-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDisableAccountLinking-MultiSubs.ps1
95 lines (74 loc) · 2.54 KB
/
DisableAccountLinking-MultiSubs.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
Write-Host "The Account Linking Experience Disablement Process" -ForegroundColor Green
try {
if (-not (Get-Module -ListAvailable -Name AzureAD)) {
Install-Module AzureAD -AllowClobber
}
if (-not (Get-Module -ListAvailable -Name Az.Accounts)) {
Install-Module Az.Accounts -AllowClobber
}
}
catch {
$message = $_
Write-Warning - Message "Unable to install required module. $message"
break;
}
Write-Host "If you have multiple subscriptions Please type the subscription ID you want to disable the account linking experience [Enter for Default] " -ForegroundColor Green
$SubID= Read-Host "Subscription ID"
If ($SubID) {
try {
$connectedTenant = Connect-AzureAD
Write-Host $connectedTenant
$azconnect= Connect-AzAccount
Write-Host "Setting context to use Subscription ID: $SubID"
Set-AzContext -SubscriptionId $SubID
}
catch {
Write-Warning "Unable to connect to AzureAD. Please re-run the script or contact support"
Write-Error $_
break;
}
} Else {
try {
$connectedTenant = Connect-AzureAD
Write-Host $connectedTenant
$azconnect= Connect-AzAccount
}
catch {
Write-Warning "Unable to connect to AzureAD. Please re-run the script or contact support"
Write-Error $_
break;
}
}
try {
$tenantInfo=Get-AzureADTenantDetail
$tenantId=$tenantInfo.objectId
$tenantDisplayName=$tenantInfo.DisplayName
$tenantDomain=$tenantInfo.VerifiedDomain
$token = Get-AzAccessToken
}
catch {
Write-Warning "Unable to obtain tenant ID. Please re-run the script or contact support"
Write-Error $_
break;
}
try {
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", $token)
$headers.Add("X-Executor", $connectedTenant.Account)
$body = "{
`n `"TenantName`": `"$tenantDisplayName`",
`n `"TenantId`": `"$tenantId`",
`n `"Executor`": `"$connectedTenant.Account`",
`n `"TenantDomain`": `"$tenantDomain`"
`n}"
$response = Invoke-RestMethod 'https://accountlinkingmanagement.azurewebsites.net/api/Disablelinking?code=DjA9zo8eSiXgCjZfz8wBq_A8njKsy0DOEN6C0fC-qqsVAzFufMRIEQ==' -Method 'POST' -Headers $headers -Body $body
$response | ConvertTo-Json
}
catch {
Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__
Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription
Write-Error $_
Write-Warning "Please re-run the script or contact support"
break;
}
Write-Host "The Account Linking Experience has been disabled on your tenant" -ForegroundColor Green