PowerShell Function to Connect to All Office 365 Services With Support for MFA

PowerShell Function to Connect to All Office 365 Services With Support for MFA

I usually have to connect to Office 365 via PowerShell at least once per day. I had the following function stored in my PowerShell Profile:

This allowed me to just open PowerShell and type Connect-O365 to connect to Office 365 instead of looking up the Session information and all of the cmdlets needed. One of the issues I faced was the lack of multi-factor authentication support. To connect to Exchange Online or Security and Compliance Center using multi-factor authentication you must use another module that is found in your tenant. Also, when you install this module it gets buried in your local app data folder.

So I decided to just re-do the entire function, allowing it to connect to the following Office 365 services:

  • Exchange Online
  • Skype for Business
  • SharePoint Online
  • Security and Compliance Center
  • Azure AD v2
  • Azure AD v1 (MSOnline)
  • Microsoft Teams

By calling the MFA switch we can also connect to all of the above services while utilizing multi-factor authentication. The function also allows us to connect to multiple services at once by calling the parameter. If I wanted to connect to Azure AD v1 (MSOnline), Exchange Online and Teams without using multi-factor authentication I can type:

If I wanted to use multi-factor authentication I could type:

Enter your verification code in the Exchange Online Remote PowerShell window
Prompted for MFA Token

Modules

The following modules are used and will be needed if you plan on connecting to the relevant Office 365 service. You do not need to have every module installed if you are not going to connect to its service.

Exchange

  1. EXOPSSession (Only needed if you use multi-factor authentication)

Skype for Business

  1. SkypeOnlineConnector

SharePoint

  1. Microsoft.Online.SharePoint.PowerShell

Security and Compliance Center

  1. EXOPSSession (Only needed if you use multi-factor authentication)

Azure AD V2

  1. AzureAD

Azure AD V1 (MSOnline)

  1. MSOnline

Microsoft Teams

  1. MicrosoftTeams

Features

Credential Pass Through

If you do not utilize multi-factor authentication then you will only be prompted once for credentials. The function will store the credential object in a variable and pass it to each service you connect to. This allows you to connect to multiple services without having to enter in your credentials for each individual one. Due to how multi-factor authentication works in regards to the token, this is not possible if you use MFA.

Auto Import MFA Module

As I mentioned earlier the Exchange MFA module hides itself deep inside your Local App Data folder. The function will parse your app data folder and find the full path to the module and then load it into memory.

Once we store the path in a variable we can dot source the script to import the module

Service Connection Status

The host title bar will append which services you are connected to. It will do a quick connection verification prior to appending the title bar text. If unable to connect it will not appear in the title bar.

Download

GitHub

 

 

22 thoughts on “PowerShell Function to Connect to All Office 365 Services With Support for MFA

  1. The page you link to for the Skype Online Connector module says that the module has been de-listed. Looking at MS docs, it appears that the powershell module for skype online which is currently recommended is this one:
    https://www.microsoft.com/en-us/download/details.aspx?id=39366

    I’m not sure if this is simply a newer version with an updated name, or if they are significantly different.

    Is there a reason you went with the de-listed module over the current module?

  2. Will this code get upgraded to include the Disconnect Sessions that should be done when using certain connections?

  3. This is magic, thank you for sharing.

    Also, tiny typo on the AzureAD switch (line 113) in your module check condition.

    Write-Error “SkypeOnlineConnector Module is not present!”

    I assume this should be the ‘AzureAD Module’.

  4. If I run Connect-Office365 -Service MSOnline, Exchange -MFA, does it right to input credential twice? In my case I should input id, password, code all twice?

  5. Hey I need some help I downloaded the script and when I am trying to run the ps I receive the following error:
    I want to mention that I am not good with PowerShell I need some guidance on what I am doing wrong?

    PS C:\Users\administrator> Connect-Office365 -Service Teams, Exchange, MSOnline
    Connect-Office365 : The term ‘Connect-Office365’ is not recognized as the name of a cmdlet, function, script file, or
    operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
    again.
    At line:1 char:1
    + Connect-Office365 -Service Teams, Exchange, MSOnline
    + ~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (Connect-Office365:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    1. you need to load the function into memory. you can open powershell ISE, paste it and press the play button and then you will have it but I recommend creating a powershell profile and copying, pasting and saving the function in the profile file.

      1. I did what you suggested still doesn’t want to work.
        Nothing happened I want to mention that I installed the modules.
        I tried to open like this but I receive the following error.

        Suggestion [3,General]: The command Connect-Office365.ps1 was not found, but does exist in the current location. Windows PowerShell does not load commands from the current location by default. If you trust this command, instead type: “.\Connect-Office365.ps1”. See “get-help about_Command_Precedence” for more details.
        PS C:\Users\administrator\Desktop\PowerShell-master\Office 365>

        1. set you execution policy by launching an admin powershell (set-executionpolicy unrestricted (or remotesigned) ). when you save the function in your powershell profile you will need to relaunch powershell so powershell can see it.

  6. How do you end the session, the reason why I ask is because my PS keeps freezing if I leave o365 connected. I tried Connect-Office365 -Exchange -MFA $false but it returns an error saying failed to connect.

    1. you dont need to specify -MFA $False, only use the mfa param if you require MFA. (changed this from previous behavior)

      when you connect youll have a PSSession, you can view your PSSessions by running Get-PSSession and remove all PSSessions by running Get-PSSession | Remove-PSSession

  7. Thank you very much that makes a lot of sense! Now my powershell will stop freezing if I end the PSession wooo!

  8. Wow this is awesome! once I figured out I had to paste it into Microsoft.PowerShell_profile.ps1 and change the sharepoint site name to mine.

  9. Much thanks for this and the links in the comments to add to profile!
    I really hope that we (and I really mean you because I am no where near this) can design a way for one MFA prompt.

Leave a Reply

Your email address will not be published. Required fields are marked *