What Changed
Updated PowerShell permission assignment instructions in Microsoft Defender for Endpoint antivirus playbooks to use the Microsoft Graph SDK instead of deprecated AzureAD module cmdlets.
Migration Context
The AzureAD PowerShell module is deprecated and being phased out by Microsoft. Organizations deploying these playbooks would experience script failures when using the old cmdlets, as the AzureAD module may not be available in newer environments.
Updated Commands
- Get-AzureADServicePrincipal → Get-MgServicePrincipal
- New-AzureAdServiceAppRoleAssignment → New-MgServicePrincipalAppRoleAssignment
- Connect-AzureAD → Connect-MgGraph
Playbook functionality remains unchanged - this affects only post-deployment configuration scripts.
Affected Files
Solutions/MicrosoftDefenderForEndpoint/Playbooks/Run-MDEAntivirus/Run-MDEAntivirus-alert-trigger/azuredeploy.json Solutions/MicrosoftDefenderForEndpoint/Playbooks/Run-MDEAntivirus/Run-MDEAntivirus-incident-trigger/azuredeploy.json Solutions/MicrosoftDefenderForEndpoint/Playbooks/Run-MDEAntivirus/readme.md (packaging artefacts: mainTemplate.json, ReleaseNotes.md)