aspx</a> <b>></b> <a href="http://www.anujchaudhary.com/2012/11/windows-azure-automated-ui-testing.html">http://www.anujchaudhary.com/2012/11/windows-azure-automated-ui-testing.html</a> </div>
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-61355184993641369502018-07-18T08:28:00.000-07:002018-07-18T08:28:41.592-07:00OData Client Code Generator for VS 2015<div dir="ltr" style="text-align: left;" trbidi="on">
I had been using OData Client Code Generator for VS 2015 to generate client for my OData service.<br />
See <a href="https://blogs.msdn.microsoft.com/odatateam/2014/03/11/tutorial-sample-how-to-use-odata-client-code-generator-to-generate-client-side-proxy-class/">https://blogs.msdn.microsoft.com/odatateam/2014/03/11/tutorial-sample-how-to-use-odata-client-code-generator-to-generate-client-side-proxy-class/</a><br />
<br />
The extension used to be deployed in my VS 2015 but recently it disappeared.<br />
When I tried to search for it in Extension and Updates, it would show a newer version of OData Client Code Generator which won't work for VS 2015.<br />
<br />
After looking around, I found the older version here <a href="https://github.com/OData/lab/blob/Tools/Tools/ODataT4ItemTemplate.2.4.0.vsix">https://github.com/OData/lab/blob/Tools/Tools/ODataT4ItemTemplate.2.4.0.vsix</a><br />
You can download and install it from here and restart VS 2015.<br />
<br />
After that, you should be able to generate the OData client as usual in VS 2015.<br />
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-32718949614692997732018-06-07T16:11:00.000-07:002020-07-07T19:04:44.636-07:00PowerShell sample for Privileged Identity Management (PIM) for Azure AD Roles<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
PIM for Azure AD Roles provides Just in Time (JIT) capability for Azure AD Roles. See more at <a href="https://docs.microsoft.com/en-us/azure/active-directory/active-directory-privileged-identity-management-getting-started" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/active-directory-privileged-identity-management-getting-started </a></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
How cool would it be if I can use the MSGraph PIM api’s to build custom applications. For example, you have multiple roles where you want to activate every day. It would be time consuming to activate them one by one. Instead, you can build a custom app using PowerShell or UI so that you can activate to all of these roles in one shot.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
In this blog, I will share a sample to list all your eligible roles and activate or deactivate them. You will also be able to assign someone to a role.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
I will share the full source code so you can customize it to suit your needs. Just save this as a .ps1 file and run it with PowerShell.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<b><u>Note</u></b>: If you tenant has migrated to newer version of PIM, see <a href="http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html">http://www.anujchaudhary.com/2018/02/powershell-sample-for-privileged.html</a></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><span style="background-color: white; color: #333333; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-size: 14px;"> </span><br />
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; font-weight: 700;"><u style="box-sizing: border-box;">Screenshot</u></span></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; font-weight: 700;"><u style="box-sizing: border-box;"><a href="http://3.bp.blogspot.com/-QwrIG1Q7gxg/W9JssFg2y7I/AAAAAAAAEVo/VKpnVyeGihg9rw4zqXc_atyiQIQGAZTZQCK4BGAYYCw/s1600/aad.png" imageanchor="1"><img border="0" height="312" src="https://3.bp.blogspot.com/-QwrIG1Q7gxg/W9JssFg2y7I/AAAAAAAAEVo/VKpnVyeGihg9rw4zqXc_atyiQIQGAZTZQCK4BGAYYCw/s640/aad.png" width="640" /></a></u></span></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;">Setup</span></span></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; font-weight: 700;"><u style="box-sizing: border-box;"><span style="background-color: white; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif; font-weight: 400;"> </span></u></span></div>
<ul style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px; margin-top: 0px; text-align: left;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Create a native AAD application. See <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications</a></li>
<li style="box-sizing: border-box;"><a href="http://4.bp.blogspot.com/-M4qU2q89wT4/W9Js02Kok3I/AAAAAAAAEVw/c8Qsd2FKzFAsyrsuONzc8Q5d4IemTcv_ACK4BGAYYCw/s1600/native.png" imageanchor="1"><img border="0" height="141" src="https://4.bp.blogspot.com/-M4qU2q89wT4/W9Js02Kok3I/AAAAAAAAEVw/c8Qsd2FKzFAsyrsuONzc8Q5d4IemTcv_ACK4BGAYYCw/s400/native.png" width="400" /></a></li>
<li style="box-sizing: border-box;">Grant it the following permissions to the application.<div style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<span style="background-color: white; font-family: "segoe ui" , "tahoma" , "arial" , "helvetica neue" , "helvetica" , sans-serif;"> </span><div style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
</li>
<ul style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 0px; margin-top: 0px;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read and write privileged access to Azure AD - You will need it if you are going to use the app for PIM for Azure AD Roles</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read and write privileged access to Azure resources - You will need it if you are going to use the app for PIM for Azure Resources</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read directory data - You will need it if you are going to read users, etc. from directory like the assignment example in the below source code</li>
<li style="box-sizing: border-box;"><a href="http://2.bp.blogspot.com/-lYYZx8vxLNE/W9Js_PJlyGI/AAAAAAAAEV8/KM64LfSn_1Md2-pGOYowIuJGeCiw5eSIACK4BGAYYCw/s1600/permissions.png" imageanchor="1"><img border="0" height="130" src="https://2.bp.blogspot.com/-lYYZx8vxLNE/W9Js_PJlyGI/AAAAAAAAEV8/KM64LfSn_1Md2-pGOYowIuJGeCiw5eSIACK4BGAYYCw/s400/permissions.png" width="400" /></a></li>
<li style="box-sizing: border-box;"><a href="http://4.bp.blogspot.com/-K-OGIKYhPoE/W9JtCG835II/AAAAAAAAEWE/pbJatCCNJmsY7DPv8JAkpXJicGGEsVmLQCK4BGAYYCw/s1600/perm2.png" imageanchor="1"><img border="0" height="152" src="https://4.bp.blogspot.com/-K-OGIKYhPoE/W9JtCG835II/AAAAAAAAEWE/pbJatCCNJmsY7DPv8JAkpXJicGGEsVmLQCK4BGAYYCw/s400/perm2.png" width="400" /></a></li>
<li style="box-sizing: border-box;">Note than these permissions require Admin consent so you will have to contact the tenant admin to grant these permissions. See <a href="https://docs.microsoft.com/en-us/azure/active-directory/application-dev-registration-config-grant-permissions-how-to" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/application-dev-registration-config-grant-permissions-how-to </a></li>
</ul>
<li>In the below code, update $clientID with your application id and $redirectUri with the redirect uri of the application.</li>
</ul>
<div>
<span style="color: #333333;"><span style="font-size: 14px;"><b><u>Source code</u></b></span></span></div>
<div>
<span style="color: #333333;"><span style="font-size: 14px;"></span></span><br />
<div>
<span style="color: #333333;"><span style="font-size: 14px;">#Loads Active Directory Authentication Library</span></span></div>
<span style="color: #333333;"><span style="font-size: 14px;">
<div>
function Load-ActiveDirectoryAuthenticationLibrary(){</div>
<div>
$moduleDirPath = [Environment]::GetFolderPath("MyDocuments") + "\WindowsPowerShell\Modules"</div>
<div>
$modulePath = $moduleDirPath + "\AADGraph"</div>
<div>
<br /></div>
<div>
if(-not (Test-Path ($modulePath+"\Nugets"))) {New-Item -Path ($modulePath+"\Nugets") -ItemType "Directory" | out-null}</div>
<div>
$adalPackageDirectories = (Get-ChildItem -Path ($modulePath+"\Nugets") -Filter "Microsoft.IdentityModel.Clients.ActiveDirectory*" -Directory)</div>
<div>
<br /></div>
<div>
if($adalPackageDirectories.Length -eq 0){</div>
<div>
Write-Host "Active Directory Authentication Library Nuget doesn't exist. Downloading now ..." -ForegroundColor Yellow</div>
<div>
if(-not(Test-Path ($modulePath + "\Nugets\nuget.exe")))</div>
<div>
{</div>
<div>
Write-Host "nuget.exe not found. Downloading from http://www.nuget.org/nuget.exe ..." -ForegroundColor Yellow</div>
<div>
$wc = New-Object System.Net.WebClient</div>
<div>
$wc.DownloadFile("http://www.nuget.org/nuget.exe",$modulePath + "\Nugets\nuget.exe");</div>
<div>
}</div>
<div>
$nugetDownloadExpression = $modulePath + "\Nugets\nuget.exe install Microsoft.IdentityModel.Clients.ActiveDirectory -Version 2.14.201151115 -OutputDirectory " + $modulePath + "\Nugets | out-null"</div>
<div>
Invoke-Expression $nugetDownloadExpression</div>
<div>
}</div>
<div>
<br /></div>
<div>
$adalPackageDirectories = (Get-ChildItem -Path ($modulePath+"\Nugets") -Filter "Microsoft.IdentityModel.Clients.ActiveDirectory*" -Directory)</div>
<div>
$ADAL_Assembly = (Get-ChildItem "Microsoft.IdentityModel.Clients.ActiveDirectory.dll" -Path $adalPackageDirectories[$adalPackageDirectories.length-1].FullName -Recurse)</div>
<div>
$ADAL_WindowsForms_Assembly = (Get-ChildItem "Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll" -Path $adalPackageDirectories[$adalPackageDirectories.length-1].FullName -Recurse)</div>
<div>
if($ADAL_Assembly.Length -gt 0 -and $ADAL_WindowsForms_Assembly.Length -gt 0){</div>
<div>
Write-Host "Loading ADAL Assemblies ..." -ForegroundColor Green</div>
<div>
[System.Reflection.Assembly]::LoadFrom($ADAL_Assembly[0].FullName) | out-null</div>
<div>
[System.Reflection.Assembly]::LoadFrom($ADAL_WindowsForms_Assembly.FullName) | out-null</div>
<div>
return $true</div>
<div>
}</div>
<div>
else{</div>
<div>
Write-Host "Fixing Active Directory Authentication Library package directories ..." -ForegroundColor Yellow</div>
<div>
$adalPackageDirectories | Remove-Item -Recurse -Force | Out-Null</div>
<div>
Write-Host "Not able to load ADAL assembly. Delete the Nugets folder under" $modulePath ", restart PowerShell session and try again ..."</div>
<div>
return $false</div>
<div>
}</div>
<div>
}</div>
<div>
</div>
<div>
#Acquire AAD token</div>
<div>
function AcquireToken($mfa){</div>
<div>
$clientID = "c7c64917-42bd-4a36-8ed6-af40122626eb"</div>
<div>
$redirectUri = "https://pimmsgraph"</div>
<div>
</div>
<div>
$authority = "https://login.microsoftonline.com/common"</div>
<div>
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority,$false</div>
<div>
if($mfa)</div>
<div>
{</div>
<div>
$authResult = $authContext.AcquireToken("https://graph.microsoft.com",$ClientID,$redirectUri,[Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Auto, [Microsoft.IdentityModel.Clients.ActiveDirectory.UserIdentifier]::AnyUser, "amr_values=mfa")</div>
<div>
Set-Variable -Name mfaDone -Value $true -Scope Global</div>
<div>
}</div>
<div>
else</div>
<div>
{</div>
<div>
$authResult = $authContext.AcquireToken("https://graph.microsoft.com",$ClientID,$redirectUri,[Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Always)</div>
<div>
}</div>
<div>
if($authResult -ne $null)</div>
<div>
{</div>
<div>
Write-Host "User logged in successfully ..." -ForegroundColor Green</div>
<div>
}</div>
<div>
Set-Variable -Name headerParams -Value @{'Authorization'="$($authResult.AccessTokenType) $($authResult.AccessToken)"} -Scope Global</div>
<div>
Set-Variable -Name assigneeId -Value $authResult.UserInfo.UniqueId -Scope Global</div>
<div>
}</div>
<div>
</div>
<div>
#Gets my jit assignments</div>
<div>
function MyJitAssignments(){</div>
<div>
$url = $serviceRoot + "privilegedRoleAssignments/my?`$expand=roleInfo&`$filter=isElevated+eq+false" </div>
<div>
<br /></div>
<div>
Write-Host $url</div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</div>
<div>
$assignments = ConvertFrom-Json $response.Content</div>
<div>
Write-Host ""</div>
<div>
Write-Host "Role assignments..." -ForegroundColor Green</div>
<div>
$i = 0</div>
<div>
$obj = @()</div>
<div>
foreach ($assignment in $assignments.value)</div>
<div>
{</div>
<div>
$item = New-Object psobject -Property @{</div>
<div>
Id = ++$i</div>
<div>
RoleAssignmentId = $assignment.id</div>
<div>
RoleId = $assignment.roleInfo.id</div>
<div>
RoleName = $assignment.roleInfo.name</div>
<div>
UserId = $assignment.userid</div>
<div>
}</div>
<div>
$obj = $obj + $item</div>
<div>
}</div>
<div>
</div>
<div>
return $obj</div>
<div>
}</div>
<div>
</div>
<div>
#Gets my active assignments</div>
<div>
function MyActivatedAssignments(){</div>
<div>
$url = $serviceRoot + "privilegedRoleAssignments/my?`$expand=roleInfo&`$filter=isElevated+eq+true+and+expirationDateTime+ne+null" </div>
<div>
<br /></div>
<div>
Write-Host $url</div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</div>
<div>
$assignments = ConvertFrom-Json $response.Content</div>
<div>
Write-Host ""</div>
<div>
Write-Host "Role assignments..." -ForegroundColor Green</div>
<div>
$i = 0</div>
<div>
$obj = @()</div>
<div>
foreach ($assignment in $assignments.value)</div>
<div>
{</div>
<div>
$item = New-Object psobject -Property @{</div>
<div>
Id = ++$i</div>
<div>
RoleAssignmentId = $assignment.id</div>
<div>
RoleId = $assignment.roleInfo.id</div>
<div>
RoleName = $assignment.roleInfo.name</div>
<div>
UserId = $assignment.userid</div>
<div>
ExpirationDateTime = $assignment.expirationDateTime</div>
<div>
}</div>
<div>
$obj = $obj + $item</div>
<div>
}</div>
<div>
</div>
<div>
return $obj</div>
<div>
}</div>
<div>
<br /></div>
<div>
#List roles</div>
<div>
function ListRoles(){</div>
<div>
$url = $serviceRoot + "privilegedRoles?&`$orderby=name"</div>
<div>
Write-Host $url</div>
<div>
<br /></div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</div>
<div>
$roles = ConvertFrom-Json $response.Content</div>
<div>
$i = 0</div>
<div>
$obj = @()</div>
<div>
foreach ($role in $roles.value)</div>
<div>
{</div>
<div>
$item = New-Object psobject -Property @{</div>
<div>
Id = ++$i</div>
<div>
RoleId = $role.id</div>
<div>
RoleName = $role.name</div>
<div>
}</div>
<div>
$obj = $obj + $item</div>
<div>
}</div>
<div>
</div>
<div>
return $obj</div>
<div>
}</div>
<div>
<br /></div>
<div>
#List Assignment</div>
<div>
function ListAssignmentsWithFilter($roleId){</div>
<div>
$url = $serviceRoot + "privilegedRoleAssignments?`$expand=roleInfo&`$filter=roleId+eq+'" + $roleId + "'"</div>
<div>
Write-Host $url</div>
<div>
<br /></div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</div>
<div>
$roleAssignments = ConvertFrom-Json $response.Content</div>
<div>
$i = 0</div>
<div>
$obj = @()</div>
<div>
foreach ($roleAssignment in $roleAssignments.value)</div>
<div>
{</div>
<div>
$item = New-Object psobject -Property @{</div>
<div>
Id = ++$i</div>
<div>
RoleAssignmentId = $roleAssignment.id</div>
<div>
RoleId = $roleAssignment.roleInfo.id</div>
<div>
RoleName = $roleAssignment.roleInfo.name</div>
<div>
IsElevated = $roleAssignment.isElevated</div>
<div>
ExpirationDateTime = $roleAssignment.expirationDateTime</div>
<div>
UserId = $roleAssignment.userId</div>
<div>
}</div>
<div>
$obj = $obj + $item</div>
<div>
}</div>
<div>
</div>
<div>
return $obj</div>
<div>
}</div>
<div>
<br /></div>
<div>
#List Users</div>
<div>
function ListUsers($user_search){</div>
<div>
$url = $MSGraphRoot + "users?`$filter=startswith(displayName,'" + $user_search + "')"</div>
<div>
Write-Host $url</div>
<div>
<br /></div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</div>
<div>
$users = ConvertFrom-Json $response.Content</div>
<div>
$i = 0</div>
<div>
$obj = @()</div>
<div>
foreach ($user in $users.value)</div>
<div>
{</div>
<div>
$item = New-Object psobject -Property @{</div>
<div>
Id = ++$i</div>
<div>
UserId = $user.id</div>
<div>
UserName = $user.DisplayName</div>
<div>
}</div>
<div>
$obj = $obj + $item</div>
<div>
}</div>
<div>
<br /></div>
<div>
return $obj</div>
<div>
}</div>
<div>
<br /></div>
<div>
#Activates the user</div>
<div>
function Activate($isRecursive = $false){</div>
<div>
if($isRecursive -eq $false)</div>
<div>
{</div>
<div>
$assignments = MyJitAssignments</div>
<div>
$assignments | Format-Table -AutoSize -Wrap Id,RoleName</div>
<div>
$choice = Read-Host "Enter Id to activate"</div>
<div>
$hours = Read-Host "Enter Activation duration in hours"</div>
<div>
$reason = Read-Host "Enter Reason"</div>
<div>
}</div>
<div>
<br /></div>
<div>
$roleId = $assignments[$choice-1].RoleId</div>
<div>
$url = $serviceRoot + "privilegedRoles('" + $roleId + "')/selfActivate"</div>
<div>
$postParams = '{"duration":"' + $hours + '","reason":"' + $reason + '"}'</div>
<div>
write-Host $postParams</div>
<div>
<br /></div>
<div>
try</div>
<div>
{</div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</div>
<div>
Write-Host "Role activated successfully ..." -ForegroundColor Green</div>
<div>
}</div>
<div>
catch</div>
<div>
{</div>
<div>
$stream = $_.Exception.Response.GetResponseStream()</div>
<div>
$stream.Position = 0;</div>
<div>
$streamReader = New-Object System.IO.StreamReader($stream)</div>
<div>
$err = $streamReader.ReadToEnd()</div>
<div>
$streamReader.Close()</div>
<div>
$stream.Close()</div>
<div>
</div>
<div>
if($mfaDone -eq $false -and $err.Contains("MfaRule"))</div>
<div>
{</div>
<div>
Write-Host "Prompting the user for mfa ..." -ForegroundColor Green</div>
<div>
AcquireToken true</div>
<div>
Activate $true</div>
<div>
}</div>
<div>
else</div>
<div>
{</div>
<div>
Write-Host $err -ForegroundColor Red</div>
<div>
}</div>
<div>
}</div>
<div>
}</div>
<div>
</div>
<div>
#Deactivates the user</div>
<div>
function Deactivate($isRecursive = $false){</div>
<div>
if($isRecursive -eq $false)</div>
<div>
{</div>
<div>
$assignments = MyActivatedAssignments</div>
<div>
$assignments | Format-Table -AutoSize -Wrap Id,RoleName,ExpirationDateTime</div>
<div>
$choice = Read-Host "Enter Id to deactivate"</div>
<div>
}</div>
<div>
<br /></div>
<div>
$roleId = $assignments[$choice-1].RoleId</div>
<div>
$url = $serviceRoot + "privilegedRoles('" + $roleId + "')/selfDeactivate"</div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json"</div>
<div>
Write-Host "Role deactivated successfully ..." -ForegroundColor Green</div>
<div>
}</div>
<div>
</div>
<div>
#List RoleAssignment</div>
<div>
function ListAssignment(){</div>
<div>
#List and Pick a role</div>
<div>
$roles = ListRoles</div>
<div>
$roles | Format-Table -AutoSize -Wrap Id, RoleName, RoleId</div>
<div>
$role_choice = Read-Host "Pick a role Id"</div>
<div>
$roleId = $roles[$role_choice-1].RoleId</div>
<div>
write-Host $roleId</div>
<div>
<br /></div>
<div>
#List Member</div>
<div>
$roleAssignments = ListAssignmentsWithFilter $roleId</div>
<div>
$roleAssignments | Format-Table -AutoSize -Wrap Id, RoleName, UserId, IsElevated, ExpirationDateTime</div>
<div>
}</div>
<div>
<br /></div>
<div>
#Assign a user to Eligible</div>
<div>
function AssignmentEligible() {</div>
<div>
#List and Pick a role</div>
<div>
$roles = ListRoles</div>
<div>
$roles | Format-Table -AutoSize -Wrap Id, RoleName</div>
<div>
$role_choice = Read-Host "Pick a role Id"</div>
<div>
$roleId = $roles[$role_choice-1].RoleId</div>
<div>
write-Host $roleId</div>
<div>
<br /></div>
<div>
#Search user by Name, and pick a user</div>
<div>
$user_search = Read-Host "user Name start with..."</div>
<div>
$users = ListUsers($user_search)</div>
<div>
$users | Format-Table -AutoSize -Wrap Id, UserName, UserId</div>
<div>
$user_choice = Read-Host "Pick a user Id"</div>
<div>
$userId = $users[$user_choice-1].UserId</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
$url = $serviceRoot + "privilegedRoleAssignments"</div>
<div>
$postParams = '{"roleId":"' + $roleId + '","userId":"' + $userId + '"}'</div>
<div>
write-Host $postParams</div>
<div>
</div>
<div>
$response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</div>
<div>
Write-Host "Assignment added successfully ..." -ForegroundColor Green</div>
<div>
}</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
#Show menu</div>
<div>
function ShowMenu(){</div>
<div>
Write-Host ""</div>
<div>
Write-Host "Azure AD JIT - PowerShell Menu v1.0"</div>
<div>
Write-Host " 1. List your eligible role assignments"</div>
<div>
Write-Host " 2. Activate an eligible role"</div>
<div>
Write-Host " 3. Deactivate an active role"</div>
<div>
Write-Host " 4. List Assignment against a role"</div>
<div>
Write-Host " 5. Assign a user to a role"</div>
<div>
Write-Host " 6. Exit"</div>
<div>
}</div>
<div>
</div>
<div>
############################################################################################################################################################################</div>
<div>
</div>
<div>
$global:serviceRoot = "https://graph.microsoft.com/beta/"</div>
<div>
$global:MSGraphRoot = "https://graph.microsoft.com/v1.0/"</div>
<div>
$global:headerParams = ""</div>
<div>
$global:assigneeId = ""</div>
<div>
$global:mfaDone = $false;</div>
<div>
</div>
<div>
Load-ActiveDirectoryAuthenticationLibrary</div>
<div>
AcquireToken</div>
<div>
</div>
<div>
do</div>
<div>
{</div>
<div>
ShowMenu</div>
<div>
#Write-Host "Enter your selection"</div>
<div>
$input = Read-Host "Enter your selection"</div>
<div>
switch ($input)</div>
<div>
{</div>
<div>
'1'</div>
<div>
{</div>
<div>
$assignments = MyJitAssignments</div>
<div>
$assignments | Format-Table -AutoSize -Wrap Id,RoleName</div>
<div>
}</div>
<div>
'2'</div>
<div>
{</div>
<div>
Activate</div>
<div>
}</div>
<div>
'3'</div>
<div>
{</div>
<div>
Deactivate</div>
<div>
}</div>
<div>
'4'</div>
<div>
{</div>
<div>
ListAssignment</div>
<div>
}</div>
<div>
'5'</div>
<div>
{</div>
<div>
AssignmentEligible</div>
<div>
}</div>
<div>
'6'</div>
<div>
{</div>
<div>
return</div>
<div>
}</div>
<div>
}</div>
<div>
}</div>
<div>
until ($input -eq '6')</div>
<div>
</div>
<div>
Write-Host ""</div>
</span></span></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com1tag:blogger.com,1999:blog-6043753706400514186.post-79981550315747076832018-05-11T16:40:00.000-07:002018-05-11T18:24:35.355-07:00user_interaction_required – Not able to add/refresh account in VS 2015<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="MsoNormal">
One day all of a sudden most of our team members were not
able to add/refresh their account in VS 2015. We were getting an error</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">---------------------------<o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">Microsoft Visual
Studio<o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">---------------------------<o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">We could not refresh
the credentials for the account xxx<o:p></o:p></i></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">user_interaction_required:
One of two conditions was encountered: 1. The PromptBehavior.Never flag was
passed, but the constraint could not be honored, because user interaction was
required. 2. An error occurred during a silent web authentication that prevented
the http authentication flow from completing in a short enough time frame<o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">---------------------------<o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">OK<span style="mso-spacerun: yes;"> </span><o:p></o:p></i></div>
<div class="MsoNormal">
<i style="mso-bidi-font-style: normal;">---------------------------<o:p></o:p></i></div>
<div class="MsoNormal">
I then started looking at the network traces to figure out
what’s wrong. I saw that there was an interaction between login.microsoftonline.com
and tokenprovider.termsofuse.identitygovernance.azure.com after which the error
would occur.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
I copied the first url which looks like <a href="https://login.microsoftonline.com/foo/oauth2/authorize?resource=https%3a%2f%2fmanagement.core.windows.net%2f&client_id=872cd9fa-d31f-45e0-9eab-6e460a02d1f1&response_type=code&redirect_uri=urn%3aietf%3awg%3aoauth%3a2.0%3aoob&login_hint=foo&client-request-id=f9c9ba16-48c2-4def-9b2d-c2218191eb7f&prompt=attempt_none&x-client-SKU=.NET&x-client-Ver=2.16.0.0&x-client-CPU=x64&x-client-OS=Microsoft+Windows+NT+10.0.16299.0&sso_nonce=foo&mscrid=foo" style="font-family: Calibri, sans-serif; font-size: 11pt;">https://login.microsoftonline.com/xxx/oauth2/authorize?resource=https%3a%2f%2fmanagement.core.windows.net%2f&client_id=872cd9fa-d31f-45e0-9eab-6e460a02d1f1&response_type=code&redirect_uri=urn%3aietf%3awg%3aoauth%3a2.0%3aoob&login_hint=xxx&client-request-id=f9c9ba16-48c2-4def-9b2d-c2218191eb7f&prompt=attempt_none&x-client-SKU=.NET&x-client-Ver=2.16.0.0&x-client-CPU=x64&x-client-OS=Microsoft+Windows+NT+10.0.16299.0&sso_nonce=xxx&mscrid=xxx</a><span style="font-family: "calibri" , sans-serif; font-size: 11pt;">
</span><span style="font-family: "calibri" , sans-serif; font-size: 11pt;"> </span>and pasted it into browser.<br />
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Now, I saw a prompt to accept Terms Of Use in a different
tenant that my home tenant. Looked like someone had enabled a Terms of Use Conditional Access policy on that tenant. See more details
about Terms of Use here <a href="https://docs.microsoft.com/en-us/azure/active-directory/active-directory-tou">https://docs.microsoft.com/en-us/azure/active-directory/active-directory-tou</a>
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On analyzing more, it looks like VS tries to get a token for
all the tenants you belong to. If one of the tenant has a Conditional Access
policy like Terms of Use which requires a user input, VS 2015 will not be able
to show it to you. So will you have to upgrade to VS 2017 or disable the Conditional Access policy.<br />
<br />
Once
this is done, everything should start working as usual.<o:p></o:p></div>
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-20111091635843074052018-04-11T18:16:00.000-07:002018-10-25T18:38:16.383-07:00Securing Azure resources with Privileged Identity Management<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
With Azure Active Directory Privileged Identity Management (PIM), you can now manage, control, and monitor access to Azure Resources within your organization. To learn more, see <a href="https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-pim-resource-rbac" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-pim-resource-rbac</a></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
It is important to have a Just In Time (JIT) capability to JIT into an Azure subscription for few hours to investigate any issues. However, once a bad guy has access to the subscription, he can get a lot of information out (like secrets, etc.) and do bad things even after the access is lost.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<span style="background-color: white; color: #333333; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; color: #333333; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; color: #333333; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; color: #333333; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><br />
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
With PIM, you can assign JIT access not only at the subscription level but also at a specific Resource group or Resource level to prevent any information disclosure. Here is an example of how you can manage your subscription securely with PIM.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<a href="http://3.bp.blogspot.com/-c_sJvXzLE-g/W9Jv5Z091QI/AAAAAAAAEXI/fSI6L6cK79kBfnY4_BDtsHOcYLw4Gg_tACK4BGAYYCw/s1600/Capture.png" imageanchor="1"><img border="0" height="204" src="https://3.bp.blogspot.com/-c_sJvXzLE-g/W9Jv5Z091QI/AAAAAAAAEXI/fSI6L6cK79kBfnY4_BDtsHOcYLw4Gg_tACK4BGAYYCw/s640/Capture.png" width="640" /></a></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
Create a Resource group for all your secrets. Let’s call it SecretsResourceGroup. This resource group can have the following resources:</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<ul style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px; margin-top: 0px;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Azure Storage</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">SQL Azure</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Cosmos DB</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Etc.</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
</ul>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
Create a Resource group for all your deployments. Let’s call it DeploymentsResourceGroup. This resource can have the following resources:</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<ul style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px; margin-top: 0px;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Cloud Service</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Service Fabric</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">App Service</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Virtual Machines</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Etc.</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
</ul>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
You will notice that almost anyone who needs access to the subscription actually needs access to a resource within DeploymentsResourceGroup. Typical scenarios include:</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<ul style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px; margin-top: 0px;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Investigating live site issue with a specific deployment</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Restarting a VM</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Installing a software update</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Etc.</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
</ul>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
If they need access to multiple resources, you can assign them Eligible assignment on the Resource group. If they need access to a specific resource, you can assign them Eligible assignment on the specific resource. Now whenever, they need access, they can JIT into the specific resource at that time. You can also configure approval so that they can only JIT upon approval.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span><span style="background-color: white; font-family: "Segoe UI", Tahoma, Arial, "Helvetica Neue", Helvetica, sans-serif; font-variant-east-asian: normal; font-variant-numeric: normal;"> </span></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
Thus, due to the granularity that PIM supports, you can now prevent people from accessing your secrets but still allow them to JIT into the specific resources where they need to investigate any issues.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<br /></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-72186384660610064042018-02-26T10:52:00.001-08:002018-02-26T10:52:53.895-08:00Change Azure AD MFA option or phone number<div dir="ltr" style="text-align: left;" trbidi="on">
Recently someone asked how can I change my Azure AD MFA option (like call/text/app) or how can I change my phone number.<br />
The easiest way to do this is to go to <a href="https://account.activedirectory.windowsazure.com/Proofup.aspx" style="font-family: Calibri, sans-serif; font-size: 11pt;">https://account.activedirectory.windowsazure.com/Proofup.aspx</a> where you will be able to update your MFA option or phone number.</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-83862989193940548082018-02-07T11:30:00.005-08:002021-02-16T18:30:55.592-08:00PowerShell sample for Privileged Identity Management (PIM)<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
PIM for Azure Resources provides Just in Time (JIT) and Temporary access capabilities for Azure AD roles and Azure Resource roles. See more at <a href="https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure">https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure</a></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
How cool would it be if I can use the MSGraph PIM api’s to build custom applications. For example, your IT Org has N different resource groups where you want to activate every day. It would be time consuming to activate them one by one. Instead, you can build a custom app using PowerShell or UI so that you can activate to all of these resource groups in one shot.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
In this blog, I will share a sample to list all your eligible roles and activate or deactivate them. You will also be able to assign someone to a role.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
I will share the full source code so you can customize it to suit your needs. Just save this as a .ps1 file and run it with PowerShell.</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<u style="box-sizing: border-box; font-weight: 700;">Screenshot</u><br />
<u style="box-sizing: border-box; font-weight: 700;"><br /></u>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-Ng50FJp13pA/XcSxEx6OpFI/AAAAAAAAEfQ/0esu7ago9f4f9ApLCk27g9CbPQnVQNkrQCLcBGAsYHQ/s1600/PS.JPG" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="586" data-original-width="1600" height="233" src="https://1.bp.blogspot.com/-Ng50FJp13pA/XcSxEx6OpFI/AAAAAAAAEfQ/0esu7ago9f4f9ApLCk27g9CbPQnVQNkrQCLcBGAsYHQ/s640/PS.JPG" width="640" /></a></div>
<u style="box-sizing: border-box; font-weight: 700;"><br /></u>
<u style="box-sizing: border-box; font-weight: 700;"><br /></u></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; font-weight: 700;"><u style="box-sizing: border-box;"></u></span></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<span style="box-sizing: border-box; text-decoration-line: underline;"><span style="box-sizing: border-box; font-weight: 700;"><br /></span></span>
<u style="font-weight: 700;">Setup</u></div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
<span style="box-sizing: border-box; font-weight: 700;"><span face=""segoe ui", tahoma, arial, "helvetica neue", helvetica, sans-serif" style="background-color: white; font-weight: 400;"> </span></span></div>
<ul style="box-sizing: border-box; color: #333333; font-size: 14px; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px; margin-top: 0px; text-align: left;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Create a native AAD application. See <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications</a></li>
<li style="box-sizing: border-box;"><a href="http://2.bp.blogspot.com/-3eIYzpz66-E/W9JufHJZvvI/AAAAAAAAEWg/c-_L_uJIFfEbedp6rtssIP-xXfILTOZvgCK4BGAYYCw/s1600/native.png"><img border="0" height="141" src="https://2.bp.blogspot.com/-3eIYzpz66-E/W9JufHJZvvI/AAAAAAAAEWg/c-_L_uJIFfEbedp6rtssIP-xXfILTOZvgCK4BGAYYCw/s400/native.png" width="400" /></a></li>
<li style="box-sizing: border-box;">Grant it the following permissions to the application.<div style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<span face=""segoe ui", tahoma, arial, "helvetica neue", helvetica, sans-serif" style="background-color: white;"> </span><div style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 10px;">
</div>
<ul style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; margin-bottom: 0px; margin-top: 0px;"><div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read and write privileged access to Azure AD - You will need it if you are going to use the app for PIM for Azure AD Roles</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read and write privileged access to Azure resources - You will need it if you are going to use the app for PIM for Azure Resources</li>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<div style="box-sizing: border-box; margin-bottom: 10px;">
</div>
<li style="box-sizing: border-box;">Read directory data - You will need it if you are going to read users, etc. from directory like the assignment example in the below source code</li>
<li style="box-sizing: border-box;"><a href="http://3.bp.blogspot.com/-CLPMJmJmQcc/W9JusT1B5TI/AAAAAAAAEWs/qiGR9hHCuHoO0_dQG64m08M2ZW4t-LJxACK4BGAYYCw/s1600/permissions.png"><img border="0" height="130" src="https://3.bp.blogspot.com/-CLPMJmJmQcc/W9JusT1B5TI/AAAAAAAAEWs/qiGR9hHCuHoO0_dQG64m08M2ZW4t-LJxACK4BGAYYCw/s400/permissions.png" width="400" /></a></li>
<li style="box-sizing: border-box;"><a href="http://4.bp.blogspot.com/-yWCdkLQcsSU/W9JuwgnF2UI/AAAAAAAAEW4/GggC293bLqM2ga5UJj256_FCQ-wRCJGWACK4BGAYYCw/s1600/perm2.png"><img border="0" height="122" src="https://4.bp.blogspot.com/-yWCdkLQcsSU/W9JuwgnF2UI/AAAAAAAAEW4/GggC293bLqM2ga5UJj256_FCQ-wRCJGWACK4BGAYYCw/s320/perm2.png" width="320" /></a></li>
<li style="box-sizing: border-box;">Note than these permissions require Admin consent so you will have to contact the tenant admin to grant these permissions. See <a href="https://docs.microsoft.com/en-us/azure/active-directory/application-dev-registration-config-grant-permissions-how-to" style="box-sizing: border-box; color: #337ab7; text-decoration-line: none;">https://docs.microsoft.com/en-us/azure/active-directory/application-dev-registration-config-grant-permissions-how-to </a></li>
</ul>
</li>
<li>In the below code, update $clientID with your application id and $redirectUri with the redirect uri of the application.</li>
<li>For Azure resources, set $global:serviceRoot = "https://graph.microsoft.com/beta/privilegedAccess/azureResources/"</li>
<li>For Azure AD roles, set $global:serviceRoot = "https://graph.microsoft.com/beta/privilegedAccess/aadRoles/"</li>
</ul>
<span style="box-sizing: border-box; color: #333333; font-size: 14px; font-weight: 700;"><ul style="box-sizing: border-box; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 400; margin-bottom: 10px; margin-top: 0px;"><li>For Azure AD groups, set $global:serviceRoot = "https://graph.microsoft.com/beta/privilegedAccess/aadGroups/"</li></ul><u>Source code</u></span><br />
<div>
<span style="box-sizing: border-box; font-size: 14px;"><span style="color: #333333;"></span></span><br />
<div><div><span style="color: #333333;"><span style="font-size: 14px;">#Acquire AAD token</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function AcquireToken($clientID, $redirectUri, $scopes, $authority, $mfa)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($mfa)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $authResult = Get-MSALToken -Scopes $scopes -ClientId $clientID -RedirectUri $redirectUri -Authority $authority -Interactive -ExtraQueryParameters @{claims='{"access_token" : {"amr": { "values": ["mfa"] }}}'}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Set-Variable -Name mfaDone -Value $true -Scope Global</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> else</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $authResult = Get-MSALToken -Scopes $scopes -ClientId $clientID -RedirectUri $redirectUri -Authority $authority -Interactive</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($authResult -ne $null)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "User logged in successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Set-Variable -Name headerParams -Value @{'Authorization'="$($authResult.AccessTokenType) $($authResult.AccessToken)"} -Scope Global</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Set-Variable -Name assigneeId -Value $authResult.UserInfo.UniqueId -Scope Global</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Gets my jit assignments</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function MyJitAssignments(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $urlme = $global:MSGraphRoot + "me/"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $urlme -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $me = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $subjectId = $me.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $subjectId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignments?`$expand=linkedEligibleRoleAssignment,subject,roleDefinition(`$expand=resource)&`$filter=(assignmentState+eq+'Eligible')+and+(subjectId+eq+'" + $subjectId + "')" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Role assignments..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($assignment in $assignments.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> IdGuid = $assignment.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceId = $assignment.roleDefinition.resource.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> OriginalId = $assignment.roleDefinition.resource.externalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceName = $assignment.roleDefinition.resource.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceType = $assignment.roleDefinition.resource.type</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleId = $assignment.roleDefinition.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleName = $assignment.roleDefinition.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExpirationDate = $assignment.endDateTime</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> SubjectId = $assignment.subject.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List resources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListResources(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "resources?`$filter=(type+eq+'subscription')" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($resource in $resources.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceId = $resource.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceName = $resource.DisplayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Type = $resource.type</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExternalId = $resource.externalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List roles</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListRoles($resourceId){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "resources/" + $resourceId + "/roleDefinitions?&`$orderby=displayName"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($role in $roles.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleDefinitionId = $role.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleName = $role.DisplayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List roles</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListRoleSettings($resourceId){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "resources/" + $resourceId + "/roleSettings?&`$expand=resource,roleDefinition&`$orderby=lastUpdatedDateTime+desc"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings = ConvertFrom-Json -InputObject $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($roleSetting in $roleSettings.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # userMemberSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSExp = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSMFA = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSJus = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSActDay = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSApprov = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSTicket = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($UMS in $roleSetting.userMemberSettings)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> switch ($UMS.ruleIdentifier) {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "MfaRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSMFA = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ExpirationRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSExp = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "JustificationRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSJus = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ActivationDayRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSActDay = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ApprovalRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSApprov = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "TicketingRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UMSTicket = $UMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # AdminEligibleSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESExp = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESMFA = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESJus = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESActDay = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESApprov = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESTicket = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($AES in $roleSetting.adminEligibleSettings)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> switch ($AES.ruleIdentifier) {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "MfaRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESMFA = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ExpirationRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESExp = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "JustificationRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESJus = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ActivationDayRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESActDay = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ApprovalRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESApprov = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "TicketingRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AESTicket = $AES.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # AdminMemberSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSExp = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSMFA = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSJus = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSActDay = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSApprov = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSTicket = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($AMS in $roleSetting.adminMemberSettings)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> switch ($AMS.ruleIdentifier) {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "MfaRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSMFA = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ExpirationRule" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSExp = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "JustificationRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSJus = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ActivationDayRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSActDay = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "ApprovalRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSApprov = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> "TicketingRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AMSTicket = $AMS.setting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> break</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleSettingId = $roleSetting.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceId = $roleSetting.resourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceName = $roleSetting.resource.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleDefinitionId = $roleSetting.roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleName = $roleSetting.roleDefinition.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettings = $roleSetting.adminMemberSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettings = $roleSetting.adminEligibleSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserEligibleSettings = $roleSetting.userEligibleSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettings = $roleSetting.userMemberSettings</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsMfaRule = $UMSMFA</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsExpirationRule = $UMSExp</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsJustificationRule = $UMSJus</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsActivationDayRule = $UMSActDay</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsApprovalRule = $UMSApprov</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsTicketingRule = $UMSTicket</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsMfaRule = $AESMFA</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsExpirationRule = $AESExp</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsJustificationRule = $AESJus</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsActivationDayRule = $AESActDay</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsApprovalRule = $AESApprov</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsTicketingRule = $AESTicket</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsMfaRule = $AMSMFA</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsExpirationRule = $AMSExp</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsJustificationRule = $AMSJus</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsActivationDayRule = $AMSActDay</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsApprovalRule = $AMSApprov</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsTicketingRule = $AMSTicket</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List Assignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListAssignmentsWithFilter($resourceId, $roleDefinitionId){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "resources/" + $resourceId + "`/roleAssignments?`$expand=subject,roleDefinition(`$expand=resource)&`$filter=(roleDefinition/id+eq+'" + $roleDefinitionId + "')"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($roleAssignment in $roleAssignments.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleAssignmentId = $roleAssignment.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceId = $roleAssignment.roleDefinition.resource.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> OriginalId = $roleAssignment.roleDefinition.resource.externalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceName = $roleAssignment.roleDefinition.resource.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceType = $roleAssignment.roleDefinition.resource.type</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleId = $roleAssignment.roleDefinition.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleName = $roleAssignment.roleDefinition.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExpirationDate = $roleAssignment.endDateTime</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> SubjectId = $roleAssignment.subject.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserName = $roleAssignment.subject.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AssignmentState = $roleAssignment.AssignmentState</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List Assignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListExpiringEligibleAssignmentsWithFilter($resourceId){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "resources/" + $resourceId + "`/roleAssignments?`$expand=subject,roleDefinition(`$expand=resource)&`$filter=(assignmentState+eq+'Eligible')"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><span style="white-space: pre;"> </span>$expiration = (Get-Date).ToUniversalTime().AddDays(14)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($roleAssignment in $roleAssignments.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if(($roleAssignment.endDateTime -ne $null) -and ([DateTime]$roleAssignment.endDateTime -lt $expiration))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleAssignmentId = $roleAssignment.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceId = $roleAssignment.roleDefinition.resource.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> OriginalId = $roleAssignment.roleDefinition.resource.externalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceName = $roleAssignment.roleDefinition.resource.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ResourceType = $roleAssignment.roleDefinition.resource.type</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleId = $roleAssignment.roleDefinition.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> RoleName = $roleAssignment.roleDefinition.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExpirationDate = $roleAssignment.endDateTime</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> SubjectId = $roleAssignment.subject.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserName = $roleAssignment.subject.displayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AssignmentState = $roleAssignment.AssignmentState</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List Users</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListUsers($user_search){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $MSGraphRoot + "users?`$filter=startswith(displayName,'" + $user_search + "')"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Get</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $users = ConvertFrom-Json $response.Content</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $i = 0</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = @()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($user in $users.value)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $item = New-Object psobject -Property @{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> id = ++$i</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserId = $user.id</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserName = $user.DisplayName</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $obj = $obj + $item</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return $obj</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Activates the user</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function Activate($isRecursive = $false){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($isRecursive -eq $false)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments = MyJitAssignments</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments | Format-Table -AutoSize -Wrap id,RoleName,ResourceName,ResourceType,ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $choice = Read-Host "Enter Id to activate"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> [int]$hours = Read-Host "Enter Activation duration in hours"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $reason = Read-Host "Enter Reason"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $id = $assignments[$choice-1].IdGuid</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $assignments[$choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $assignments[$choice-1].RoleId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $subjectId = $assignments[$choice-1].SubjectId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $postParams = '{"id":"00000000-0000-0000-0000-000000000000","assignmentState":"Active","type":"UserAdd","reason":"' + $reason + '","roleDefinitionId":"' + $roleDefinitionId + '","resourceId":"' + $resourceId + '","subjectId":"' + $subjectId + '","schedule":{"duration":"PT' + $hours + 'H","startDateTime":"' + (Get-Date).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ") + '","type":"Once"},"linkedEligibleRoleAssignmentId":"' + $id + '"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Activation request queued successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($mfaDone -eq $false -and $err.Contains("MfaRule"))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Prompting the user for mfa ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AcquireToken $global:clientID $global:redirectUri $global:resourceAppIdURI $global:authority $true</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Activate $true</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> else</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $err -ForegroundColor Red</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Extend the user role assignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ExtendRoleAssignment($roleAssignment, $hours){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $postParams = '{"id":"00000000-0000-0000-0000-000000000000","assignmentState":"Eligible","type":"AdminExtend","reason":"bulk extend","roleDefinitionId":"' + $roleAssignment.RoleId + '","resourceId":"' + $roleAssignment.ResourceId + '","subjectId":"' + $roleAssignment.SubjectId + '","schedule":{"duration":"PT' + $hours + 'H","startDateTime":"' + (Get-Date).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ") + '","type":"Once"}}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Extend Successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Delete the user role assignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function DeleteRoleAssignment($roleAssignment){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $roleAssignments[$ra_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $roleAssignments[$ra_choice-1].RoleId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $subjectId = $roleAssignments[$ra_choice-1].SubjectId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignmentState = $roleAssignments[$ra_choice-1].AssignmentState</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # Delete the chosen member</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $postParams = '{"assignmentState":"' + $assignmentState + '","type":"AdminRemove","reason":"Assign","roleDefinitionId":"' + $roleDefinitionId + '","resourceId":"' + $resourceId + '","subjectId":"' + $subjectId + '"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Assignment has been deleted" -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $err -ForegroundColor Red</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Deactivates the user</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function Deactivate($isRecursive = $false){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($isRecursive -eq $false)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments = MyJitAssignments</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments | Format-Table -AutoSize -Wrap id,RoleName,ResourceName,ResourceType,ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $choice = Read-Host "Enter Id to deactivate"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $id = $assignments[$choice-1].IdGuid</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $assignments[$choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $assignments[$choice-1].RoleId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $subjectId = $assignments[$choice-1].SubjectId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $postParams = '{"assignmentState":"Active","type":"UserRemove","roleDefinitionId":"' + $roleDefinitionId + '","resourceId":"' + $resourceId + '","subjectId":"' + $subjectId + '"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Role deactivated successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Patch RoleSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function PatchRoleSetting($patchParams, $roleSettingId){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleSettings/" + $roleSettingId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $patchParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Patch -ContentType "application/json" -Body $patchParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Update RoleSetting successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List RoleAssignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListAssignment(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick an resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick a role</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles = ListRoles($resourceId)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles | Format-Table -AutoSize -Wrap id, RoleName, RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $role_choice = Read-Host "Pick a role Id"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $roles[$role_choice-1].RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List Member</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments = ListAssignmentsWithFilter $resourceId $roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments | Format-Table -AutoSize -Wrap id, ResourceName, ResourceType, RoleName, UserName, AssignmentState, ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Delete RoleAssignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function DelAssignment(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick an resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick a role</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles = ListRoles($resourceId)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles | Format-Table -AutoSize -Wrap id, RoleName, RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $role_choice = Read-Host "Pick a role Id"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $roles[$role_choice-1].RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List Member</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments = ListAssignmentsWithFilter $resourceId $roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments | Format-Table -AutoSize -Wrap id, ResourceName, ResourceType, RoleName, UserName, AssignmentState, ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ra_choice = Read-Host "Pick a roleAssignment you want to delete, Pick 0 for Del All active, and Pick -1 to exit"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ra_choice -eq -1)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if (($roleAssignments -eq $null) -or ($roleAssignments[$ra_choice-1] -eq $null))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Number out-of range"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ra_choice -gt 0)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> DeleteRoleAssignment $roleAssignments[$ra_choice-1]</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ra_choice -eq 0)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($ra in $roleAssignments)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ra.AssignmentState -eq "Active") </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> DeleteRoleAssignment $ra</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List ExpiringRoleAssignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListExpiringEligibleAssignments(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick a resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List Expiring Member of the target resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments = ListExpiringEligibleAssignmentsWithFilter $resourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleAssignments | Format-Table -AutoSize -Wrap id, ResourceName, ResourceType, RoleName, UserName, AssignmentState, ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($roleAssignments -eq $null)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "No Eligible memberships are expiring" -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } else</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ra_choice = Read-Host "Pick a roleAssignment you want to extend, Pick 0 for ExtendAll, and Pick -1 to exit"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ra_choice -eq -1)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $days = Read-Host "Pick number of days, you want to extends"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $hours = [int]$days * 24</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $hours</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ra_choice -gt 0)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExtendRoleAssignment $roleAssignments[$ra_choice-1] $hours</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ra_choice -eq 0)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> foreach ($ra in $roleAssignments)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ExtendRoleAssignment $ra $hours </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Assign a user to Eligible</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function AssignmentEligible() {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick an resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick a role</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles = ListRoles($resourceId)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roles | Format-Table -AutoSize -Wrap id, RoleName, RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $role_choice = Read-Host "Pick a role Id"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleDefinitionId = $roles[$role_choice-1].RoleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $roleDefinitionId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #Search user by Name, and pick a user</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $user_search = Read-Host "user Name start with..."</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $users = ListUsers($user_search)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $users | Format-Table -AutoSize -Wrap id, UserName, UserId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $user_choice = Read-Host "Pick a user Id"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if (($users -eq $null) -or ($users[$user_choice-1] -eq $null))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Number out-of range"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $subjectId = $users[$user_choice-1].UserId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # Update end time</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ts = New-TimeSpan -Days 30</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $postParams = '{"assignmentState":"Eligible","type":"AdminAdd","reason":"Assign","roleDefinitionId":"' + $roleDefinitionId + '","resourceId":"' + $resourceId + '","subjectId":"' + $subjectId + '","schedule":{"startDateTime":"' + (Get-Date).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ") + '","endDateTime":"' + ((Get-Date) + $ts).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ") + '","type":"Once"}}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json" -Body $postParams</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Assignment request queued successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if($mfaDone -eq $false -and $err.Contains("MfaRule"))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Prompting the user for mfa ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AcquireToken $global:clientID $global:redirectUri $global:resourceAppIdURI $global:authority $true</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Activate $true</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> else</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $err -ForegroundColor Red</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Cancel Request</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> function CancelRequest() {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $requestId = Read-Host "RequestId"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $url = $serviceRoot + "roleAssignmentRequests/" + $requestId + "/cancel" </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $url</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> try</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $response = Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url -Method Post -ContentType "application/json"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Cancel request queued successfully ..." -ForegroundColor Green</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $recursive = $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> catch</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream = $_.Exception.Response.GetResponseStream()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Position = 0;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader = New-Object System.IO.StreamReader($stream)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $err = $streamReader.ReadToEnd()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $streamReader.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $stream.Close()</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-host $err </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#List RoleSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ListRoleSetting(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick an resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List RoleSettings and Pick a role/multiple role to update</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings = ListRoleSettings($resourceId)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings | Format-List id, RoleName, RoleDefinitionId, ResourceName, ResourceId, AdminMemberSettings, AdminEligibleSettings, UserMemberSettings, UserEligibleSettings,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsMfaRule, AdminMemberSettingsExpirationRule, AdminMemberSettingsJustificationRule, AdminMemberSettingsActivationDayRule, AdminMemberSettingsApprovalRule, AdminMemberSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsMfaRule, AdminEligibleSettingsExpirationRule, AdminEligibleSettingsJustificationRule, AdminEligibleSettingsActivationDayRule, AdminEligibleSettingsApprovalRule, AdminEligibleSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsMfaRule, UserMemberSettingsExpirationRule, UserMemberSettingsJustificationRule, UserMemberSettingsActivationDayRule, UserMemberSettingsApprovalRule, UserMemberSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserEligibleSettingsMfaRule, UserEligibleSettingsExpirationRule, UserEligibleSettingsJustificationRule, UserEligibleSettingsActivationDayRule, UserEligibleSettingsApprovalRule, UserEligibleSettingsTicketingRule</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Update RoleSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function UpdateRoleSetting(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List and Pick resource</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources = ListResources</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resources | Format-Table -AutoSize -Wrap id, ResourceName, Type, ExternalId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $res_choice = Read-Host "Pick an resource Id for assigment"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $resourceId = $resources[$res_choice-1].ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #List RoleSettings and Pick a role/multiple role to update</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings = ListRoleSettings($resourceId)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings | Format-List id, RoleName, RoleDefinitionId, ResourceName, ResourceId, AdminMemberSettings, AdminEligibleSettings, UserMemberSettings, UserEligibleSettings,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminMemberSettingsMfaRule, AdminMemberSettingsExpirationRule, AdminMemberSettingsJustificationRule, AdminMemberSettingsActivationDayRule, AdminMemberSettingsApprovalRule, AdminMemberSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AdminEligibleSettingsMfaRule, AdminEligibleSettingsExpirationRule, AdminEligibleSettingsJustificationRule, AdminEligibleSettingsActivationDayRule, AdminEligibleSettingsApprovalRule, AdminEligibleSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserMemberSettingsMfaRule, UserMemberSettingsExpirationRule, UserMemberSettingsJustificationRule, UserMemberSettingsActivationDayRule, UserMemberSettingsApprovalRule, UserMemberSettingsTicketingRule,</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UserEligibleSettingsMfaRule, UserEligibleSettingsExpirationRule, UserEligibleSettingsJustificationRule, UserEligibleSettingsActivationDayRule, UserEligibleSettingsApprovalRule, UserEligibleSettingsTicketingRule</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettings | Format-Table -AutoSize -Wrap id, RoleName, ResourceName, RoleDefinitionId, ResourceId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSetting_choice = Read-Host "Pick a role Id"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $roleSettingId = $roleSettings[$roleSetting_choice-1].RoleSettingId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> write-Host $roleSettingId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> # Activation Setting: "MfaRule", "ExpirationRule", "JustificationRule", "ActivationDayRule", "ApprovalRule", "TicketingRule"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $Activation = Read-Host "Update Activation Setting or not (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($Activation -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ActivationMfaRule = Read-Host "Activation MFA enabled (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ActivationExpirationRule = Read-Host "Activation Grant period in mins (ie. 240 is 4 hr)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ActivationJustificationRule = Read-Host "Activation Justification enabled (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $ActivationGP = [timespan]::fromminutes($ActivationExpirationRule)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #$UserMemberSetting = '{@{ruleIdentifier=ExpirationRule; setting={"maximumGrantPeriod":"'+$ActivationGP+'","maximumGrantPeriodInMinutes":'+$ActivationExpirationRule+',"permanentAssignment":false}}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UserMemberSetting =',"userMemberSettings": [{"ruleIdentifier":"ExpirationRule","setting": "{\"permanentAssignment\":false,\"maximumGrantPeriodInMinutes\":'+$ActivationExpirationRule+'}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ActivationMfaRule -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UserMemberSetting = $UserMemberSetting + ',{"ruleIdentifier":"MfaRule","setting":"{\"mfaRequired\":true}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ActivationMfaRule -like 'N') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UserMemberSetting = $UserMemberSetting + ',{"ruleIdentifier":"MfaRule","setting":"{\"mfaRequired\":false}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($ActivationJustificationRule -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UserMemberSetting = $UserMemberSetting + ',{"ruleIdentifier":"JustificationRule","setting":"{\"required\":true}"}]'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ActivationJustificationRule -like 'N') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $UserMemberSetting = $UserMemberSetting + ',{"ruleIdentifier":"JustificationRule","setting":"{\"required\":false}"}]'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $UserMemberSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminE = Read-Host "Update Admin Eligible Setting or not (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($AdminE -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminEMfaRule = Read-Host "Admin Eligible MFA enabled (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminEExpirationRule = Read-Host "Admin Eligible Grant period in mins (ie. 240 is 4 hr)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminEJustificationRule = Read-Host "Admin Eligible Justification enabled (Y or N)"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminEGP = [timespan]::fromminutes($AdminEExpirationRule)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminESetting =',"adminEligibleSettings": [{"ruleIdentifier":"ExpirationRule","setting": "{\"permanentAssignment\":false,\"maximumGrantPeriodInMinutes\":'+$AdminEExpirationRule+'}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($AdminEMfaRule -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminESetting = $AdminESetting + ',{"ruleIdentifier":"MfaRule","setting":"{\"mfaRequired\":true}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ActivationMfaRule -like 'N') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminESetting = $AdminESetting + ',{"ruleIdentifier":"MfaRule","setting":"{\"mfaRequired\":false}"}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if ($AdminEJustificationRule -like 'Y') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminESetting = $AdminESetting + ',{"ruleIdentifier":"JustificationRule","setting":"{\"required\":true}"}]'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> } elseif ($ActivationJustificationRule -like 'N') </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $AdminESetting = $AdminESetting + ',{"ruleIdentifier":"JustificationRule","setting":"{\"required\":false}"}]'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $AdminESetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> if (($AdminE -like 'Y') -or ($Activation -like 'Y'))</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #foreach</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $SettingId = '{"id":"'+$roleSettingId+'"'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $SettingId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $RoleSet = $SettingId+$UserMemberSetting+$AdminESetting+'}'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host $RoleSet</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> PatchRoleSetting $RoleSet $roleSettingId</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">#Show menu</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">function ShowMenu(){</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "--------------------------------------- "</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "Azure RBAC JIT - PowerShell Menu "</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host "--------------------------------------- "</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 1. EndUser List: List your eligible role assignments"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 2. EndUser Activate: Activate an eligible role"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 3. EndUser Deactivate: Deactivate an active role"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 4. Admin List: List Assignment against a resource"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 5. Admin Assign: Assign a user to a role"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 6. Admin Delete: Delete Assignment against a resource+role+user"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 7. Admin Extend: List Expiring Eligible Assignment against a resource and option to extend"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 8. Admin/EndUser Cancel: Cancel a request"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 9. Admin Query RoleSetting: List roleSetting against a resource"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 10. Admin Update RoleSetting: Choose RoleSetting to apply to a single or multiple roles"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host " 11. Exit"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Write-Host ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">############################################################################################################################################################################</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:serviceRoot = "https://graph.microsoft.com/beta/privilegedAccess/azureResources/"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:MSGraphRoot = "https://graph.microsoft.com/v1.0/"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:headerParams = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:assigneeId = ""</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:mfaDone = $false;</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:expiration = '2019-07-01T00:00:00Z'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:authority = "https://login.microsoftonline.com/common"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$global:scopes = @("https://graph.microsoft.com/.default");</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$clientID = "dabc52c4-106b-4179-9df2-2f791f44ba14"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$redirectUri = "https://pimmsgraph"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"># Install msal.ps</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">if(!(Get-Module | Where-Object {$_.Name -eq 'PowerShellGet' -and $_.Version -ge '2.2.4.1'})) { Install-Module PowerShellGet -Force }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">if(!(Get-Package msal.ps)) { Install-Package msal.ps }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">$Authed = AcquireToken $global:clientID $global:redirectUri $global:scopes $global:authority $false</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">if ($Authed -eq $false)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">do</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">{</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ShowMenu</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> #Write-Host "Enter your selection"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $input = Read-Host "Enter your selection"</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> switch ($input)</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '1'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments = MyJitAssignments</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> $assignments | Format-Table -AutoSize -Wrap id,RoleName,ResourceName,ResourceType,ExpirationDate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '2'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Activate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '3'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> Deactivate</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '4'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ListAssignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '5'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> AssignmentEligible</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '6'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> DelAssignment</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '7'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ListExpiringEligibleAssignments</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '8'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> CancelRequest</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '9'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> ListRoleSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '10'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> UpdateRoleSetting</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> '11'</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> {</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> return</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"><br /></span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> }</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">}</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">until ($input -eq '11')</span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;"> </span></span></div><div><span style="color: #333333;"><span style="font-size: 14px;">Write-Host ""</span></span></div></div>
<span style="box-sizing: border-box; font-size: 14px;"><span style="color: #333333;">
</span></span></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com9tag:blogger.com,1999:blog-6043753706400514186.post-84382746880085491332017-07-05T10:40:00.000-07:002017-07-05T10:40:17.999-07:00NEWSEQUENTIALID() with Entity Framework and SQL Azure<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
I was creating on a table in my database on SQL Azure which
had a GUID column as the primary key. I wanted to use NEWSEQUENTIALID() instead
of NEWID() as the default value for the column because that would generate a sequentially
incrementing GUID instead of a random GUID and have better performance.<o:p></o:p></div>
<div class="MsoNormal">
To do this in entity framework, I added <span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">[</span><span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">DatabaseGenerated</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">(</span><span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">DatabaseGeneratedOption</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">.Identity)] </span>attribute on the on column.<o:p></o:p></div>
<div class="MsoNormal">
I was also using code first migrations. To know more about
code first migrations, see <a href="https://msdn.microsoft.com/en-us/data/jj591621.aspx">https://msdn.microsoft.com/en-us/data/jj591621.aspx</a><o:p></o:p></div>
<div class="MsoNormal">
This generates this script <o:p></o:p></div>
<div class="MsoNormal">
<span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">c.Guid(nullable: </span><span style="color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">false</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">, identity: </span><span style="color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">true</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">)</span><o:p></o:p></div>
<div class="MsoNormal">
Now when the database would be created in SQL Azure, the column
values were still random instead of being sequentially incrementing. But if the
same database was created locally on SQL server, the values were sequentially
incrementing.<o:p></o:p></div>
<div class="MsoNormal">
The fix was to change the script to<o:p></o:p></div>
<br />
<div class="MsoNormal">
<span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">c.Guid(nullable: </span><span style="color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">false</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">, identity: </span><span style="color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">true</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">,
defaultValueSql: </span><span style="color: #a31515; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-bidi-font-family: Consolas;">"newsequentialid()"</span><span style="font-family: Consolas; font-size: 9.5pt; line-height: 107%;">)</span><o:p></o:p></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-38538495661231888572017-03-28T14:29:00.000-07:002017-03-29T15:51:56.975-07:00Troubleshooting Elevated Permissions with Azure AD Privileged Identity Management<div dir="ltr" style="text-align: left;" trbidi="on">
Here is my TechNet article <a href="https://social.technet.microsoft.com/wiki/contents/articles/37568.troubleshooting-elevated-permissions-with-azure-ad-privileged-identity-management.aspx">https://social.technet.microsoft.com/wiki/contents/articles/37568.troubleshooting-elevated-permissions-with-azure-ad-privileged-identity-management.aspx</a></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-16430093051625034172016-12-22T12:41:00.000-08:002016-12-22T13:42:48.081-08:00Redirecting cloud service traffic to load host and port<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
When you are developing cloud services, sometimes you want
to debug the service which is hosted outside of your dev box.</div>
<div class="MsoNormal">
The most common case is that there is a web portal which
talks to a web service. The web service is not behaving as expected and you
want to debug it.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The easiest step is to add an entry in host file (%SystemRoot%\System32\drivers\etc\hosts)<o:p></o:p></div>
<div class="MsoNormal">
127.0.0.1 mywebservice.com<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Now, when you open the web portal on your dev box, the web
service hosted on your dev box will be called and you can debug it by putting
breakpoints.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Now comes the interesting part. What if the web service on
your dev box is running on a specific port say <a href="https://localhost:44310/">https://localhost:44310/</a> <o:p></o:p></div>
<div class="MsoNormal">
Just adding a host entry will not work since you want to
redirect the traffic to your host as well as port.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Fiddler comes to rescue here which can be downloaded from <a href="http://www.telerik.com/fiddler">http://www.telerik.com/fiddler</a> <o:p></o:p></div>
<div class="MsoNormal">
You need to do the following steps:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
1. No need to change the host file (%SystemRoot%\System32\drivers\etc\hosts)<o:p></o:p></div>
<div class="MsoNormal">
2. Open Fiddler<o:p></o:p></div>
<div class="MsoNormal">
3. Go to Tools->Host and add the below entry<o:p></o:p></div>
<div class="MsoNormal">
localhost mywebservice.com<o:p></o:p></div>
<div class="MsoNormal">
4. Go to Rule->Customize Rules and add the below snippet in static
function OnBeforeRequest(oSession: Session)<o:p></o:p></div>
<div class="MsoNormal">
if (oSession.HostnameIs("mywebservice.com"))<o:p></o:p></div>
<div class="MsoNormal">
{<br />
oSession.host="localhost:44310";<br />
}<o:p></o:p></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
5.Restart Fiddler<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
That’s it, now when you open the web portal on your dev box,
the web service hosted on your dev box will be called and you can debug it by
putting breakpoints.</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-10681260884521793532016-01-06T14:25:00.000-08:002016-01-06T14:27:29.413-08:00Azure Active Directory - Get Tenant Id from Tenant Name<div dir="ltr" style="text-align: left;" trbidi="on">
This question "How do I get my Tenant Id?" has come up several times so I though I will blog it.<br />
<br />
You can do that my going to https://login.windows.net/TenantName/.well-known/openid-configuration where TenantName is the one of the domain name of your tenant.<br />
<br />
For example, https://login.windows.net/anujc.onmicrosoft.com/.well-known/openid-configuration will return<br />
<br />
<pre style="white-space: pre-wrap; word-wrap: break-word;">{"authorization_endpoint":"https://login.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/oauth2/authorize","token_endpoint":"https://login.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/oauth2/token","token_endpoint_auth_methods_supported":["client_secret_post","private_key_jwt"],"jwks_uri":"https://login.windows.net/common/discovery/keys","response_modes_supported":["query","fragment","form_post"],"subject_types_supported":["pairwise"],"id_token_signing_alg_values_supported":["RS256"],"response_types_supported":["code","id_token","code id_token","token id_token","token"],"scopes_supported":["openid"],"issuer":"https://sts.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/","claims_supported":["sub","iss","aud","exp","iat","auth_time","acr","amr","nonce","email","given_name","family_name","nickname"],"microsoft_multi_refresh_token":true,"check_session_iframe":"https://login.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/oauth2/checksession","end_session_endpoint":"https://login.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/oauth2/logout","userinfo_endpoint":"https://login.windows.net/46650ea8-7413-4415-82c6-f891fc15a31e/openid/userinfo"}</pre>
<br />
This contains my Tenant Id 46650ea8-7413-4415-82c6-f891fc15a31e<br />
<br /></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-22022694334460403232015-09-29T09:46:00.002-07:002015-09-29T09:46:30.080-07:00Mastering Selenium WebDriver<div dir="ltr" style="text-align: left;" trbidi="on">
Reviewed book on Mastering Selenium WebDriver. You can find it here <a href="https://www.packtpub.com/web-development/mastering-selenium-webdriver">https://www.packtpub.com/web-development/mastering-selenium-webdriver</a><br />
<br />
<table border="1" cellpadding="0" cellspacing="0" class="MsoTableGrid" style="border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-yfti-tbllook: 1184;">
<tbody>
<tr>
<td style="border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 233.75pt;" valign="top" width="312">
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-lOnvzbNgitE/Vgq_yfXFJnI/AAAAAAAAER0/w1WhpdeDjLc/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="http://1.bp.blogspot.com/-lOnvzbNgitE/Vgq_yfXFJnI/AAAAAAAAER0/w1WhpdeDjLc/s400/1.png" width="306" /></a></div>
<br />
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 233.75pt;" valign="top" width="312">
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-pxiWAd_xfik/Vgq_1i2l72I/AAAAAAAAER8/R3HFb8p0AwY/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="http://3.bp.blogspot.com/-pxiWAd_xfik/Vgq_1i2l72I/AAAAAAAAER8/R3HFb8p0AwY/s400/2.png" width="310" /></a></div>
<br />
</td>
</tr>
</tbody></table>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-55472126085960202532015-09-28T14:45:00.000-07:002015-09-28T14:45:23.436-07:00One or more errors occurred while publishing Azure Cloud Service from Visual Studio<div dir="ltr" style="text-align: left;" trbidi="on">
Recently, I was trying to publish my Azure Cloud Service from Visual Studio and was getting an error "One or more errors occurred".<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-DBKrRF1WUwU/Vgm0anUZj-I/AAAAAAAAERc/YbSKNUjQe8Y/s1600/1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-DBKrRF1WUwU/Vgm0anUZj-I/AAAAAAAAERc/YbSKNUjQe8Y/s1600/1.png" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
I couldn't find any more details in the Output window and was wondering what went wrong<br />
Finally I looked at Server Explorer and it showed "Reneter your credentials".<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-wS5MBFXsc6A/Vgm0hhdgWSI/AAAAAAAAERk/_qImsuhXu0A/s1600/2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-wS5MBFXsc6A/Vgm0hhdgWSI/AAAAAAAAERk/_qImsuhXu0A/s1600/2.png" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
After right clicking and re-entering the credentials, I was finally able to publish the cloud service.</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-38373230946671141852015-08-28T16:26:00.001-07:002016-01-06T14:25:52.517-08:00AADSTS65001: No permission to access user information is configured for xxx' application, or it is expired or revoked<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
Recently, I had built an AAD application in my tenant with
the permission “Enable single sign-on and read user’s profile”. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The application didn’t have admin consent so any time a user
would login to my site, he would be asked for consent. I had some users who had
consented to my app.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
After some time, I added another permission “Access Azure
Service Management” to my app and I was able to login fine. Users who had never
consented to my app earlier could also sign in. However, users who had already
consented to my app before I added the new permission started seeing this error
“AADSTS65001: No permission to access user information is configured for xxx'
application, or it is expired or revoked. “<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
I was really confused why the app works for some users but
not for others.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
After understanding the pattern that the error occurs only
for users who had already consented, I asked them to perform the following work
around:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<ol style="text-align: left;">
<li>Go to <a href="https://myapps.microsoft.com/">https://myapps.microsoft.com</a></li>
<li>Remove the app</li>
<li>Sign in again to the app in a fresh browser session</li>
<li>Now you will see the consent prompt for two permission</li>
<li>Grant consent<span style="text-indent: -0.25in;"> </span></li>
</ol>
<br />
<div class="MsoNormal">
After this, all users were able to login successfully.<o:p></o:p></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-28367421939668777752015-03-31T14:27:00.000-07:002015-03-31T14:28:21.072-07:00FiddlerCore - ByPass Intranet Traffic<div dir="ltr" style="text-align: left;" trbidi="on">
Found a nice trick to bypass intranet traffic while using fiddler core.<br />
<br />
<span style="color: #2b91af; font-family: Consolas;"><span style="color: #2b91af; font-family: Consolas;"><span style="color: #2b91af; font-family: Consolas;"><span style="color: #2b91af; font-family: Consolas;"><span style="color: #2b91af; font-family: Consolas;"><span style="color: #2b91af; font-family: Consolas;">CONFIG</span></span></span><span style="font-family: Consolas;"><span style="font-family: Consolas;">.sHostsThatBypassFiddler = </span></span><span style="color: #a31515; font-family: Consolas;"><span style="color: #a31515; font-family: Consolas;"><span style="color: #a31515; font-family: Consolas;">"<local>"</span></span></span><span style="font-family: Consolas;"><span style="font-family: Consolas;">;</span></span></span></span></span></div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-85627370016641935302015-02-27T13:49:00.002-08:002015-02-27T13:49:51.793-08:00Comparing X509Certificate Subject with User Input<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Recently I encountered an issue where I was comparing the
certificate name of an X509Certificate with a user input. </span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The issue was that the subject a user would see on the
certificate property has spaces in it </span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">E.g. CN = xxx<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Calibri;">However, when querying
the subject of an </span><span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt;">X509Certificate2</span><span style="font-family: Calibri;">
object, it won’t have any spaces in it</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Calibri;">E.g. CN=xxx<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">This would make the subject comparison fail</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Calibri;">The fix was to use </span><span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt;">X500DistinguishedName
</span><span style="font-family: Calibri;">for comparison of subject. Below is a snippet<span style="mso-spacerun: yes;"> </span></span><o:p><span style="font-family: Calibri;"> </span></o:p></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt;">X509Certificate2</span><span style="font-family: Consolas; font-size: 9.5pt;"> certificate = <span style="color: blue;">new</span> <span style="color: #2b91af;">X509Certificate2</span>(<span style="color: #a31515;">@"xxx.cer"</span>);</span></div>
<span style="font-family: Consolas; font-size: 9.5pt;"><span style="font-family: Consolas; font-size: x-small;"><span style="font-family: Consolas; font-size: x-small;"> </span></span><span style="color: green; font-family: Consolas; font-size: x-small;"><span style="color: green; font-family: Consolas; font-size: x-small;"><span style="color: green; font-family: Consolas; font-size: x-small;">// certificate.Subject results in CN=xxx</span></span></span></span><div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Consolas; font-size: 9.5pt;"><span style="mso-spacerun: yes;"> </span><span style="color: #2b91af;">X500DistinguishedName</span> certificateSubjectname = <span style="color: blue;">new</span> <span style="color: #2b91af;">X500DistinguishedName</span>(certificate.Subject);</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Consolas; font-size: 9.5pt;"><span style="mso-spacerun: yes;"> </span><span style="color: #2b91af;">X500DistinguishedName</span> configuredSubjectname = <span style="color: blue;">new</span> <span style="color: #2b91af;">X500DistinguishedName</span>(<span style="color: #a31515;">"CN = xxx"</span>);</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="font-family: Consolas; font-size: 9.5pt;"><span style="mso-spacerun: yes;"> </span><span style="color: blue;">bool</span> result = <span style="color: blue;">string</span>.Equals(certificateSubjectname.Decode(<span style="color: #2b91af;">X500DistinguishedNameFlags</span>.None),
configuredSubjectname.Decode(<span style="color: #2b91af;">X500DistinguishedNameFlags</span>.None),
<span style="color: #2b91af;">StringComparison</span>.CurrentCulture);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="color: #2b91af; font-family: Consolas; font-size: 9.5pt;"><o:p> </o:p></span></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-63469362845990088542014-11-24T14:56:00.001-08:002014-11-24T14:56:52.909-08:00Capturing traffic from .Net app to https://localhost using Fiddler<div dir="ltr" style="text-align: left;" trbidi="on">
Recently I was trying to capture traffic from my .Net help to a site hosted in IIS Express at https://localhost:port<br />
The issue was that fiddler wasn't capturing these requests. I found various alternatives like using IP address or machine name but that would results in certificate errors due to host name mismatch.<br />
<br />
Finally found the option of using https://localhost.fiddler:port instead of https://localhost:port which would then capture the traffic in Fiddler.<br />
<div>
<br /></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-77019802626480555832014-11-18T15:34:00.002-08:002014-11-18T15:34:55.968-08:00Configuring timeout on an existing Task using Extension method<div dir="ltr" style="text-align: left;" trbidi="on">
I was using SignalR IHubProxy and wanted to configure timeout on the task returned.<br />
The problem is that I didn't create this task and hence couldn't set a timeout using cancellation token, etc<br />
Thanks to the support from SignalR team, I was able to set Timeout using Extension method<br />
Below is the sample code<br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">static</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">class</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TaskExtensions</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">static</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">async</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">T</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">> TimeoutAfter<</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">T</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">>(</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">this</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">T</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">> task, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TimeSpan</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> timeout)</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">var</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> delayTask = </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">.Delay(timeout);</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">var</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> finishedFirst = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">await</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">.WhenAny(task, delayTask);</span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">if</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> (finishedFirst !=
delayTask)</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">// Task finished before the timeout</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">return</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> ((</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">T</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">>)finishedFirst).Result;</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
}</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><o:p> </o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">// Task didn't finish before the timeout</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">// Note: Technically the task wasn't
canceled at all, it's still running but there's no</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">//
way to stop it from here but the caller can handle this exception and retrieve</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">//
the task from the InnerException.Task property if further action is desired.</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">throw</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TaskCanceledException</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">(</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9pt; mso-highlight: white;">"The task didn't complete within the
specified time."</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">,</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TaskCanceledException</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">(task));</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
}</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><o:p> </o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">private</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">static</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">async</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">void</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> ExampleUsage()</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">var</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> exampleAsync = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Func</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">int</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">>>(() => </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">Task</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">.FromResult(</span><span style="background: white; color: magenta; font-family: Consolas; font-size: 9pt; mso-highlight: white;">1</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">));</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"><o:p> </o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">try</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">var</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> result = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">await</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> exampleAsync().TimeoutAfter(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TimeSpan</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">.FromSeconds(</span><span style="background: white; color: magenta; font-family: Consolas; font-size: 9pt; mso-highlight: white;">10</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">));</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9pt; mso-highlight: white;">catch</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;"> (</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9pt; mso-highlight: white;">TaskCanceledException</span><span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">)</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
{</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
</span><span style="background: white; color: green; font-family: Consolas; font-size: 9pt; mso-highlight: white;">// The task timed out</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">
}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9pt; mso-highlight: white;">}</span><span style="color: #1f497d; font-size: 8pt;"><o:p></o:p></span></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-21368874193721195442014-11-05T17:24:00.000-08:002014-11-05T17:24:34.279-08:00Using FiddlerCore on Remote devices<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Calibri;">Some time back, I wrote a blog on FiddlerCore </span><a href="http://www.anujchaudhary.com/2013/05/automated-website-testing-with.html"><span style="color: #0563c1; font-family: Calibri;">http://www.anujchaudhary.com/2013/05/automated-website-testing-with.html</span></a><br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">I had created a windows application using FiddlerCore and
was interested in using it on remote devices like WindowsPhone/iOS/Android/etc</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">After some investigations, I was able to achieve this goal
by doing the following:</span></div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Create Fiddler Root certificate using CertMaker.dll and BCMakeCert.dll<o:p></o:p></span></span></span></h1>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">CertMaker.dll uses the BouncyCastle C# library
(BCMakeCert.dll) to generate new certificates which are compatible with iOS
devices</span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Make sure these dlls are in the folder where your executable
and FiddlerCore.dll live.</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The root certificate is created in the below method</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">void</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> MakeCert()</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">if</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> (!</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">CertMaker</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.rootCertExists())</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">if</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> (!</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">CertMaker</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.createRootCert())</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">throw</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Exception</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"Unable to create cert for FiddlerCore."</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">);</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}<o:p></o:p></span></div>
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">else</span><br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Logger</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Log(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"Created Fiddler Root Cert for Https Inspection"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">);</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">X509Store</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> certStore = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">X509Store</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">StoreName</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Root,</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">StoreLocation</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.LocalMachine);<o:p></o:p></span></div>
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>certStore.Open(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">OpenFlags</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.ReadWrite);</span><br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">try</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>certStore.Add(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">CertMaker</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.GetRootCertificate());</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">finally</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>certStore.Close();</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Start Fiddler Application on a well-known port<o:p></o:p></span></span></span></h1>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Start Fiddler Application on a well-known port which will
allow inbound connections e.g. 9999</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">FiddlerApplication</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.Startup(9999, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">FiddlerCoreStartupFlags</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.Default);</span></div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Use FiddlerCoreStartupFlags.Default <o:p></o:p></span></span></span></h1>
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">Start FiddlerApplication with FiddlerCoreStartupFlags.Default.
This will ensure that remote connections are allowed and https decryption is
enabled<o:p></o:p></span><br />
<span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">FiddlerApplication</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.Startup(9999, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">FiddlerCoreStartupFlags</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.Default);</span><br />
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Enable Echo Service</span></span></span></h1>
<div style="margin: 12pt 0in 0pt;">
<span style="font-family: Calibri;">Echo service needs to be enabled so that the root
certificate can be downloaded and installed on the remote devices for https inspection.
This is done by setting the below preference</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">FiddlerApplication</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">.Prefs.SetBoolPref(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">"fiddler.echoservice.enabled"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">, </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">true</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">);</span>
</div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Configure proxy on Remote devices</span></span></span></h1>
<div class="MsoListParagraph" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-fareast-font-family: Calibri;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">1.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><span style="font-family: Calibri;">On
the remote device, go to <span style="mso-field-code: " HYPERLINK ";">http://<local</span>
machine IP>:9999 and download and install the Fiddler Root certificate</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-fareast-font-family: Calibri;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">2.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><span style="font-family: Calibri;">On
the remote device, go to network settings and add/change the proxy to local
machine IP and port 9999</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-fareast-font-family: Calibri;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">3.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><span style="font-family: Calibri;">Now
you will be able to dogfood new stuff on the remote device and view
metrics/logs on the local windows machine.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<o:p><span style="font-family: Calibri;"> </span></o:p><span style="font-family: Calibri;">Once the above steps are done, everything else is similar to
what’s described in </span><a href="http://www.anujchaudhary.com/2013/05/automated-website-testing-with.html"><span style="color: #0563c1; font-family: Calibri;">http://www.anujchaudhary.com/2013/05/automated-website-testing-with.html</span></a><o:p></o:p></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Enjoy!<o:p></o:p></span></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0tag:blogger.com,1999:blog-6043753706400514186.post-37709410415653691482014-10-09T17:12:00.000-07:002014-10-09T17:19:01.917-07:00Automating Windows Store apps using Coded UI<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Calibri;">Automating Windows Store apps with Coded UI is not as
straight forward as automating desktop app. This is because recording actions
is not allowed for Windows Store apps.</span><br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Here, we will learn how to automate Windows Store apps using
Coded UI and launch and close the app programmatically using IApplicationActivationManager</span></div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Add a Windows Store Coded UI Test Project<o:p></o:p></span></span></span></h1>
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;"> 1.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Add a new Coded UI Test Project from Store
App-> Windows Apps</span><a href="http://3.bp.blogspot.com/-wzaUyyAoAGI/VDcf4kDa6VI/AAAAAAAAEPw/jX4fK3xborI/s1600/1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-wzaUyyAoAGI/VDcf4kDa6VI/AAAAAAAAEPw/jX4fK3xborI/s1600/1.png" height="276" width="400" /></a><br />
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shapetype
id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t"
path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter"/>
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0"/>
<v:f eqn="sum @0 1 0"/>
<v:f eqn="sum 0 0 @1"/>
<v:f eqn="prod @2 1 2"/>
<v:f eqn="prod @3 21600 pixelWidth"/>
<v:f eqn="prod @3 21600 pixelHeight"/>
<v:f eqn="sum @0 0 1"/>
<v:f eqn="prod @6 1 2"/>
<v:f eqn="prod @7 21600 pixelWidth"/>
<v:f eqn="sum @8 21600 0"/>
<v:f eqn="prod @7 21600 pixelHeight"/>
<v:f eqn="sum @10 21600 0"/>
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
<o:lock v:ext="edit" aspectratio="t"/>
</v:shapetype><v:shape id="Picture_x0020_1" o:spid="_x0000_i1030" type="#_x0000_t75"
style='width:468pt;height:323.25pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image001.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><o:p></o:p><br /></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;"></span></span></span><br />
<div style="text-align: left;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;"> 2.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Select Edit UI Map or add assertions</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-5vJ7OyeBWqo/VDcf4qzf5JI/AAAAAAAAEPM/RPYMVOuo4wI/s1600/2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://2.bp.blogspot.com/-5vJ7OyeBWqo/VDcf4qzf5JI/AAAAAAAAEPM/RPYMVOuo4wI/s1600/2.png" height="235" width="400" /></a></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shape
id="Picture_x0020_2" o:spid="_x0000_i1029" type="#_x0000_t75" style='width:364.5pt;
height:214.5pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image003.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><o:p></o:p><br /></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
</div>
<div class="MsoListParagraph" style="margin: 0in 0in 8pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">3.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Note that recording actions is not allowed for
Windows Store apps</span></div>
<a href="http://3.bp.blogspot.com/-2731xLELlJQ/VDcf4gZrCkI/AAAAAAAAEPI/rDOBZTgUJ1E/s1600/3.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://3.bp.blogspot.com/-2731xLELlJQ/VDcf4gZrCkI/AAAAAAAAEPI/rDOBZTgUJ1E/s1600/3.PNG" height="92" width="400" /></a><br />
<br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shape
id="Picture_x0020_4" o:spid="_x0000_i1028" type="#_x0000_t75" style='width:338.25pt;
height:78.75pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image004.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><o:p></o:p><br /></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<o:p><span style="font-family: Calibri;"></span></o:p> </div>
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;"></span></span></span> <span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;"> 4.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Launch the app</span><br />
<span style="font-family: Calibri;"> </span><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">5.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Drag to cross hair on to a control and select
Add control to UI Map</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-gcg5lzdz8SY/VDcf4_43_MI/AAAAAAAAEPQ/Bj0a_M9EeS0/s1600/4.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://3.bp.blogspot.com/-gcg5lzdz8SY/VDcf4_43_MI/AAAAAAAAEPQ/Bj0a_M9EeS0/s1600/4.PNG" height="248" width="400" /></a></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shape
id="Picture_x0020_6" o:spid="_x0000_i1027" type="#_x0000_t75" style='width:467.25pt;
height:292.5pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image005.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><o:p></o:p><br /></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<o:p></o:p> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
</div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">6.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Add all controls and click Generate Code->Generate</span> </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-Ekgv7zXy9cc/VDcf5MikG7I/AAAAAAAAEPU/ozVSW2OIc_4/s1600/5.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://4.bp.blogspot.com/-Ekgv7zXy9cc/VDcf5MikG7I/AAAAAAAAEPU/ozVSW2OIc_4/s1600/5.png" height="248" width="400" /></a></div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shape id="Picture_x0020_7"
o:spid="_x0000_i1026" type="#_x0000_t75" style='width:467.25pt;height:292.5pt;
visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image007.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><o:p></o:p></span><br /></div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<span style="font-family: Calibri;"><o:p></o:p></span> </div>
<br />
<br />
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">7.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Close the Coded UI Test Builder</span><br />
<span style="font-family: Calibri;"> </span><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">8.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">UIMap.uitest will be created with the selected
controls</span><br />
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Launch and Close the App</span></span></span></h1>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Add the following code</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">enum</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ActivateOptions</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>None = 0x00000000,<span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// No
flags set</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>DesignMode = 0x00000001,<span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// The
application is being activated for design mode, and thus will not be able to</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// to
create an immersive window. Window creation must be done by design tools which</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// load
the necessary components by communicating with a designer-specified service on</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// the
site chain established on the activation manager.<span style="mso-spacerun: yes;"> </span>The splash screen normally</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// shown
when an application is activated will also not appear.<span style="mso-spacerun: yes;"> </span>Most activations</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// will
not use this flag.</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>NoErrorUI = 0x00000002,<span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// Do
not show an error dialog if the app fails to activate.<span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>NoSplashScreen = 0x00000004,<span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">// Do
not show the splash screen when activating the app.</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p> </o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ComImport</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Guid</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"2e941141-7f97-4756-ba1d-9decde894a3d"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">), </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">InterfaceType</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ComInterfaceType</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.InterfaceIsIUnknown)]</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">interface</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IApplicationActivationManager</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">//
Activates the specified immersive application for the "Launch"
contract, passing the provided arguments</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">//
string into the application.<span style="mso-spacerun: yes;"> </span>Callers can
obtain the process Id of the application instance fulfilling this contract.</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateApplication([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> arguments, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ActivateOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> options, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateForFile([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">/*IShellItemArray* */</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> itemArray, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> verb, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateForProtocol([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">/* IShellItemArray* */</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">itemArray, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ComImport</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Guid</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"45BA127D-10A8-46EA-8AB7-56EA9078943C"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">)]</span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">//Application Activation
Manager</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">class</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ApplicationActivationManager</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> : </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IApplicationActivationManager</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImpl</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImplOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.InternalCall, MethodCodeType = </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodCodeType</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Runtime)</span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">/*, PreserveSig*/</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">]<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">extern</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateApplication([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> arguments, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ActivateOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> options, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImpl</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImplOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.InternalCall, MethodCodeType = </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodCodeType</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Runtime)]<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">extern</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateForFile([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">/*IShellItemArray* */</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> itemArray, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> verb, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImpl</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodImplOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.InternalCall, MethodCodeType = </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">MethodCodeType</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Runtime)]<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">extern</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> ActivateForProtocol([</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">String</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appUserModelId, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">In</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">IntPtr</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: green; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">/* IShellItemArray* */</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">itemArray, [</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">] </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UInt32</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> processId);</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Then create the following variables which can be accessed in
TestInitialize and TestCleanup</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ApplicationActivationManager</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> appActiveManager = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ApplicationActivationManager</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">();<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;">uint</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"> pid;</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Add the following code in TestInitialize and TestCleanup</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">TestInitialize</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">()]</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">void</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> MyTestInitialize()</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;">
</span>appActiveManager.ActivateApplication(appUserModelId, </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">null</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">, </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">ActivateOptions</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.None, </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">out</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> pid);</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span><span style="color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%;"><o:p> </o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">TestCleanup</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">()]</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">void</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> MyTestCleanup()</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Process</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.GetProcessById((</span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">int</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">)pid).Kill();</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The</span><span style="color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%;"> </span><span style="font-family: Calibri;">appUserModelId in</span><span style="color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%;"> </span><span style="font-family: Calibri;">TestInitialize can
be obtained using the following steps:</span></div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">1.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">If you own the source code of the app, find the
package name in package.appxmanifest</span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">2.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Run regedit from command prompt</span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">3.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">On the device where the app is installed, find
the package name at
HKEY_CURRENT_USER\Software\Classes\ActivatableClasses\Package</span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">4.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Find the AppUserModelId value in key in
\Server\App.App...</span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 8pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;"><span style="font-family: Calibri;">5.</span><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">For example, the appUserModelId for Calculator
app on my device is Microsoft.WindowsCalculator_8wekyb3d8bbwe!App<span style="mso-spacerun: yes;"> </span>as shown below</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-lkFignOERNE/VDcf5RZbTTI/AAAAAAAAEPY/ejlz0ZpAuL8/s1600/6.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://4.bp.blogspot.com/-lkFignOERNE/VDcf5RZbTTI/AAAAAAAAEPY/ejlz0ZpAuL8/s1600/6.png" height="238" width="400" /></a></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"><!--[if gte vml 1]><v:shape
id="Picture_x0020_8" o:spid="_x0000_i1025" type="#_x0000_t75" style='width:467.25pt;
height:279.75pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\anujc\AppData\Local\Temp\msohtmlclip1\01\clip_image009.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><br /></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="mso-no-proof: yes;"></span> </div>
<h1 style="margin: 12pt 0in 0pt;">
<span style="font-size: large;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Automate the App</span></span></span></h1>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<o:p><span style="font-family: Calibri;"> </span></o:p><span style="font-family: Calibri;">Now instantiate the UIMap and automate the app in a test
method like below</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">[</span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">TestMethod</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">]</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">public</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">void</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> CodedUITestMethod1()</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>{</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UIMap</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> uiMap = </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">UIMap</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">();<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Keyboard</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.SendKeys(uiMap.UICalculatorWindow.UICalculatorResultsText,
</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"1"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Mouse</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Click(uiMap.UICalculatorWindow.UIPlusButton, </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Point</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(50, 50));<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Keyboard</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.SendKeys(uiMap.UICalculatorWindow.UICalculatorResultsText,
</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"1"</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">);<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Mouse</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.Click(uiMap.UICalculatorWindow.UIEqualsButton, </span><span style="background: white; color: blue; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">new</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"> </span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Point</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">(50, 50));<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0in 0in 0pt; mso-layout-grid-align: none;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span></span><span style="background: white; color: #2b91af; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">Assert</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">.AreEqual(</span><span style="background: white; color: #a31515; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">"Display
is<span style="mso-spacerun: yes;"> </span>2 "</span><span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; mso-highlight: white;">,
uiMap.UICalculatorWindow.UICalculatorResultsText.DisplayText);</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="background: white; color: black; font-family: Consolas; font-size: 9.5pt; line-height: 107%; mso-highlight: white;"><span style="mso-spacerun: yes;"> </span>}</span><o:p></o:p></div>
</div>
<div class="blogger-post-footer">Anuj Chaudhary</div>Anuj Chaudharyhttp://www.blogger.com/profile/17202872472362473841noreply@blogger.com0