You are here: Foswiki>KnowledgeBase Web>Office365AdminWithPowershell (01 Jun 2022, NickDemou)Edit Attach

Managing Office365 from Powershell

For all cases below you need to set the executionpolicy

Once for every PC you need to run this and select A for ALL 
Set-ExecutionPolicy RemoteSigned

How to start a generic powershell session for o365

To start the session 

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -AllowRedirection
Import-PSSession $Session

To close the session 

Remove-PSSession $Session

(Get-AzureADUser) How to use the Azure Active Directory PowerShell for Graph module

First time installation only

If not already installed, install AzureAD. To do so make sure you start a 64bit administrator powershell

(These steps are required once on your computer, not every time you connect. However, you'll likely need to install newer versions of the software periodically)

PS C:\Windows\system32> Install-Module -Name AzureAD

NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\user\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running
'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and import
the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from
'PSGallery'?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): Y

Close the administrative powershell that you used for installation

Normal usage

Run 64bit powershell

Connect-AzureAD # it will ask for o365 credentials

You can now issue commands like 
Get-AzureADUser
Get-AzureADUser | Select-Object DisplayName,Department,UsageLocation
Get-AzureADUser -ObjectID ndemou@enlogic.gr | Select-Object *
Get-AzureADUser | Where-Object {$_.City -eq "London"}

(Get-MsolUser) How to use the Microsoft Azure Active Directory Module for PowerShell

First time installation only

If not already installed, install MSOnline module. To do so make sure you start a 64bit administrator powershell:

(These steps are required once on your computer, not every time you connect. However, you'll likely need to install newer versions of the software periodically)

PS C:\Windows\system32> Install-Module MSOnline

NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\user\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by running
'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install and import
the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from
'PSGallery'?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): Y

Close the administrative powershell that you used for installation

Normal usage

Run 64bit powershell

Connect-MsolService

You can now issue commands like 

Get-MsolUser -UnlicensedUsersOnly
Get-MsolUser -UserPrincipalName ndemou@enlogic.gr

# example of changing title, city, blocking sign-in, etc
Get-MsolUser -Title 'Assistant ' | ?{$_.iSlicensed} | Set-MsolUser -Title 'Assistant'
Get-MsolUser -UserPrincipalName 'konstantinos.kokopoulos@enlogic.gr' | Set-MsolUser -City 'Athens'
Get-MsolUser -UserPrincipalName 'ilias.fofopoulos@enlogic.gr' | Set-MsolUser -BlockCredential $True

# list all departments
(Get-MsolUser -City Athens | ?{$_.islicensed}).Department + (Get-MsolUser -City Thessaloniki | ?{$_.islicensed}).Department  + (Get-MsolUser -City Sofia | ?{$_.islicensed}).Department | sort -Unique | %{"<$_>"}

Connect-IPPSSession (connect to Security & Compliance Center)

Connect-IPPSSession allows you to create a remote PowerShell session to Exchange-related PowerShell environments other than Exchange Online PowerShell. For example, Security & Compliance Center PowerShell. 

Connect-IPPSSession 

# example command
Get-ComplianceSearch

Managing Exchange

For the first command you need to make preparations: see above or at https://gcits.com.au/knowledge-base/how-to-set-up-a-quick-connection-to-exchange-online-via-powershell/ 
#  connect to exchange online
#=========================================================================
Connect-EXOnline

#  list all emails addresses of all users (both primary ones and aliases)
#=========================================================================
Get-Mailbox | Select-Object DisplayName,@{Name=”EmailAddresses”;Expression={$_.EmailAddresses |Where-Object {$_ -LIKE “SMTP:*”}}} | Sort | Export-Csv C:\email-aliases.csv
cat C:\email-aliases.csv

#  add an alias 
#=========================================================================
Set-Mailbox plymperopoulou@dimopoylosate.gr -EmailAddresses @{add="workshop@dimopoulosate.gr"}

# If you have a domain @from.com and you add a domain alias (e.g. @to.gr) 
# and you want all mailboxes to be available on both domains then for every 
# single email @from.com you need to add an alias @to.gr
#=========================================================================
$users = Get-Mailbox | Where-Object{$_.PrimarySMTPAddress -match "from.com"}

foreach($user in $users){
    Write-Host "Adding Alias $($user.alias)@to.gr"
    Set-Mailbox $user.PrimarySmtpAddress -EmailAddresses @{add="$($user.Alias)@to.gr"}
}

Import-Module ExchangeOnlineManagement

Connect-ExchangeOnline -UserPrincipalName ndemou@mazars.gr 

cat C:\Users\user\temp.txt |  %{ add-DistributionGroupMember ProjectManagers@mazars.gr -Member $_}

Get-DistributionGroupMember ProjectManagers@mazars.gr

	Name                     RecipientType
	----                     -------------
	george.lalakis           UserMailbox
	...

Enable Disable Protocol (imap, pop3, etc) 

#Get's all the mailboxes and the connection types status
Get-CASMailbox -ResultSize unlimited | Select-Object -Property Identity, *Enabled | Export-Csv -NoTypeInformation -Path report.csv

#Sets at $Mailboxes all the emails that have *@mazars.com
$Mailboxes = Get-Mailbox -ResultSize Unlimited -Filter "UserPrincipalName -like '*@mazars.com'"
#changes the pop and imap to disabled
ForEach ($Mailbox in $Mailboxes) {$Mailbox | Set-CASMailbox -PopEnabled $False -ImapEnabled $False }
Edit  | Attach | Print version | History: r6 < r5 < r4 < r3 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r6 - 01 Jun 2022, NickDemou
Copyright © enLogic