Notable Changes
Auditing of FIDO2 Keys in Azure Active Directory
The new Get-AzureADUserEx cmdlet can be used to retrieve FIDO and NGC keys from Azure Active Directory, as the first tool on the market:
PS C:\> Get-AzureADUserEx -All -Token $token |
Where-Object Enabled -eq $true |
Select-Object -ExpandProperty KeyCredentials |
Where-Object Usage -eq FIDO |
Format-Table -View FIDO
<# Sample Output:
DisplayName AAGUID Alg Counter Created Owner
----------- ------ --- ------- ------- -----
YubiKey 5 cb69481e-8ff7-4039-93ec-0a2729a154a8 ES256 25 2019-12-12 john@contoso.com
Feitian All-In-Pass 12ded745-4bed-47d4-abaa-e713f51d6393 ES256 1398 2020-03-31 peter@contoso.com
eWMB Goldengate G320 87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c ES256 37 2019-08-29 joe@contoso.com
eWBM Goldengate G310 95442b2e-f15e-4def-b270-efb106facb4e ES256 48 2019-08-29 joe@contoso.com
#>See the Examples section for more details on the usage of this new cmdlet.
LastLogonTimestamp Attribute Support
Both lastLogon and lastLogonTimestamp user account attributes are now exposed. And the new LastLogonDate property returns whichever of these 2 values is available.
See the Changelog for a more detailed list of new features.
PowerShell Module
Standalone module for offline installation and for legacy PowerShell versions is attached. See the Installation Notes before proceeding.
PowerShell Gallery
The PowerShell module is also available on Microsoft's PowerShell Gallery.
Chocolatey
An official Chocolatey package of the DSInternals PowerShell Module is also available. Note that due to a strict approval process, the newest version of the package might appear with some delay.
NuGet Gallery
Official binary packages are available at NuGet Gallery.