search

microsoft / EntraExporter

PowerShell module to export a local copy of an Entra (Azure AD) tenant configuration.
https://aka.ms/EntraExporter
MIT License
568 stars 89 forks source link

QUESTION (noob): What can folks recommend for IMPORTING this to a tenant? #65

Open domcote opened 5 months ago

domcote commented 5 months ago

@merill and folks, this is awesome. What is the easiest way to import / restore this back in to an Entra ID tenant?

hitem commented 5 months ago

I was wondering this myself :)

n9yty commented 2 months ago

Same question here, and in fact it makes me wonder what value a bunch of JSON files have without a way to process them back into the system.

GeldHades27355 commented 2 months ago

We found Microsoft365DSC.com shortly afterwards. I think that might be your answer. 👍

tobisce commented 1 month ago

@domcote @n9yty @GeldHades27355 - We are currently working on restoring these JSON files. We have already succeeded in doing this for several settings, e.g. for applications, auth methods, conditional access named locations, etc. Have you found a way to restore it in the meantime? I am open to an exchange of ideas.

GeldHades27355 commented 1 month ago

Yeah - as previously mentioned: https://Microsoft365DSC.com.

tobisce commented 1 month ago

Have you tried granular restores of settings? In case you just want to restore only specific settings out of your DSC export file.

GeldHades27355 commented 1 month ago

Yeah no - haven't tried due to no need. We actually need full imports every time. Plus, DSC helps us keep target tenants aligned with our blueprint/baseline.

I DIDN'T say Microsoft365DSC was easy btw... it is NOT. 🤪 It expects advanced Powershell, Powershell DSC and Entra experience to work properly. But it's one of the few tools I am aware of that can programmatically dump and import most (if not all) key Entra settings.

There are other projects out there that have similar goals: https://github.com/KelvinTegelaar/CIPP with a fancy GUI and even support, as well as https://github.com/Micke-K/IntuneManagement, which does an excellent job of exporting and importing JSON for Intune with a really nice GUI on it. Maybe you can plug in to them?

Personally, I'm a huge fan of IntuneManagement. Seeing that you also use JSON to define the settings, I'd think it wouldn't be too hard to integrate with IntuneMangement - resulting in a tool that covers two of the major PITAs when managing multiple M365 tenants. 😁 Especially having a GUI for lesser coders would be a gamechanger IMHO.