Office|Office 365|PowerShell

Version 2 of the Azure Active Directory PowerShell Module is Generally Available – But be Careful

Azure AD PowerShell

What V2 of the Azure Active Directory PowerShell Module Means

Microsoft has given the Azure Active Directory PowerShell module an extensive upgrade and released Version 2 to general availability on December 5. The upgrade features a completely new naming convention as cmdlets are now prefixed with AzureAD rather than Msol (Microsoft Online).

The change in cmdlet naming is sufficient to mean that every script written to access Azure Active Directory needs to be rewritten before the new module can be deployed. Throw in some parameter changes and it’s clear that the work required to upgrade scripts to use the V2 module is more than a simple search and replace edit.


Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.


Microsoft makes a big thing that customers asked for “equivalent capabilities” between PowerShell and the Microsoft Graph API. The new module is based on the Graph API, which is the right thing to do, but I’m not sure that customers will welcome the disruption to operations that might occur as scripts are updated and tested against the new module.

No Need to Rush

Before you rush to install the new module, two really important points are made by Rob de Jong in the post announcing the release:

  • “The new Azure AD PowerShell v2.0 module don’t provide full functional parity with the older MSOL module yet. We’re working hard to make that happen in the coming months and will keep you updated on our progress.
  • We are not planning to publish new functionality in the MSOL PowerShell module. Over time we will implement all the functionality of the old MSOL cmdlets in the new module, and this new module contains quite a few new cmdlets that haven’t been available before.”

Although Microsoft says that V2 can now be used in production environments, the good news is that there’s no need to rush into an upgrade. The V1 module remains available and supported. Microsoft is working to upgrade the V2 module so that it will eventually have functional parity with V1, but that’s likely to take some months, possibly even mid-2017. Even when V2 reaches parity, the need will still exist to review, update, and test scripts as there’s no question of an automatic transition.

Revoking Refresh Tokens

One nice change included in the V2 module noted by MVP Vasil Michev is that the new module provides a way to revoke refresh tokens for Office 365, which is something you might like to do when an employee leaves the company and you want to cut off their access to Office 365 services. The cmdlet can be used to invalidate all refresh tokens and cookies for a user.

Downloading and Installing V2

The new module can be downloaded and installed from the PowerShell Gallery. There’s really no point in installing V2 on anything other than a test workstation so that you can become accustomed to the new naming convention and capabilities. Later, when V2 contains equivalent cmdlets to V1, you can start the process of reviewing and updating scripts.

A full list of the cmdlets currently included in the Azure Active Directory V2 PowerShell module is available online.

Change Can Be Bittersweet

Any change that requires code to be updated creates some challenges. Code that works perfectly with V1 might not do so well with V2. New bugs might be uncovered or introduced when scripts are updated. In short, change is a pain.

In this case, Microsoft is on the right path to keep PowerShell aligned with the Microsoft Graph. That’s a good strategic move, even if it means some pain for Office 365 tenants during the transition.

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He covers Office 365 and associated technologies for and is also the lead author for the Office 365 for IT Pros eBook, updated monthly to keep pace with change in the cloud.

Download this eBook!

External Sharing and Guest User Access in Microsoft 365 and Teams

his eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure. The eBook will also outline some of the major decision points across four general-purpose guest access policy scenarios for how an organization can set this up with standard licensing.

Download Now

Sponsored By