Functions/Connect-AzureRmsAdminAccount.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<#
.SYNOPSIS
    This function connects to Azure RMS using admin account credentials or a MSPComplete Endpoint.
.DESCRIPTION
    This function connects to Azure RMS using admin account credentials or a MSPComplete Endpoint.
    It returns whether the connection and logon was successful.
.EXAMPLE
    Connect-AzureRmsAdminAccount -Endpoint $Endpoint
.EXAMPLE
    $Endpoint | Connect-AzureRmsAdminAccount
.EXAMPLE
    Connect-AzureRmsAdminAccount -Username $username -Password $password
#>

function Connect-AzureRmsAdminAccount {
    param (
        # The username of the Azure RMS account.
        [Parameter(Mandatory=$true, ParameterSetName="credential")]
        [String]$username,

        # The password of the Azure RMS account.
        [Parameter(Mandatory=$true, ParameterSetName="credential")]
        [SecureString]$password,

        # The MSPComplete Endpoint.
        [Parameter(Mandatory=$true, ParameterSetName="endpoint", ValueFromPipeline=$true)]
        $endpoint
    )

    # If given endpoint, retrieve credential directly
    if ($PSCmdlet.ParameterSetName -eq "endpoint") {
        $aadrmCredential = $endpoint | Get-CredentialFromMSPCompleteEndpoint
        $username = $aadrmCredential.Username
    }

    # Create the Azure RMS credential from the given username and password
    else {
        $aadrmCredential = [PSCredential]::new($username, $password)
    }

    # Logon to Azure RMS
    try {
        Connect-AadrmService -Credential $aadrmCredential -ErrorAction Stop

        # Logon was successful
        Write-Information "Connection and logon to Azure RMS successful with username '$($username)'."
        return $true
    }

    # Logon was unsuccessful
    catch {
        Write-Error "Failed Azure RMS account login with username '$($username)'.`r`n$($_.Exception.Message)"
        return $false
    }
}