-
Notifications
You must be signed in to change notification settings - Fork 0
/
AzureADFindExpiringCreds.ps1
39 lines (36 loc) · 1.35 KB
/
AzureADFindExpiringCreds.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
$daystomonitor = 90
$results = @()
$azureapps = Get-AzureRMADApplication
foreach ($app in $azureapps) {
$expiringcred = Get-AzureRMADAppCredential -ObjectId $app.ObjectId
foreach ($e in $expiringcred) {
if ($null -ne $e.enddate) {
if ([datetime]$e.enddate -lt (get-date).AddDays($daystomonitor) -and ([datetime]$e.enddate -ge (get-date))) {
$results += [PSCustomObject]@{
AzureADName = $app.displayname
StartDate = $e.StartDate
EndDate = $e.EndDate
Type = $e.Type
applicationId = $app.applicationId
}
}
}
}
}
$azuresp = Get-AzureRMADServicePrincipal
foreach ($sp in $azuresp) {
$spc = get-AzureRMADServicePrincipalCredential -ObjectId $sp.id
foreach ($s in $spc) {
if ($null -ne $s.enddate) {
if ( [datetime]$s.enddate -lt (get-date).AddDays($daystomonitor) -and ([datetime]$s.enddate -ge (get-date))) {
$results += [PSCustomObject]@{
AzureADName = $sp.DisplayName
StartDate = $s.StartDate
EndDate = $s.EndDate
Type = $s.Type
applicationId = $sp.applicationId
}
}
}
}
}