Hybrid Microsoft Administration with Powershell and Microsoft Graph: Understanding the Basics
Blog by: Dmitry Sotnikov
Scripting in the Microsoft world has evolved significantly in the last few decades.
For a long time Microsoft administrators were stuck with MS-DOS command line and batch files for any scripting around it. While the batch language included some basic capabilities such as parameters, if clauses and goto instructions, it was too limited for any complex scripting and the set of commands was miniscule. In most of the systems — be it for the local Windows server or network services such as Active Directory or Microsoft Exchange — administrators had to use various command-line tools. Each tool working in a different fashion and not integrating with other tools led to steep learning curves and painful scripting experience.
In 2006, Microsoft made a bold move to overcome these issues by introducing Windows PowerShell. PowerShell tried to strike a balance between being compatible with MS-DOS-style command line and providing full modern programming language, pipe integration between commands, and unified approach and extensibility to cover all Microsoft systems. In 2018, Microsoft made another bold move by going cross-platform and releasing PowerShell Core 6.0 cross-platform (Windows, MacOS, Linux) and open source.
While the PowerShell team innovated on datacenter management automation, another megatrend happened – Cloud. Microsoft has innovated to re-invent itself from being a software company to becoming a cloud services company. Azure, Office 365, OneDrive, InTune, Teams – the list can go on and on. It is clear that Microsoft is now “all in” and cloud-first.
These cloud offerings faced the same challenges as early on-premises systems of each exposing a different model of automation, integration, and administration.
Recognizing this as a potential problem, Microsoft introduced Microsoft Graph – a unified set of APIs providing a consistent data model and programmability approach across all Microsoft cloud offerings.
Microsoft has done a great job not only providing the API consistency, they did their best to help developers discover and learn the APIs with interactive Graph Explorer and off the shelf SDKs for many programming languages.
However, in its turn, the presence of two systems: IT professional-oriented PowerShell and developer-oriented Microsoft Graph created an experience gap. In the companies basing their infrastructure on Microsoft cloud services, IT administrators had to essentially become developers. While PowerShell can invoke REST APIs, the experience one gets from these calls is far closer to programming than day-to-day administration and IT scripting.
To fix the situation and make Microsoft cloud administration and scripting accessible to IT professionals, Microsoft is now working on a Microsoft Graph PowerShell SDK.
With it, administrators can run PowerShell cmdlets against Microsoft Graph services just like they can for on-premises systems. For example, to create a new user, administrator might run something like:
The SDK is still in technical preview and has many rough edges that you need to be aware of.
To learn more about how you can use Microsoft Graph PowerShell SDK today, its limitations, and workarounds, please come to our webinar, “Microsoft Graph Basics for PowerShell Admins.”