我的问题是:不使用powershell命令可以获得azure活动目录租户id吗?

我找到了这两个博客,有了这个帮助,我已经能够从powershell获得租户ID和订阅ID。这是找回房客的唯一方法吗?

在Windows PowerShell中获取Windows Azure活动目录租户ID

Windows Azure AD认证支持PowerShell

谢谢


当前回答

在Azure CLI中(我使用GNU/Linux):

$ azure login  # add "-e AzureChinaCloud" if you're using Azure China

这将要求您通过https://aka.ms/devicelogin或https://aka.ms/deviceloginchina登录

$ azure account show
info:    Executing command account show
data:    Name                        : BizSpark Plus
data:    ID                          : aZZZZZZZ-YYYY-HHHH-GGGG-abcdef569123
data:    State                       : Enabled
data:    Tenant ID                   : 0XXXXXXX-YYYY-HHHH-GGGG-123456789123
data:    Is Default                  : true
data:    Environment                 : AzureCloud
data:    Has Certificate             : No
data:    Has Access Token            : Yes
data:    User name                   : nico@XXXXXXX.onmicrosoft.com
data:    
info:    account show command OK

或者仅仅是:

azure account show --json | jq -r '.[0].tenantId'

或者新的az:

az account show --subscription a... | jq -r '.tenantId'
az account list | jq -r '.[].tenantId'

我希望这对你们有帮助

其他回答

PowerShell:

Add-AzureRmAccount #if not already logged in 
Get-AzureRmSubscription -SubscriptionName <SubscriptionName> | Select-Object -Property TenantId

通过PowerShell匿名:

(Invoke-WebRequest https://login.windows.net/YOURDIRECTORYNAME.onmicrosoft.com/.well-known/openid-configuration|ConvertFrom-Json).token_endpoint.Split('/')[3]

For AAD-B2C it is fairly simple. From Azure Portal with a B2C directory associated, go to your B2C directory (I added the "Azure AD B2C" to my portal's left menu). In the B2C directory click on "User flows (policies) directory menu item. In the policies pane click on one of your policies you previously added to select it. It should open a pane for the policy. Click "Properties". In the next pane is a section, "Token compatibility settings" which has a property "Issuer". Your AAD-B2C tenant GUID is contained in the URL.

xxx@Azure:~$ az ad sp create-for-rbac
Retrying role assignment creation: 1/36
{
  "appId": "401143c2-95ef-4792-9900-23e07f7801e7",
  "displayName": "azure-cli-2018-07-10-20-31-57",
  "name": "http://azure-cli-2018-07-10-20-31-57",
  "password": "a0471d14-9300-4177-ab08-5c45adb3476b",
  "tenant": "e569f29e-b008-4cea-b6f0-48fa8532d64a"
}

您可以运行一个简单的curl调用来获得azure订阅的租户id,而无需任何身份验证。

做一个卷曲调用:

https://management.azure.com/subscriptions/{订阅id} ? api版本= 2015-01-01

请求失败,但您将能够从响应报头中获得租户id。租户id出现在一行中,后面跟着“WWW-Authenticate: holder authorization_uri="https://login.windows.net/"

您可以使用curl -v来显示响应头。