1- # This sample script gets all Azure AD Application Proxy applications (AppId, Name of the app, external / internal url, authentication type).
1+ # This sample script gets all Azure AD Application Proxy applications (AppId, Name of the app, external / internal url, pre- authentication type etc. ).
22#
33# This script requires PowerShell 5.1 (x64) and one of the following modules:
4- # AzureAD 2.0.2.52
5- # AzureADPreview 2.0.2.53
4+ # AzureAD 2.0.2.128
65#
76# Before you begin:
87# Run Connect-AzureAD to connect to the tenant domain.
98# Required Azure AD role: Global Administrator or Application Administrator or Application Developer
109
10+ $ssoMode = " All"
11+
12+ # Change $ssoMode to filter the output based on the configured SSO type
13+ # All - all Azure AD Application Proxy apps (no filter)
14+ # None - Azure AD Application Proxy apps configured with no SSO, SAML, Linked, Password
15+ # OnPremisesKerberos - Azure AD Application Proxy apps configured with Windows Integrated SSO (Kerberos Constrained Delegation)
16+
1117Write-Host " Reading service principals. This operation might take longer..." - BackgroundColor " Black" - ForegroundColor " Green"
1218
1319$aadapServPrinc = Get-AzureADServicePrincipal - Top 100000 | where-object {$_.Tags -Contains " WindowsAzureActiveDirectoryOnPremApp"
@@ -21,13 +27,51 @@ Write-Host "Reading application. This operation might take longer..." -Backgroun
2127$aadapApp = $aadapServPrinc | ForEach-Object { $allApps -match $_.AppId }
2228
2329Write-Host " Displaying all Azure AD Application Proxy applications with configuration details..." - BackgroundColor " Black" - ForegroundColor " Green"
30+ Write-Host " SSO mode filter: " $ssoMode - BackgroundColor " Black" - ForegroundColor " Green"
2431Write-Host " "
2532
2633foreach ($item in $aadapApp ) {
27- $aadapServPrinc [$aadapApp.IndexOf ($item )].DisplayName + " (AppId: " + $aadapServPrinc [$aadapApp.IndexOf ($item )].AppId + " )"
28- Get-AzureADApplicationProxyApplication - ObjectId $item.ObjectId | fl ExternalUrl, InternalUrl, ExternalAuthenticationType
34+
35+ $aadapTemp = Get-AzureADApplicationProxyApplication - ObjectId $item.ObjectId
36+
37+ if ($ssoMode -eq " All" -Or $aadapTemp.SingleSignOnSettings.SingleSignOnMode -eq $ssoMode ) {
38+
39+ $aadapServPrinc [$aadapApp.IndexOf ($item )].DisplayName + " (AppId: " + $aadapServPrinc [$aadapApp.IndexOf ($item )].AppId + " )"
40+
41+ Write-Host " External Url: " $aadapTemp.ExternalUrl
42+ Write-Host " Internal Url: " $aadapTemp.InternalUrl
43+ Write-Host " Pre authentication type: " $aadapTemp.ExternalAuthenticationType
44+ Write-Host " SSO mode: " $aadapTemp.SingleSignOnSettings.SingleSignOnMode
45+
46+ If ($aadapTemp.SingleSignOnSettings.SingleSignOnMode -eq " OnPremisesKerberos"
47+
48+ Write-Host " Service Principal Name (SPN): " $aadtemp.SingleSignOnSettings.KerberosSignOnSettings.KerberosServicePrincipalName
49+ Write-Host " Username Mapping Attribute: " $aadapTemp.SingleSignOnSettings.KerberosSignOnSettings.KerberosSignOnMappingAttributeType
50+
51+ }
52+
53+ Write-Host " Backend Application Timeout: " $aadapTemp.ApplicationServerTimeout
54+ Write-Host " Translate URLs in Headers: " $aadapTemp.IsTranslateHostHeaderEnabled
55+ Write-Host " Translate URLs in Application Body: " $aadapTemp.IsTranslateLinksInBodyEnabled
56+ Write-Host " Use HTTP-Only Cookie: " $aadapTemp.IsHttpOnlyCookieEnabled
57+ Write-Host " Use Secure Cookie: " $aadapTemp.IsSecureCookieEnabled
58+ Write-Host " Use Persistent Cookie: " $aadapTemp.IsPersistentCookieEnabled
59+
60+ If ($aadapTemp.VerifiedCustomDomainCertificatesMetadata.Thumbprint.Length -ne 0 ) {
61+
62+ Write-Host " SSL Certificate details:"
63+ Write-Host " Certificate SubjectName: " $aadapTemp.VerifiedCustomDomainCertificatesMetadata.SubjectName
64+ Write-Host " Certificate Thumbprint: " $aadapTemp.VerifiedCustomDomainCertificatesMetadata.Issuer
65+ Write-Host " Certificate Thumbprint: " $aadapTemp.VerifiedCustomDomainCertificatesMetadata.Thumbprint
66+ Write-Host " Valid from: " $aadapTemp.VerifiedCustomDomainCertificatesMetadata.IssueDate
67+ Write-Host " Valid to: " $aadapTemp.VerifiedCustomDomainCertificatesMetadata.ExpiryDate
68+
69+ }
70+
71+ Write-Host " "
72+ }
2973}
3074
3175Write-Host (" "
3276Write-Host (" Finished." - BackgroundColor " Black" - ForegroundColor " Green"
33- Write-Host (" "
77+ Write-Host (" "
0 commit comments