Azure Expiring Passwords of Automation Accounts
·153 words·1 min
We’ve had an issue where the password of an automation account we use had expired.
Since we don’t want to have to change password of these kinds of accounts, we set the password policy to not expire the password.
This was done using the following PowerShell-code:
$SubscriptionName = "Azure Subscription"
$AutomationAccountName = "AzureAutomationAccount"
Install-Module AzureAD
$_subscription = Login-AzureRmAccount -SubscriptionName $SubscriptionName
$_subscription
<#
OUTPUT:
Environment : AzureCloud
Account : username@domain.com
TenantId : 9add9526-e870-4229-a0cd-87ac588d2687
SubscriptionId : 510df0e4-1f7f-47fb-9171-a1639cdf79a0
SubscriptionName : Azure Subscription
CurrentStorageAccount :
#>
# Conenct to the AD of the subscription
Connect-AzureAD -TenantId $_subscription.TenantId
<#
OUTPUT:
Account Environment TenantId TenantDomain AccountType
------- ----------- -------- ------------ -----------
username@domain.com AzureCloud 9add9526-e870-4229-a0cd-87ac588d2687 directory.onmicrosoft.com User
#>
# Check the current passwordpolicy
(Get-AzureADUser -SearchString $AutomationAccountName).PasswordPolicies
# returns null
# Set the password to never expire
Get-AzureADUser -SearchString $AutomationAccountName | Set-AzureAdUser -PasswordPolicies DisablePasswordExpiration
# Check the passwordpolicy again
(Get-AzureADUser -SearchString $AutomationAccountName).PasswordPolicies
# returns non-expiring password set
# OUTPUT:
# DisablePasswordExpiration