Azure
diff --git a/‎application-proxy/assign-group-to-app.ps1
+45 b/‎application-proxy/assign-group-to-app.ps1
+45
diff --git a/‎application-proxy/assign-user-to-app.ps1
+44 b/‎application-proxy/assign-user-to-app.ps1
+44
diff --git a/‎application-proxy/display-users-group-of-an-app.ps1
+104 b/‎application-proxy/display-users-group-of-an-app.ps1
+104
diff --git a/‎application-proxy/get-all-appproxy-apps-basic.ps1
+26 b/‎application-proxy/get-all-appproxy-apps-basic.ps1
+26
diff --git a/‎application-proxy/get-all-appproxy-apps-by-connectorgroup.ps1
+59 b/‎application-proxy/get-all-appproxy-apps-by-connectorgroup.ps1
+59
diff --git a/‎application-proxy/get-all-appproxy-apps-extended.ps1
+33 b/‎application-proxy/get-all-appproxy-apps-extended.ps1
+33
diff --git a/‎application-proxy/get-all-appproxy-apps-with-policy.ps1
+47 b/‎application-proxy/get-all-appproxy-apps-with-policy.ps1
+47
diff --git a/‎application-proxy/get-all-connectors.ps1
+31 b/‎application-proxy/get-all-connectors.ps1
+31
@@ -0,0 +1,45 @@
+# This sample script assigns a group to a specific Azure AD Application Proxy application.
+#
+# .\assign-group-to-app.ps1 -ServicePrincipalObjectId <ObjectId of the Azure AD Application Proxy application service principal> -GroupObjectId <ObjectId of the group>
+#
+# Tip: You can identify the parameters by using the following PS commands:
+#    ServicePrincipalObjectId - Get-AzureADServicePrincipal -SearchString "<display name of the app>"
+#    GroupObjectId - Get-AzureADGroup -SearchString "<name of the group>"
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator
+
+param(
+[string] $ServicePrincipalObjectId = "null",
+[string] $GroupObjectId = "null"
+)
+
+$servicePrincipalObjectId = $ServicePrincipalObjectId
+$groupObjectId = $GroupObjectId
+
+If (($servicePrincipalObjectId -eq "null") -or ($groupObjectId -eq "null")) {
+
+    Write-Host "Parameter is missing." -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host ".\assign-group-to-app.ps1 -ServicePrincipalObjectId <ObjectId of the Azure AD Application Proxy application service principal> -GroupObjectId <ObjectId of the group>" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host "Hints:" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host "You can easily identify the parameters by using the following PS commands:" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host "ServicePrincipalObjectId - Get-AzureADServicePrincipal -SearchString ""<display name of the app>"" " -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host "GroupObjectId - Get-AzureADGroup -SearchString ""<name of the group>""" -BackgroundColor "Black" -ForegroundColor "Green"
+
+    Exit
+}
+
+
+New-AzureADGroupAppRoleAssignment -ObjectId $groupObjectId -PrincipalId $groupObjectId -ResourceId $servicePrincipalObjectId -Id 18d14569-c3bd-439b-9a66-3a2aee01d14f  
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,44 @@
+# This sample script assigns a user to a specific Azure AD Application Proxy application.
+#
+# .\assign-user-to-app.ps1 -ServicePrincipalObjectId <ObjectId of the Azure AD Application Proxy application service principal> -GroupObjectId <ObjectId of the user>
+#
+# Tip: You can identify the parameters by using the following PS commands:
+#    ServicePrincipalObjectId - Get-AzureADServicePrincipal -SearchString "<display name of the app>"
+#    UserObjectId - Get-AzureADGroup -SearchString "<name of the group>"
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator
+
+param(
+[string] $ServicePrincipalObjectId = "null",
+[string] $UserObjectId = "null"
+)
+
+$servicePrincipalObjectId = $ServicePrincipalObjectId
+$userObjectId = $UserObjectId
+
+If (($servicePrincipalObjectId -eq "null") -or ($userObjectId -eq "null")) {
+
+    Write-Host "Parameter is missing." -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host ".\assign-user-to-app.ps1 -ServicePrincipalObjectId <ObjectId of the Azure AD Application Proxy application service principal> -UserObjectId <ObjectId of the User>" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host "Hints:" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host "You can easily identify the parameters by using the following PS commands:" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host "ServicePrincipalObjectId - Get-AzureADServicePrincipal -SearchString ""<display name of the app>"" " -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host "UserObjectId - Get-AzureADUser -SearchString ""<name of the user>""" -BackgroundColor "Black" -ForegroundColor "Green"
+
+    Exit
+}
+
+New-AzureADUserAppRoleAssignment -ObjectId $userObjectId -PrincipalId $userObjectId -ResourceId $servicePrincipalObjectId -Id 18d14569-c3bd-439b-9a66-3a2aee01d14f 
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,104 @@
+# This sample script displays users and groups assigned to the specified Application Proxy application.
+#
+# .\display-users-group-of-an-app.ps1 -ObjectId <ObjectId of the application>
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator
+
+param(
+[string] $ObjectId = "null"
+)
+
+$aadapServPrincObjId=$ObjectId
+
+If ($aadapServPrincObjId -eq "null") {
+
+    Write-Host "Parameter is missing." -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+    Write-Host ".\display-users-group-of-an-app.ps1 -ObjectId <ObjectId of the application>" -BackgroundColor "Black" -ForegroundColor "Green"
+    Write-Host " "
+
+    Exit
+}
+
+Write-Host "Reading users. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$users=Get-AzureADUser -Top 1000000
+
+Write-Host "Reading groups. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$groups = Get-AzureADGroup -Top 1000000 
+
+$aadapApp = $aadapServPrinc | ForEach-Object { $allApps -match $_.AppId } 
+
+Write-Host "Displaying users and groups assigned to the specified Application Proxy application..." -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host " "
+
+try { $app = Get-AzureADServicePrincipal -ObjectId $aadapServPrincObjId}
+
+catch {
+
+    Write-Host "Possibly the ObjetId is incorrect." -BackgroundColor "Black" -ForegroundColor "Red"
+    Write-Host " "
+
+    Exit
+}
+
+Write-Host ("Application: " + $app.DisplayName + "(ServicePrinc. ObjID:" + $aadapServPrincObjId + ")")
+Write-Host ("")
+Write-Host ("Assigned (directly and through group membership) users:")
+Write-Host ("")
+
+$number=0
+
+foreach ($item in $users) {
+
+   $listOfAssignments = Get-AzureADUserAppRoleAssignment -ObjectId $item.ObjectId
+
+   $assigned = $false
+
+   foreach ($item2 in $listOfAssignments) { If ($item2.ResourceID -eq $aadapServPrincObjId) { $assigned = $true } }
+
+     If ($assigned -eq $true) {
+        Write-Host ("DisplayName: " + $item.DisplayName + " UPN: " + $item.UserPrincipalName + " ObjectID: " + $item.ObjectID)
+        $number = $number + 1
+     }
+}
+
+Write-Host ("")
+Write-Host ("Number of (directly and through group membership) users: " + $number)
+Write-Host ("")
+Write-Host ("")
+Write-Host ("Assigned groups:")
+Write-Host ("")
+
+$number=0
+
+foreach ($item in $groups) {
+
+   $listOfAssignments = Get-AzureADGroupAppRoleAssignment -ObjectId $item.ObjectId
+
+   $assigned = $false
+
+   foreach ($item2 in $listOfAssignments) { If ($item2.ResourceID -eq $aadapServPrincObjId) { $assigned = $true } }
+
+   If ($assigned -eq $true) {
+        Write-Host ("DisplayName: " + $item.DisplayName + " ObjectID: " + $item.ObjectID)
+        $number=$number+1
+   }
+}
+
+  
+Write-Host ("")
+Write-Host ("Number of assigned groups: " + $number)
+Write-Host ("")
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
+
@@ -0,0 +1,26 @@
+# This sample script gets all Azure AD Application Proxy applications (AppId, Name of the app, ObjID).
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator or Application Developer
+
+Write-Host "Reading service principals. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green" 
+
+$aadapServPrinc = Get-AzureADServicePrincipal -Top 100000 | where-object {$_.Tags -Contains "WindowsAzureActiveDirectoryOnPremApp"} 
+
+Write-Host "Displaying the Azure AD Application Proxy applications." -BackgroundColor "Black" -ForegroundColor "Green" 
+Write-Host " "
+
+$aadapServPrinc | fl AppId, DisplayName, ObjectId
+
+Write-Host " "
+Write-Host "Number of Azure AD Application Proxy Applications: ",  $aadapServPrinc.Count
+Write-Host " "
+ 
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,59 @@
+# This sample script gets all Azure AD Application Proxy Connector groups with the assigned applications.
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator
+
+Write-Host "Reading service principals. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green" 
+
+$aadapServPrinc = Get-AzureADServicePrincipal -Top 100000 | where-object {$_.Tags -Contains "WindowsAzureActiveDirectoryOnPremApp"} 
+
+Write-Host "Reading Azure AD applications. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$allApps = Get-AzureADApplication -Top 100000
+
+Write-Host "Reading application. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$aadapApp = $aadapServPrinc | ForEach-Object { $allApps -match $_.AppId}
+ 
+Write-Host "Reading connector groups. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$aadapConnectorGroups=Get-AzureADApplicationProxyConnectorGroup -Top 100000 
+
+Write-Host "Displaying connector groups and assigned applications..." -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host " "
+
+foreach ($item in $aadapConnectorGroups)
+ {
+    
+   If ($item.ConnectorGroupType -eq "applicationProxy")
+    {
+     "Connector group: " + $item.Name+ " (Id: " + $item.Id+ ")";
+     " ";
+     
+
+    foreach ($item2 in $aadapApp)
+     {
+
+      $connector = Get-AzureADApplicationProxyApplicationConnectorGroup -ObjectId $item2.ObjectID;
+
+            If ($item.Id -eq $connector.Id) 
+            
+            {
+            
+            $name = $aadapServPrinc -match $item2.AppId            
+            $name.DisplayName + " (AppId: " + $item2.AppId+ ")"}
+
+     }
+     " ";
+     }
+ }   
+
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,33 @@
+# This sample script gets all Azure AD Application Proxy applications (AppId, Name of the app, external / internal url, authentication type).
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator or Application Developer
+
+Write-Host "Reading service principals. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green" 
+
+$aadapServPrinc = Get-AzureADServicePrincipal -Top 100000 | where-object {$_.Tags -Contains "WindowsAzureActiveDirectoryOnPremApp"} 
+
+Write-Host "Reading Azure AD applications. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$allApps = Get-AzureADApplication -Top 100000
+
+Write-Host "Reading application. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$aadapApp = $aadapServPrinc | ForEach-Object { $allApps -match $_.AppId}
+
+Write-Host "Displaying all Azure AD Application Proxy applications with configuration details..." -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host " "
+
+foreach ($item in $aadapApp) {
+    $aadapServPrinc[$aadapApp.IndexOf($item)].DisplayName + " (AppId: " + $aadapServPrinc[$aadapApp.IndexOf($item)].AppId + ")";
+    Get-AzureADApplicationProxyApplication -ObjectId $item.ObjectId | fl ExternalUrl, InternalUrl,ExternalAuthenticationType
+}
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,47 @@
+# This sample script gets all Azure AD Proxy applications that have assigned an Azure AD policy (token lifetime) with policy details.
+# Reference:
+# Configurable token lifetimes in Azure Active Directory (Preview)
+# https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator
+ 
+Write-Host "Reading service principals. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$aadapServPrinc = Get-AzureADServicePrincipal -Top 100000 | where-object {$_.Tags -Contains "WindowsAzureActiveDirectoryOnPremApp"}  
+
+Write-Host "Reading Azure AD applications. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$allApps = Get-AzureADApplication -Top 100000 
+
+Write-Host "Displaying Azure AD Application Proxy applications with assigned Azure AD policies" -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host " " 
+
+foreach ($item in $aadapServPrinc) { 
+ 
+ $policy=Get-AzureADServicePrincipalPolicy -Id $item.ObjectId 
+ 
+ If (!([string]::IsNullOrEmpty($policy.Id))) {
+   
+   Write-Host ("")        
+ 
+   $item.DisplayName + " (AppId: " + $item.AppId + ")" 
+ 
+   Write-Host ("") 
+   Write-Host ("Policy") 
+     
+   Get-AzureADPolicy -Id $policy.id | fl 
+    
+   Write-Host ("") 
+ 
+  } 
+}  
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("") 
@@ -0,0 +1,31 @@
+# This sample script gets all Azure AD Application Proxy Connector groups with the included connectors.
+#
+# This script requires PowerShell 5.1 (x64) and one of the following modules:
+#     AzureAD 2.0.2.52
+#     AzureADPreview 2.0.2.53
+#
+# Before you begin:
+#    Run Connect-AzureAD to connect to the tenant domain.
+#    Required Azure AD role: Global Administrator or Application Administrator
+
+Write-Host "Reading connector groups. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"
+
+$aadapConnectorGroups = Get-AzureADApplicationProxyConnectorGroup -Top 100000 
+
+Write-Host "Displaying connector groups and connectors..." -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host " "
+
+foreach ($item in $aadapConnectorGroups) {
+   
+     If ($item.ConnectorGroupType -eq "applicationProxy") {
+
+     "Connector group: " + $item.Name, "(Id:" + $item.Id + ")";
+     Get-AzureADApplicationProxyConnectorGroupMembers -Id $item.Id;
+     " ";
+
+     }
+}  
+
+Write-Host ("")
+Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
+Write-Host ("")