Still using AzureAD PowerShell module for performing AAD tasks?
Contents
A while back Microsoft announced the deprecation of TLS 1.0, 1.1 and 3DES for multiple of their products including Azure Active Directory. If you don’t take remediation actions, chances are your code will stop working.
Solution
Make sure you upgrade to ‘Az’ modules OR enforce TLS1.2 when using the AzureAD module.
Enforcing Tls 1.2 in you current PS session
1 # Enforce using TLS 1.2 for current PS session
2 $TLS12Protocol = [System.Net.SecurityProtocolType] 'Tls12'
3 [System.Net.ServicePointManager]::SecurityProtocol = $TLS12Protocol
4 Enforcing Tls 1.2 inside an Azure Function
1 # Enforce using TLS 1.2 for current PS session
2 $TLS12Protocol = [System.Net.SecurityProtocolType] 'Tls12'
3 [System.Net.ServicePointManager]::SecurityProtocol = $TLS12Protocol
4
5 # Enforce using TLS 1.2 for Win PS session used for AzureAD
6 $session = Get-PSSession -Name WinPSCompatSession
7 Invoke-Command -Session $session -Command { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 }
8 Reference
Enable support for TLS 1.2 in your environment for Azure AD TLS 1.1 and 1.0 deprecation