Menu
Not sure if this is a bug or issue with the way I am using it but basically I am trying to add a non expiring password to an existing Azure Service Principal using New-AzureRmADSpCredential but no matter what i provide to the -EndDate parameter it never has an effect (always set to expire after 1 year)
example steps are:
$start = get-date
$end = $start.AddYears(99)
New-AzureRmADServicePrincipal -DisplayName SPTestnonExpirePW
$sp = Get-AzureRmADServicePrincipal -DisplayName "SPTestnonExpirePW"
New-AzureRmADSpCredential -ObjectId $sp.id -StartDate $start -EndDate $end -Password (ConvertTo-SecureString -String "PASSWORD" -Force -AsPlainText)
No matter what value I provide to -EndDate (as long as it is valid System.DateTime) the password is successfully created but with 1yr expiration
I have tried this on both PS core on linux and PS native on server 2016
901
After a lot of search and tests, I got the same result with you and according to the test with postman I approve that it may be a bug with New-AzureRmADSpCredential Password.
Also, if you want to achieve credential never expires, you could try to use New-AzureRmADAppCredential to achieve that.
Note: The ObjectId here is not your ServicePrincipal objectid, it is the App registered objectId which is the same name with the ServicePrincipal.
$start = get-date
$end = $start.AddYears(150)
$SecureStringPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force
New-AzureRmADAppCredential -ObjectId xxxxxxxxxxxxxxxxxxx -StartDate $start -EndDate $end -Password $SecureStringPassword
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
