Extracting a list of Azure AD App Proxy applications with PowerShell

24th of May, 2019 / Chiru Adapa / 2 Comments

Recently during the Azure AD Application Proxy (App Proxy) deployment project with one of our clients, I was asked to give a list of applications that are on-boarded into App Proxy. Namely the client needed the Internal Url, External URL & DisplayName of the application. Usually there are two ways of doing that. One way is to export them manually into a csv file or alternatively: automate it! If there are small number of applications, then exporting them manually wouldn’t take that long but a long-term solution is to automate it.

This is where I would like to harness the Power of PowerShell. Unfortunately, there is no single PowerShell cmdlet which will give us list of App Proxy applications. So, after doing a bit of research online and testing PowerShell cmdlets I came to this final version of script which uses Azure AD PowerShell connection to retrieve the results.

The PowerShell Script here is categorized into 3 parts.

Function (To check the connection to Azure PowerShell)
Core Script
Output

Function: –

This part will check if the user is connected to Azure PowerShell
By using this we can avoid multiple connections to Azure PowerShell and Azure AD MFA (If Enabled) requests

### Start of Function to check the Logins###

Function Login-check
{
    try
     {
        $Az = Get-AzureADDomain -ErrorAction Stop
     }
    catch
        {
            $Fault = $PSItem.message.exception
        }
    if ($Az)
        {
           Write-Host -ForegroundColor Cyan "User logged into Azure"
        }
    else
        {
           Write-Host -ForegroundColor red "Login Required"
           Connect-AzureAD
        }
}

Core: –

This part of the script will retrieve us the information about all the applications in Azure AD with ObjectId
I initiated a counter so that we can see which application the script is processing
I loop each of these applications and check if they’re onboarded to app-proxy
For the ones that are not on-boarded to app-proxy the PowerShell cmdlet gives an error which is captured
I defined an empty variable in the loop to capture all the required information

### Start of core Script###
Login-check
$App = Get-AzureADApplication -All $true | Select-Object Displayname, ObjectId
$i = 1
$Appproxy_List = @()
$count = $app.count
Foreach ($apps in $app)
{
    Write-Progress -Activity "Getting $($apps.DisplayName) App-proxy information" -Status "$i of $count" -PercentComplete ($i/$count*100)
      try {
            $proxy = Get-AzureADApplicationProxyApplication -ObjectId "$($apps.Objectid)" -ErrorAction Stop
            #####The Above cmdlet is used to get list of App-proxy Applications###########
            $result = " " | Select-Object DisplayName, ObjectId, InternalUrl, ExternalUrl
            $result.DisplayName = $($apps.Displayname)
            $result.ObjectId = $($apps.Objectid)
            $result.InternalUrl = $($proxy.InternalUrl)
            $result.ExternalUrl = $($proxy.ExternalUrl)
            $Appproxy_List += $result
          } #End of Try Statement
      catch {   
             $Problem = $PSItem.exception.message         
            } #End of Catch statement
    $i++
} #End of Foreach loop
### End of Core ###

Output: –

I defined a saving directory where the output is saved.
I defined file name with date and time.
Script will create a directory if it doesn’t exist else it will save the file in the directory.
Lastly, we will export the output as CSV file to the path specified.

### Output ###
$SavingDirectory = "C:\Temp\"
If ((Test-Path -Path $SavingDirectory) -eq $false) {New-Item -ItemType Directory -Path $SavingDirectory | Out-Null}
$Filepath = $SavingDirectory + "App-proxy Application list Master Copy" + " " + (Get-Date -Format "dd/MM/yyyy_HH.mm.ss") + ".csv"
$Appproxy_List | Export-Csv -Path $Filepath -NoTypeInformation
##### End of Script##########################################################################

Guys, if you prefer you can find the code in my GitHub public repo here.

Enjoy!

Category:

PowerShell

Tags:

App Proxy, AppProxy applications, Azure AD Appproxy

Join the conversation! 2 Comments

Heck
12th of September, 2019 at 7:09 am

Recommendation to remove slashes “/” and replace with dashes “-” on the $Filepath variable “…Get-Date -Format “dd/MM/yyyy_HH.mm.ss”…”

Had me tripped up for a bit since the “/” is seen as a sub-directory etc.
Chris Wolford
3rd of December, 2019 at 2:49 am

I thought it might be useful to also pull the connector group assigned to the application, so I added that to the results:

$proxy = Get-AzureADApplicationProxyApplication -ObjectId “$($apps.Objectid)” -ErrorAction Stop
$connector = Get-AzureADApplicationProxyApplicationConnectorGroup -ObjectId “$($apps.Objectid)”
#####The Above cmdlet is used to get list of App-proxy Applications###########
$result = ” ” | Select-Object DisplayName, ObjectId, InternalUrl, ExternalUrl, ConnectorGroup
$result.DisplayName = $($apps.Displayname)
$result.ObjectId = $($apps.Objectid)
$result.InternalUrl = $($proxy.InternalUrl)
$result.ExternalUrl = $($proxy.ExternalUrl)
$result.ConnectorGroup = $($connector.Name)
$Appproxy_List += $result

Comments are closed.