PowerShell Scripting to Replicate Azure Active Directory Data to MySQL

Ready to get started?

Download for a free trial:

Download Now

Learn more:

Azure Active Directory Data Cmdlets

An easy-to-use set of PowerShell Cmdlets offering real-time access to Azure Active Directory. The Cmdlets allow users to easily read, write, update, and delete live data - just like working with SQL server.



Write a simple PowerShell script to replicate Azure Active Directory data to a MySQL database.

The CData Cmdlets for Azure Active Directory offer live access to Azure Active Directory data from within PowerShell. Using PowerShell scripts, you can easily automate regular tasks like data replication. This article will walk through using the CData Cmdlets for Azure Active Directory and the CData Cmdlets for MySQL in PowerShell to replicate Azure Active Directory data to a MySQL database.

After obtaining the needed connection properties, accessing Azure Active Directory data in PowerShell and preparing for replication consists of four basic steps.

Azure Active Directory uses the OAuth authentication standard. To authenticate using OAuth, you will need to create an app to obtain the OAuthClientId, OAuthClientSecret, and CallbackURL connection properties. See the OAuth section in the Help documentation for an authentication guide.

Collecting Azure Active Directory Data

  1. Install the module:

    Install-Module AzureADCmdlets
  2. Connect to Azure Active Directory:

    $azuread = Connect-AzureAD -OAuthClientId $OAuthClientId -OAuthClientSecret $OAuthClientSecret -CallbackURL $CallbackURL
  3. Retrieve the data from a specific resource:

    $data = Select-AzureAD -Connection $azuread -Table "Domains"

    You can also use the Invoke-AzureAD cmdlet to execute pure SQL-92 statements:

    $data = Invoke-AzureAD -Connection $azuread -Query 'SELECT * FROM Domains WHERE isVerified = @isVerified' -Params @{'@isVerified'='TRUE'}
  4. Save a list of the column names from the returned data.

    $columns = ($data | Get-Member -MemberType NoteProperty | Select-Object -Property Name).Name

Inserting Azure Active Directory Data into the MySQL Database

With the data and column names collected, you are ready to replicate the data into a MySQL database.

  1. Install the module:

    Install-Module MySQLCmdlets
  2. Connect to MySQL, using the server address and port of the MySQL server, valid user credentials, and a specific database with the table in which the data will be replicated:

    $mysql = Connect-MySQL -User $User -Password $Password -Database $Database -Server $Server -Port $Port
  3. Loop through the Azure Active Directory data, store the values, and use the Add-MySQL cmdlet to insert the data into the MySQL database, one row at a time. In this example, the table will need to have the same name as the Azure Active Directory resource (Domains) and to exist in the database.

    $data | % { $row = $_ $values = @() $columns | % { $col = $_ $values += $row.$($col) } Add-MySQL -Connection $mysql -Table "Domains" -Columns $columns -Values $values }

You have now replicated your Azure Active Directory data to a MySQL database. This gives you freedom to work with Azure Active Directory data in the same way that you work with other MySQL tables, whether that is performing analytics, building reports, or other business functions.

Notes

  • Once you have connected to Azure Active Directory and MySQL in PowerShell, you can pipe command results to perform the replication in a single line:

    Select-AzureAD -Connection $azuread -Table "Domains" | % { $row = $_ $values = @() $columns | % { $col = $_ $values += $row.$($col) } Add-MySQL -Connection $mysql -Table "Domains" -Columns $columns -Values $values }
  • If you wish to replicate the Azure Active Directory data to another database using another PowerShell module, you will want to exclude the Columns, Connection, and Table columns from the data returned by the Select-AzureAD cmdlet since those columns are used to help pipe data from one CData cmdlet to another:

    $columns = ($data | Get-Member -MemberType NoteProperty | Select-Object -Property Name).Name | ? {$_ -NotIn @('Columns','Connection','Table')}