functions/Connect-Sharepoint.ps1
|
function Connect-Sharepoint { <# .SYNOPSIS Connects to Sharepoint Online and MSGraph. .DESCRIPTION Connects to Sharepoint Online and MSGraph. Uses certificate-based authentication only. Scopes needed for operations covered under this module: > Graph User.Read.All Group.Read.All > Sharepoint Sites.FullControl.All (do not confuse this with the Graph permission of the same name!) .PARAMETER TenantID Id of the tenant to connect to. .PARAMETER ClientID Client application ID of the App Registration to use. .PARAMETER Thumbprint Thumbprint of the certificate to use for authentication .PARAMETER AdminUrl Admin URL of your tenant's sharepoint sites. In most cases, if your tenant is "contoso.onmicrosoft.com" this link would be: https://contoso-admin.sharepoint.com .EXAMPLE PS C:\> Connect-Sharepoint -TenantID $TenantID -ClientID $ClientID -Thumbprint $Thumbprint -AdminUrl 'https://contoso-admin.sharepoint.com' Connects to the contoso tenant's Sharepoint and MSGraph, for the explicit purpose of doing evil (and scanning permissions) #> [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string] $TenantID, [Parameter(Mandatory = $true)] [string] $ClientID, [Parameter(Mandatory = $true)] [string] $Thumbprint, [Parameter(Mandatory = $true)] [string] $AdminUrl ) Connect-PnPOnline -Tenant $TenantID -ClientId $ClientID -Thumbprint $Thumbprint -TenantAdminUrl $AdminUrl -Url $AdminUrl $null = Connect-EntraService -TenantId $TenantID -ClientId $ClientID -CertificateThumbprint $Thumbprint $script:tenantID = $TenantID $script:clientID = $ClientID $script:thumbprint = $Thumbprint $script:adminUrl = $AdminUrl } |