Automate Azure Active Directory Integration Tasks from PowerShell

Ready to get started?

Download for a free trial:

Download Now

Learn more:

Azure Active Directory ADO.NET Provider

Rapidly create and deploy powerful .NET applications that integrate with Azure Active Directory.

Are you looking for a quick and easy way to access Azure Active Directory data from PowerShell? We show how to use the Cmdlets for Azure Active Directory and the CData ADO.NET Provider for Azure Active Directory to connect to Azure Active Directory data and synchronize, automate, download, and more.

The CData Cmdlets for Azure Active Directory are standard PowerShell cmdlets that make it easy to accomplish data cleansing, normalization, backup, and other integration tasks by enabling real-time and bidirectional access to Azure Active Directory.

Cmdlets or ADO.NET?

The cmdlets are not only a PowerShell interface to the Azure Active Directory API, but also an SQL interface; this tutorial shows how to use both to create, retrieve, update, and delete Azure Active Directory data. We also show examples of the ADO.NET equivalent, which is possible with the CData ADO.NET Provider for Azure Active Directory. To access Azure Active Directory data from other .NET applications, like LINQPad, use the CData ADO.NET Provider for Azure Active Directory.

After obtaining the needed connection properties, accessing Azure Active Directory data in PowerShell consists of three basic steps.

Azure Active Directory uses the OAuth authentication standard. To authenticate using OAuth, you will need to create an app to obtain the OAuthClientId, OAuthClientSecret, and CallbackURL connection properties. See the OAuth section in the Help documentation for an authentication guide.


  1. Install the module:

    Install-Module AzureADCmdlets
  2. Connect:

    $azuread = Connect-AzureAD -OAuthClientId "$OAuthClientId" -OAuthClientSecret "$OAuthClientSecret" -CallbackURL "$CallbackURL"
  3. Search for and retrieve data:

    $isverified = "TRUE" $domains = Select-AzureAD -Connection $azuread -Table "Domains" -Where "isVerified = `'$isVerified`'" $domains

    You can also use the Invoke-AzureAD cmdlet to execute SQL commands:

    $domains = Invoke-AzureAD -Connection $azuread -Query 'SELECT * FROM Domains WHERE isVerified = @isVerified' -Params @{'@isVerified'='TRUE'}


  1. Load the provider's assembly:

    [Reflection.Assembly]::LoadFile("C:\Program Files\CData\CData ADO.NET Provider for Azure Active Directory\lib\System.Data.CData.AzureAD.dll")
  2. Connect to Azure Active Directory:

    $conn= New-Object System.Data.CData.AzureAD.AzureADConnection("OAuthClientId=MyApplicationId;OAuthClientSecret=MySecretKey;CallbackURL=http://localhost:33333;InitiateOAuth=GETANDREFRESH") $conn.Open()
  3. Instantiate the AzureADDataAdapter, execute an SQL query, and output the results:

    $sql="SELECT id, availabilityStatus from Domains" $da= New-Object System.Data.CData.AzureAD.AzureADDataAdapter($sql, $conn) $dt= New-Object System.Data.DataTable $da.Fill($dt) $dt.Rows | foreach { Write-Host $ $_.availabilitystatus }

Update Azure Active Directory Data


Update-AzureAD -Connection $AzureAD -Columns @('id','availabilityStatus') -Values @('Myid', 'MyavailabilityStatus') -Table Domains -Id "MyId"


$cmd = New-Object System.Data.CData.AzureAD.AzureADCommand("UPDATE Domains SET isVerified='TRUE' WHERE Id = @myId", $conn) $cmd.Parameters.Add(new System.Data.CData.AzureAD.AzureADParameter("@myId","10456255-0015501366")) $cmd.ExecuteNonQuery()

Insert Azure Active Directory Data


Add-AzureAD -Connection $AzureAD -Table Domains -Columns @("id", "availabilityStatus") -Values @("Myid", "MyavailabilityStatus")


$cmd = New-Object System.Data.CData.AzureAD.AzureADCommand("INSERT INTO Domains (isVerified) VALUES (@myisVerified)", $conn) $cmd.Parameters.Add(new System.Data.CData.AzureAD.AzureADParameter("@myisVerified","TRUE")) $cmd.ExecuteNonQuery()

Delete Azure Active Directory Data


Remove-AzureAD -Connection $AzureAD -Table "Domains" -Id "MyId"


$cmd = New-Object System.Data.CData.AzureAD.AzureADCommand("DELETE FROM Domains WHERE Id=@myId", $conn) $cmd.Parameters.Add(new System.Data.CData.AzureAD.AzureADParameter("@myId","001d000000YBRseAAH")) $cmd.ExecuteNonQuery()