Using the PowerShell Interface

This section provides information about how to assign the Global Admin role to Azure application using the PowerShell interface.

• To assign the role automatically, follow these steps:
1. Download the PowerShell script. To download, click AssignGlobalAdminRoleToADApplication.ps1.
2. Open the PowerShell window using the Run as Administrator option, navigate to the downloaded script path, and then run the following command:
3. .\AssignGlobalAdminRoleToADApplication.ps1 <Application(client) id generated from the Azure portal>

Example:

4. .\AssignGlobalAdminRoleToADApplication.ps1 60f92079-d1bf-40f7-9ab5-59caab8e7534
• To assign the role manually using the PowerShell cmdlets, follow these steps:
1. To install the MSOnline module, run the following command from the PowerShell Window using the Run as administrator option:
2. Install-Module MSOnline
2. To initiate a connection with Azure Active Directory (AzureAD), run the following command:
3. Connect-MSolService
3. To get the App ID, run the following command:
4. $sp = Get-MsolServicePrincipal -AppPrincipalID <APP ID GUID>
5. Note: APP ID GUID is the application ID of the UDP application.
4. To get the Global/Company Administrator role, run the following command:
5. $role = Get-MsolRole -RoleName 'Company Administrator'
5. To add the Global/Company Administrator role to the AzureAD app, run the following command:
6. Add-MsolRoleMember -RoleObjectId $role.ObjectId -RoleMemberType ServicePrincipal -RoleMemberObjectId $Sp.ObjectId