Adventure of installing the Windows Azure Active Directory Module for PowerShell

Well, you know the story – “something needs to be done immediately, usually in the middle of the night, involving PowerShell, and you don’t have all the needed modules installed…”.

The solution seems easy enough – install the required modules, connect to Office 365 and do the job. Yeah… but no! Smile

More specific – I’ve tried to install the Windows Azure Active Directory Module for Windows PowerShell the other night. In the end, I’ve succeeded, but something kept me awake a little longer than necessary.

I’ve read an article on TechNet, explaining the management of Azure Active Directory using PowerShell. Why? Because I couldn’t do what was needed via the (nice) user interface.

So, instructions said “Install the Windows Azure AD Module” – I’ve downloaded the appropriate installer (Windows Azure Active Directory Module for Windows PowerShell (64-bit version)), and started the installation.

Almost immediately, I’ve got an error saying that the Microsoft Online Services Sign-In Assistant (version 7.0 or greater) needs to be already installed. OK, I’ve downloaded this piece of software as well (from here), and installed it. “Fortunately” it demands a machine reboot. Rebooted.


Now I’ve tried to install the Windows Azure AD Module again, and got the same error:


I must say that I’m little confused at this point, because I was convinced that I’ve installed this just a minute or two ago. Ok, it’s late. No big deal – I’ve ran the installation again, and got the following screen:


So, it is installed after all. Maybe it’s the wrong version (on the other hand, the TechNet article contains the link to download)? After a few moments of searching, I’ve found the more recent version of this Sign-In Assistant, called Microsoft Online Services Sign-In Assistant for IT Professionals BETA. I’ve installed this version now, and tried to install the Windows Azure AD Module afterwards. Now it finally worked!


The conclusion – this TechNet article is slightly out-of-date (linked to the wrong version of the Sign-In Assistant, which doesn’t work with the current version of Windows Azure AD Module) and, until this is resolved, you’ll need to install the BETA version from the link provided above (this one).


New novel on the horizon…

Mark Russinovich has a new book! Smile

It’s a novel called Rogue Code, third one in the Jeff Aiken series (following the great “Zero Day” and “Trojan Horse” novels), and this one is about the breach in the New York Stock Exchange. How cool is that???

I must say that I’ve really enjoyed reading the first two novels, so I can’t wait this one to arrive. Well, I love to read… and not only the “technical stuff”. I’m also happy that I’ve got the first novel (from and signed by Mark personally – thanks again, Mark).


You can find more details and pre-order/order info here.

Happy reading!

P.S. Mark, keep them coming! Smile

P.P.S. If you have something to read, please, send it over here… Smile

UPDATE (June 18th, 2014): It’s here! Smile I’ve received my copy today – can’t wait to start reading!

Installing the KB2920189… successfully!

The other day, I’ve written about an issue with installation of update KB2920189 for Windows Server 2012 R2 (post called [TIP] Latest “Patch Tuesday” & errors installing update). So, the problem I was facing was failing installation on Generation 2 virtual machines, with Secure Boot enabled.

Actually, you can overcome this problem easily by reading the documentation before it happens or… with PowerShell after (OK, you can use GUI also, but who uses it nowadays?)! Smile

As I’ve already mentioned, all you need to do is just one thing – install the BitLocker feature on your server.

(yes, “-Restart” is optional – if you want, you can restart your server manually, of course)


After that, BitLocker is installed, and you can successfully install the KB2920189 also.

Second (not official) approach on installing this update on Generation 2 virtual machine, as I’ve written in the mentioned post, is to uncheck Secure Boot, install the update, and then check the Secure Boot option again.

This can be easily done using the following script:

We can now install this “problematic” update as the Secure Boot feature is disabled:



…and Secure Boot is enabled again (“nothing” happened)!

Of course, you can do all of this manually, but then again – why do we have PowerShell? Smile


P.S. I’m no PowerShell expert… just like to automate some things. Smile

Latest “Patch Tuesday” – errors installing update

Latest “Patch Tuesday” (May 13th, 2014) has brought us a pack of updates (you can read all the details about them here and here), but one of them was making trouble for me. The update I’m talking about is called “Security Update for Windows Server 2012 R2 (KB2920189)”. You can read more about this update in KB2920189.

I’ve tried to install it on a number of my Hyper-V virtual machines (Generation 2), but the update keeps failing with error 800F0922:


This error and its cause is described in
KB2962824. In short, this update expects that the BitLocker feature is installed (not enabled or used, but installed) – in my case, the problem was Secure Boot, which is enabled by default on Generation 2 virtual machines.

You can install the BitLocker feature on your Windows Server 2012 R2 servers before installing this update, or you can switch the Secure Boot off, install the update and switch it back on (I’ve decided to do the latter).

After switching the Secure Boot off, installing the update and switching it on again, the update installed successfully:


Have fun!