
Connect to the Azure AD Support PowerShell module. This will use the same sign-in session to access different Microsoft resources.
Connect to the Azure AD Support PowerShell module. This will use the same sign-in session to access different Microsoft resources.
Example 1: Log in with your admin account...
Example 2: Log in to a specific tenant...
Connect-AadSupport -TenantId
Example 3: Log in to a specific instance...
Connect-AadSupport -AzureEnvironmentName AzureCloud
Connect-AadSupport -AzureEnvironmentName AzureGermanyCloud
Connect-AadSupport -AzureEnvironmentName AzureChinaCloud
Connect-AadSupport -AzureEnvironmentName AzureUSGovernment
Provide the Tenant ID you want to authenticate to.
Provide the Account ID you want to authenticate with.
.PARAMETER AzureEnvironmentName
Specifies the name of the Azure environment. The acceptable values for this parameter are:
        - AzureCloud
        - AzureChinaCloud
        - AzureUSGovernment
        - AzureGermanyCloud
        The default value is AzureCloud.
The path where the log file for this PowerShell session is written to. Provide a value here if you need to
deviate from the default PowerShell log file location.
General notes

function Connect-AadSupport
    param (
        $TenantId = "Common",

        $AzureEnvironmentName = "AzureCloud",


    # Parameter Validations

        $Global:AadSupport.Logging.Enabled = $true
        $Global:AadSupport.Logging.Enabled = $false

        $Global:AadSupport.Logging.Path = $LogPath

            $Global:AadSupport.Session.AadInstance = ""
            $Global:AadSupport.Resources.AadGraph = ""
            $Global:AadSupport.Resources.MsGraph = ""
            $Global:AadSupport.Resources.AzureRmApi = ""
            $Global:AadSupport.Resources.AzureServiceApi = ""
            $Global:AadSupport.Resources.KeyVault = ""

            $Global:AadSupport.Session.AadInstance = "" #
            $Global:AadSupport.Resources.AadGraph = ""
            $Global:AadSupport.Resources.MsGraph = ""
            $Global:AadSupport.Resources.AzureRmApi = ""
            $Global:AadSupport.Resources.AzureServiceApi = ""
            $Global:AadSupport.Resources.KeyVault = ""

            $Global:AadSupport.Session.AadInstance = ""
            $Global:AadSupport.Resources.AadGraph = ""
            $Global:AadSupport.Resources.MsGraph = "" #DOD
            $Global:AadSupport.Resources.AzureRmApi = ""
            $Global:AadSupport.Resources.AzureServiceApi = ""
            $Global:AadSupport.Resources.KeyVault = ""

            $Global:AadSupport.Session.AadInstance = ""
            $Global:AadSupport.Resources.AadGraph = ""
            $Global:AadSupport.Resources.MsGraph = ""
            $Global:AadSupport.Resources.AzureRmApi = ""
            $Global:AadSupport.Resources.AzureServiceApi = ""
            $Global:AadSupport.Resources.KeyVault = ""


    Write-Host ""
    Write-Host "Connecting to Azure AD PowerShell (Connect-AzureAD)"
    Write-Host "and Connecting to Azure PowerShell (Connect-AzAccount)"
    Write-Host ""

    # Connect to Azure AD PowerShell
    # Get Current Session Info
        $AccountId = $Global:AadSupport.Session.AccountId

    # if still null, We want to pass an empty AccountId
        $AccountId = ""

    try {

            $Prompt = "Always"
        else {
            $Prompt = "Auto"


        # Get Token for AAD Graph to be used for Azure AD PowerShell
        $token = $null
            $token = Get-AadTokenUsingAdal `
            -ResourceId $Global:AadSupport.Resources.AadGraph `
            -ClientId $Global:AadSupport.Clients.AzureAdPowershell.ClientId `
            -Tenant $TenantId `
            -UserId $AccountId `
            -Password $Password `
            -UseResourceOwnerPasswordCredential `
            -SkipServicePrincipalSearch `

            $token = Get-AadTokenUsingAdal `
                -ResourceId $Global:AadSupport.Resources.AadGraph `
                -ClientId $Global:AadSupport.Clients.AzureAdPowershell.ClientId `
                -Redirect $Global:AadSupport.Clients.AzureAdPowershell.RedirectUri `
                -Tenant $TenantId `
                -UserId $AccountId `
                -Prompt $Prompt `
                -SkipServicePrincipalSearch `

        # If we didnt get a token lets stop
            Write-Host "Failed to authenticate. User most likely cancelled." -Foreground Yellow

        $Global:AadSupport.Session.AccountId = $token.DisplayableId
        $Global:AadSupport.Session.TenantId = $token.TenantId

        # Get Token for Azure to be used for Azure PowerShell
        $token = $null
        $token = Get-AadTokenUsingAdal `
        -ResourceId $Global:AadSupport.Resources.AzureRmApi `
        -ClientId $Global:AadSupport.Clients.AzurePowershell.ClientId `
        -Redirect $Global:AadSupport.Clients.AzurePowershell.RedirectUri `
        -UserId $Global:AadSupport.Session.AccountId `
        -Tenant $Global:AadSupport.Session.TenantId `
        -Prompt Never `
        -SkipServicePrincipalSearch `
        $Global:AadSupport.Session.Active = $true
    catch {
        throw $_