-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathSet-ClearanceAttribute.ps1
More file actions
44 lines (32 loc) · 1.14 KB
/
Set-ClearanceAttribute.ps1
File metadata and controls
44 lines (32 loc) · 1.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
Function Set-ClearanceAttribute {
<#
.SYNOPSIS
Sets clearance attribute on user object in Azure
.DESCRIPTION
Sets the clearance attribute on account - uses boolean value for Clearance Status
.PARAMETER UserPrincipalName
UPN of the Azure account you're setting the clearance attribute value on
.PARAMETER ClearedStatus
Clearance status
CLEARED = Employee has been cleared
UNCLEARED = Employee does not have a clearance
.EXAMPLE
Set cleared attribute to true on account
Set-ClearedAttribute -UserPrincipalName "Bob@Builders.com" -ClearedStatus $True
#>
Param (
[Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)]
[String]$UserPrincipalName,
[Parameter(Mandatory = $True)]
[ValidateSet("CLEARED", "UNCLEARED")]
[String]$ClearedStatus
)
begin {
Import-Module AzureAD
Connect-AzureAD
}
process {
$user = Get-AzureADUser -Filter "Mail eq '$UserPrincipalName'"
Set-AzureADUserExtension -ObjectId $user.ObjectId -ExtensionName "extension_719260cce49c48868cc9164101bece47_GovSecStatus" -ExtensionValue "$ClearedStatus"
}
} # End functions