-
|
I'm trying to understand the warning message I received recently stating:
I currently use this cmdlet in ARM template deployment scripts for various reasons. One of these is to create a Run As account for Azure Automation Accounts, since those are not created by default when creating the Automation Account through an ARM template. Obviously there is no URI associated with the Automation Account. So, will I still be able to use this cmdlet to do this? If not will there be an alternative way to achieve this? Also, is the Uri requirement going to be an Azure AD wide change, or is this a change just in these cmdlets? I want to know if I need to account for this if I'm using the portal or the AzureAD cmdlets. Sorry if this had been addressed somewhere else already, but after much searching I wasn't able to find anything. Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
When invoked, the Since 'http://{displayname}' is not a valid address, for security considerations, we will not set the IdentifierUris of the application anymore in the future. The IdentifierUril value will have to be explicitly set when using the |
Beta Was this translation helpful? Give feedback.
-
|
Update above comment to fix some typos |
Beta Was this translation helpful? Give feedback.
When invoked, the
New-AzADServicePrincpalcmdlet transparently creates an AAD application. One of the values of the ServicePrincipalNames property of the service principal is derived from the IdentifierUris of created application. With the current implementation, if a value is provided to the-DisplayNameparameter, the application 'IdentifierUri' is set to 'https://{displayname}', thus the ServicePrincipalNames becomes 'http://{displayname}'.Since 'http://{displayname}' is not a valid address, for security considerations, we will not set the IdentifierUris of the application anymore in the future. The IdentifierUril value will have to be explicitly set when using the
New-AzADApplication…