导出包含过期机密和证书的应用程序注册,并在团队中发送警报
问题描述 投票:0回答:1
我想导出带有过期机密和证书的应用程序注册,并在 30 天内过期时在团队中发送警报,我可以在此处获取带有脚本的应用程序列表
1个回答
0
投票
投票
正如 @Peter Bons 提到的,您的 PowerShell 脚本已经具有 输入参数,要求用户输入机密过期前的天数。
当我从此 MS Doc 运行相同的脚本时,它提示我输入天数并在 30 天之前成功导出包含过期机密和证书的 csv 文件,如下所示:
apps.csv:
您还可以使用下面的modified脚本添加额外的列,指定机密和证书到期的剩余天数:
Connect-MgGraph -Scopes 'Application.Read.All'
$DaysUntilExpiration = 30
$Now = Get-Date
$Logs = @()
Write-Host "Retrieving all applications... This may take a while." -ForegroundColor Yellow
$Applications = Get-MgApplication -all
foreach ($App in $Applications) {
$AppName = $App.DisplayName
$AppID = $App.Id
$ApplID = $App.AppId
$AppCreds = Get-MgApplication -ApplicationId $AppID | Select-Object PasswordCredentials, KeyCredentials
$Secrets = $AppCreds.PasswordCredentials
$Certs = $AppCreds.KeyCredentials
foreach ($Secret in $Secrets) {
$StartDate = $Secret.StartDateTime
$EndDate = $Secret.EndDateTime
$SecretName = $Secret.DisplayName
$RemainingDaysCount = ($EndDate - $Now).Days
if ($RemainingDaysCount -lt 30 -and $RemainingDaysCount -ge 0) {
$Owner = Get-MgApplicationOwner -ApplicationId $App.Id
$Username = $Owner.AdditionalProperties.userPrincipalName -join ';'
$OwnerID = $Owner.Id -join ';'
if ($null -eq $Owner.AdditionalProperties.userPrincipalName) {
$Username = $Owner.AdditionalProperties.displayName + ' **<This is an Application>**'
}
if ($null -eq $Owner.AdditionalProperties.displayName) {
$Username = '<<No Owner>>'
}
$Logs += [PSCustomObject]@{
'ApplicationName' = $AppName
'ApplicationID' = $ApplID
'Secret Name' = $SecretName
'Secret Start Date' = $StartDate
'Secret End Date' = $EndDate
'ExpiresInDays' = $RemainingDaysCount
'Certificate Name' = $Null
'Certificate Start Date' = $Null
'Certificate End Date' = $Null
'Owner' = $Username
'Owner_ObjectID' = $OwnerID
}
}
}
foreach ($Cert in $Certs) {
$StartDate = $Cert.StartDateTime
$EndDate = $Cert.EndDateTime
$CertName = $Cert.DisplayName
$RemainingDaysCount = ($EndDate - $Now).Days
if ($RemainingDaysCount -lt 30 -and $RemainingDaysCount -ge 0) {
$Owner = Get-MgApplicationOwner -ApplicationId $App.Id
$Username = $Owner.AdditionalProperties.userPrincipalName -join ';'
$OwnerID = $Owner.Id -join ';'
if ($null -eq $Owner.AdditionalProperties.userPrincipalName) {
$Username = $Owner.AdditionalProperties.displayName + ' **<This is an Application>**'
}
if ($null -eq $Owner.AdditionalProperties.displayName) {
$Username = '<<No Owner>>'
}
$Logs += [PSCustomObject]@{
'ApplicationName' = $AppName
'ApplicationID' = $ApplID
'Secret Name' = $Null
'Certificate Name' = $CertName
'Certificate Start Date' = $StartDate
'Certificate End Date' = $EndDate
'ExpiresInDays' = $RemainingDaysCount
'Owner' = $Username
'Owner_ObjectID' = $OwnerID
}
}
}
}
$Path = "C:\test\ExpiringAppSecretsCertificates.csv"
$Logs | Export-Csv $Path -NoTypeInformation -Encoding UTF8
Write-Host "Export completed successfully. File saved at: $Path" -ForegroundColor Green
回复:
即将到期的AppSecretsCertificates.csv:
最新问题
- 在 OSX Mountain Lion 中使用 Qt 运行 mach_inject
- C 中指针与整数的比较
- Angular 18 - 路由到嵌套组件
- 是否可以使用 css interpolate-size 属性自动设置 height: auto 动画?
- 更新 Xcode 后出现“Swift 编译器错误 (Xcode):方法不会覆盖其超类中的任何方法”错误
- 如何在 Flutter 中使用两个自定义画家?
- gcloud 提交 [存储库] 解析 HTTP 404 响应正文时出错:无效字符 '<' and shows error /blobs/uploads was not found on this server
- 如何避免在radgrid上点击分页按钮时重新获取记录
- 表格单元格中用于打开模式对话框的按钮
- YOLOv10 训练在终端中显示 YOLOv8 版本 - 为什么
- SQL Server 2005 使用 ROW_NUMBER() 进行过滤和分页
- 您可以导出您创建的 slackbot 以便其他人可以使用相同的权限和设置吗?
- Stripe Onboarding 返回和重定向 url
- 为什么ftell()告诉我参数无效?
- 使用gfortran编译错误
- 尝试在运行时更新 pytest.ini 文件,但未为同一测试执行实例选取设置
- 使用 COLLSPAN 的删除操作需要很长时间才能完成
- 尝试使用 Microsfot GraphAPI 发送电子邮件时出现 TenantGuidNotFound
- 代码无法针对超大实现文件进行编译
- GoogleCloud Speech2Text“long_running_recognize”响应对象不可迭代
© www.soinside.com 2019 - 2024. All rights reserved.