FH-Inway · August 3, 2024 10:27
diff --git a/README.md b/README.md
diff --git a/New-EntraIDAndD365FOUser.ps1 b/New-EntraIDAndD365FOUser.ps1
 # This script creates a new guest user in Azure Entra ID and a list of 
 # Microsoft Dynamics 365 Finance and Operations environments.
 # It takes the user's tenant id, email address, first and last name as input parameters.
 # It also takes an array of Azure Entra ID group IDs to which the user should be added.
 # It uses the existing d365fo.integrations configurations to determine the environments
 # where the user is to be added with the system administrator security role.

 # Install the PowerShell module "Microsoft.Graph" if it is not already installed.
 # Install-Module -Name Microsoft.Graph.Authentication -Scope CurrentUser -Force
 # Install-Module -Name Microsoft.Graph.Users -Scope CurrentUser -Force
 # Install-Module -Name Microsoft.Graph.Groups -Scope CurrentUser -Force
 # Install-Module -Name Microsoft.Graph.Identity.SignIns -Scope CurrentUser -Force

 # Install the PowerShell module "d365fo.integrations" it is not already installed.
 # Install-Module -Name d365fo.integrations -Scope CurrentUser -Force

 # Use the following command to authenticate with Azure
 # Connect-MgGraph -Scopes "User.ReadWrite.All", "Group.ReadWrite.All"

 param (
    [Parameter(Mandatory=$true)]
    [string]$tenantId,
    [Parameter(Mandatory=$true)]
    [string]$emailAddress,
    [Parameter(Mandatory=$true)]
    [string]$firstName,
    [Parameter(Mandatory=$true)]
    [string]$lastName,
    [string[]]$groupIds,
    [string]$d365foLegalEntityId = "DAT"
 )

 # Create a new user in Azure Entra ID
 $params = @{
    "InvitedUserEmailAddress" = $emailAddress
    "InvitedUserDisplayName" = "$firstName $lastName"
    "SendInvitationMessage" = $true
    "InviteRedirectUrl" = "https://myapplications.microsoft.com/?tenantid=$tenantId"
    "Verbose" = $true
 }
 $invite = New-MgInvitation @params
 $user = Get-MgUser -Filter "Mail eq '$emailAddress'"

 # Add the user to the specified groups
 foreach ($groupId in $groupIds) {
    New-MgGroupMember -GroupId $groupId -DirectoryObjectId $user.Id
 }

 # Create the user in the D365FO environments
 $d365foIntegrationsConfigurations = Get-D365ODataConfig
 foreach ($d365foIntegrationsConfiguration in $d365foIntegrationsConfigurations) {
    Set-D365ActiveODataConfig -Name $d365foIntegrationsConfiguration.Name
    
    # Create the user in the D365FO environment
    $payloadUser = @{
        "@odata.type" = "Microsoft.Dynamics.DataEntities.SystemUser"
        "AccountType" = "ClaimsUser"
        "NetworkDomain" = "https://sts.windows.net/$tenantId/"
        "Enabled" = "True"
        "UserID" = "$firstName.$lastName"
        "UserName" = "$firstName $lastName"
        "Alias" = "$emailAddress"
        "Email" = "$emailAddress"
        "Company" = $d365foLegalEntityId
        "UserInfo_language" = "de"
        "Helplanguage" = "en-us"
        "DocumentHandlingActive" = "Yes"
        "Density" = "Density30"
    }

    $payloadJSON = $payloadUser | ConvertTo-Json
    $d365User = Import-D365ODataEntity -EntityName SystemUsers -Payload $payloadJSON -Verbose

    # Assign the user the system administrator role
    $payloadSecurityUserRole = @{
        "@odata.type" = "Microsoft.Dynamics.DataEntities.SecurityUserRole"
        "UserId" = $d365User.UserId
        "SecurityRoleIdentifier" = "-SYSADMIN-"
        "SecurityRoleName" = "System administrator"
    }

    $payloadJSON = $payloadSecurityUserRole | ConvertTo-Json
    $securityUserRole = Import-D365ODataEntity -EntityName SecurityUserRoles -Payload $payloadJSON -Verbose
 }
diff --git a/NewD365FOIntegrationsConfigurations.ps1 b/NewD365FOIntegrationsConfigurations.ps1
 # This script is used to create the d365fo.integrations configurations for the D365FO environments.

 $tenantId = Read-Host -Prompt "Enter the tenant ID"
 $clientId = Read-Host -Prompt "Enter the client ID"
 $clientSecret = Read-Host -Prompt "Enter the client secret" 

 # Array of objects with the configuration name and URL of the D365FO environments
 $d365foEnvironments = @(
    @{ 
        Name = "lcs-che-tier1"
        Url = "https://lcs-che-tier11234567890abcdefdevaos.axcloud.dynamics.com" 
    }
    @{ 
        Name = "lcs-tier2-5"
        Url = "https://lcs-tier2-5.sandbox.operations.dynamics.com" 
    }
    @{ 
        Name = "lcs-prod"
        Url = "https://lcs-prod.operations.dynamics.com"
    }
    @{ 
        Name = "power-platform-unified"
        Url = "https://power-platform-unified.operations.dynamics.com"
    }
 )

 foreach ($d365foEnvironment in $d365foEnvironments) {
    $params = @{
        Name = $d365foEnvironment.Name
        Tenant = $tenantId
        Url = $d365foEnvironment.Url
        ClientId = $clientId
        ClientSecret = $clientSecret
        Temporary = $false
        Force = $true
    }
    Add-D365ODataConfig @params
 }
	# This script creates a new guest user in Azure Entra ID and a list of
	# Microsoft Dynamics 365 Finance and Operations environments.
	# It takes the user's tenant id, email address, first and last name as input parameters.
	# It also takes an array of Azure Entra ID group IDs to which the user should be added.
	# It uses the existing d365fo.integrations configurations to determine the environments
	# where the user is to be added with the system administrator security role.

	# Install the PowerShell module "Microsoft.Graph" if it is not already installed.
	# Install-Module -Name Microsoft.Graph.Authentication -Scope CurrentUser -Force
	# Install-Module -Name Microsoft.Graph.Users -Scope CurrentUser -Force
	# Install-Module -Name Microsoft.Graph.Groups -Scope CurrentUser -Force
	# Install-Module -Name Microsoft.Graph.Identity.SignIns -Scope CurrentUser -Force

	# Install the PowerShell module "d365fo.integrations" it is not already installed.
	# Install-Module -Name d365fo.integrations -Scope CurrentUser -Force

	# Use the following command to authenticate with Azure
	# Connect-MgGraph -Scopes "User.ReadWrite.All", "Group.ReadWrite.All"

	param (
	[Parameter(Mandatory=$true)]
	[string]$tenantId,
	[Parameter(Mandatory=$true)]
	[string]$emailAddress,
	[Parameter(Mandatory=$true)]
	[string]$firstName,
	[Parameter(Mandatory=$true)]
	[string]$lastName,
	[string[]]$groupIds,
	[string]$d365foLegalEntityId = "DAT"
	)

	# Create a new user in Azure Entra ID
	$params = @{
	"InvitedUserEmailAddress" = $emailAddress
	"InvitedUserDisplayName" = "$firstName $lastName"
	"SendInvitationMessage" = $true
	"InviteRedirectUrl" = "https://myapplications.microsoft.com/?tenantid=$tenantId"
	"Verbose" = $true
	}
	$invite = New-MgInvitation @params
	$user = Get-MgUser -Filter "Mail eq '$emailAddress'"

	# Add the user to the specified groups
	foreach ($groupId in $groupIds) {
	New-MgGroupMember -GroupId $groupId -DirectoryObjectId $user.Id
	}

	# Create the user in the D365FO environments
	$d365foIntegrationsConfigurations = Get-D365ODataConfig
	foreach ($d365foIntegrationsConfiguration in $d365foIntegrationsConfigurations) {
	Set-D365ActiveODataConfig -Name $d365foIntegrationsConfiguration.Name

	# Create the user in the D365FO environment
	$payloadUser = @{
	"@odata.type" = "Microsoft.Dynamics.DataEntities.SystemUser"
	"AccountType" = "ClaimsUser"
	"NetworkDomain" = "https://sts.windows.net/$tenantId/"
	"Enabled" = "True"
	"UserID" = "$firstName.$lastName"
	"UserName" = "$firstName $lastName"
	"Alias" = "$emailAddress"
	"Email" = "$emailAddress"
	"Company" = $d365foLegalEntityId
	"UserInfo_language" = "de"
	"Helplanguage" = "en-us"
	"DocumentHandlingActive" = "Yes"
	"Density" = "Density30"
	}

	$payloadJSON = $payloadUser \| ConvertTo-Json
	$d365User = Import-D365ODataEntity -EntityName SystemUsers -Payload $payloadJSON -Verbose

	# Assign the user the system administrator role
	$payloadSecurityUserRole = @{
	"@odata.type" = "Microsoft.Dynamics.DataEntities.SecurityUserRole"
	"UserId" = $d365User.UserId
	"SecurityRoleIdentifier" = "-SYSADMIN-"
	"SecurityRoleName" = "System administrator"
	}

	$payloadJSON = $payloadSecurityUserRole \| ConvertTo-Json
	$securityUserRole = Import-D365ODataEntity -EntityName SecurityUserRoles -Payload $payloadJSON -Verbose
	}
	# This script is used to create the d365fo.integrations configurations for the D365FO environments.

	$tenantId = Read-Host -Prompt "Enter the tenant ID"
	$clientId = Read-Host -Prompt "Enter the client ID"
	$clientSecret = Read-Host -Prompt "Enter the client secret"

	# Array of objects with the configuration name and URL of the D365FO environments
	$d365foEnvironments = @(
	@{
	Name = "lcs-che-tier1"
	Url = "https://lcs-che-tier11234567890abcdefdevaos.axcloud.dynamics.com"
	}
	@{
	Name = "lcs-tier2-5"
	Url = "https://lcs-tier2-5.sandbox.operations.dynamics.com"
	}
	@{
	Name = "lcs-prod"
	Url = "https://lcs-prod.operations.dynamics.com"
	}
	@{
	Name = "power-platform-unified"
	Url = "https://power-platform-unified.operations.dynamics.com"
	}
	)

	foreach ($d365foEnvironment in $d365foEnvironments) {
	$params = @{
	Name = $d365foEnvironment.Name
	Tenant = $tenantId
	Url = $d365foEnvironment.Url
	ClientId = $clientId
	ClientSecret = $clientSecret
	Temporary = $false
	Force = $true
	}
	Add-D365ODataConfig @params
	}