To smooth the creation of your PowerSyncPro EntraID Application in the source or target tenant the script below will create the full requirements for directory synchronisation (read & write) and enable features for creating the bulk enrolment token for device migrations to become cloud native (Entra Joined).

Requirements:

• An activated Global Administrator needs to run the script.
• You need to know the tenant ID (GUID) before running the script.
• Microsoft.Graph PowerShell module needs to be installed on the machine where you are running the script.

Output:

• The tenant ID, the application (client) ID, and the secret - all used for configuring the Entra ID endpoint in PowerSyncPro.

High level features:

• Checks to see if Microsoft.Graph is installed, and attempts to install it for you.
• Checks for the existence of the “Microsoft.Azure.SyncFabric” application which also needs exist in the tenant to allow for the bulk enrolment token to be generated.
• Creates the required roles in the application
• Creates the required scope in the application
• Assigns admin consent

Additional information when performing Device Migrations to Entra Joined

• When in PowerSyncPro interface and you wish to create the bulk enrolment token, ensure you are browsing to the GUI of PSP using the URL http://localhost:5000 otherwise the process will fail.

CreatePSPEntraIDApp.ps1

An example output is below, use the output to create your Entra ID directory in PowerSyncPro.