Skip to main content

Azure Expiring Passwords of Automation Accounts

·153 words·1 min

We’ve had an issue where the password of an automation account we use had expired.

Since we don’t want to have to change password of these kinds of accounts, we set the password policy to not expire the password.

This was done using the following PowerShell-code:

$SubscriptionName = "Azure Subscription"
$AutomationAccountName = "AzureAutomationAccount"

Install-Module AzureAD
$_subscription = Login-AzureRmAccount -SubscriptionName $SubscriptionName
$_subscription
<#
OUTPUT:
Environment           : AzureCloud
Account               : username@domain.com
TenantId              : 9add9526-e870-4229-a0cd-87ac588d2687
SubscriptionId        : 510df0e4-1f7f-47fb-9171-a1639cdf79a0
SubscriptionName      : Azure Subscription
CurrentStorageAccount :
#>

# Conenct to the AD of the subscription
Connect-AzureAD -TenantId $_subscription.TenantId

<#
OUTPUT:
Account                          Environment TenantId                             TenantDomain              AccountType
-------                          ----------- --------                             ------------              -----------
username@domain.com              AzureCloud  9add9526-e870-4229-a0cd-87ac588d2687 directory.onmicrosoft.com User
#>

# Check the current passwordpolicy
(Get-AzureADUser -SearchString $AutomationAccountName).PasswordPolicies
# returns null

# Set the password to never expire
Get-AzureADUser -SearchString $AutomationAccountName | Set-AzureAdUser -PasswordPolicies DisablePasswordExpiration

# Check the passwordpolicy again
(Get-AzureADUser -SearchString $AutomationAccountName).PasswordPolicies
# returns non-expiring password set
# OUTPUT:
# DisablePasswordExpiration