AI wrote the script.
The standards were mine.
In 2019 I wrote the kind of provisioning script every shop had: hardcoded paths, a plaintext password, six hand-edited copies. In 2026 I rebuilt the same task for Microsoft Entra by directing an AI with a crafted prompt and codified PowerShell standards. Both scripts are public, and the gap between them is what this site demonstrates.
the demo
The centerpiece of this site is a guided walkthrough: the 2019 script annotated line by line, the exact prompt and standards that directed the rebuild, eight design decisions with the reasoning written out, and a replay of the new script's dry run. The dry run needs no tenant and no Graph module, so you can reproduce it yourself.
PS C:\entra-provisioning-demo> pwsh -File src/New-EntraUsersFromCsv.ps1 -CsvPath data/new-hires.csv -WhatIf [2026-07-08 00:08:49] [INFO] Read 9 rows from data/new-hires.csv. [2026-07-08 00:08:49] [WARNING] Row 8: SKIPPED (missing field(s): First). [2026-07-08 00:08:50] [INFO] PLAN Jamie Doe: create jdoe2@contoso.com | group Legal-Support-Users | license SPE_E3 (group-based) | TAP valid 2026-07-13 -> email alan.pierce@contoso.com What if: Performing the operation "Create Entra user, add to 'Legal-Support-Users', issue Temporary Access Pass, email manager" on target "jdoe2@contoso.com".
An excerpt from the real dry-run output, captured rather than mocked. The username
jdoe2 is the collision handler at work: there is already a
jdoe in the same batch. The full replay, including the skipped rows and
the seven-row summary, is in the walkthrough. Demo identities and domains are
fictional.
work
Selected infrastructure and automation work, written up as case studies. Employers are named; clients are described by sector only, with identifying details removed. Four are live; the last is being written up.
-
SharePoint-to-IT-Glue Migration
Roughly 3,500 documents across 28 organizations moved out of SharePoint via the Microsoft Graph API, checkpointed and resumable end to end.
> read the case study -
Multi-Tenant Delegated Administration
CSP/GDAP delegated administration across client M365 tenants: role design, consent at scale, and automation that works under delegation.
> read the case study -
Security & Infrastructure Audit Program
A standing audit program across 25 client organizations: M365 security baselines, firewall configuration review, and remediation tracking on a fixed cadence.
> read the case study -
Phishing-Simulation Platform
A self-hosted phishing-simulation stack on Azure for authorized awareness engagements: scripted Azure CLI configuration, TLS, SMTP relay, and secrets in Key Vault.
> read the case study -
RMM-to-Documentation Pipeline
Scheduled sync from the RMM platform's API into IT Glue. Gateway-first site detection turns raw device inventory into per-site network documentation.