How to Assign Global/Company Administrator Role to the AzureAD App

This section provides information about how to assign Global/Company Administrator role to the AzureAD app using the PowerShell cmdlets.

Follow these steps:

  1. To install the MSOnline module, run the following command from the PowerShell Window using the Run as administrator option:
  2. Install-Module MSOnline
  3. To initiate a connection with Azure Active Directory (AzureAD), run the following command:
  4. Connect-MSolService
  5. Get the App id using the following command:
  6. $sp = Get-MsolServicePrincipal -AppPrincipalID <APP ID GUID>
  7. Note: APP ID GUID is the application id of the UDP application.
  8. Get the Global/Company Administrator role using the following command:
  9. $role = Get-MsolRole -RoleName “Company Administrator”
  10. To add the Global/Company Administrator role to the AzureAD app, use the following command:
  11. Add-MsolRoleMember -RoleObjectId $role.ObjectId -RoleMemberType ServicePrincipal -RoleMemberObjectId $Sp.ObjectId

The Global/Company Administrator role is assigned to the AzureAD app.