I recently found myself needing to build out an on premise Active Directory environment and populate it from objects found in Office 365 (AzureAD). The local Active Directory would then be configured as the identity source and would sync up to AzureAD using Azure AD Connect. Unfortunately, Azure AD Connect is currently a one way sync from your on premise Active Directory Domain Services environment to AzureAD and wont sync objects down. AADConnect does have the ability to match our AzureAD objects to their corresponding Active Directory objects but, if an attribute like City, Phone Number, Department, Title, etc. is present in your existing AzureAD and not in ADDS, the attribute may remain in AzureAD but not replicate down to ADDS. So we will want to copy over as many attributes from AzureAD to our local Active Directory as possible in preparation for the Azure AD Connect sync. We will … Continue...
As an Office 365 administrator, you can apply your company branding to customize the look of your organization’s Office 365 Message Encryption email messages as well as the contents of the encryption portal. You can customize the following aspects of the viewing experience for recipients of encrypted email messages:
- Introductory text of the email that contains the encrypted message
- Disclaimer text of the email that contains the encrypted message
- Text that appears in the OME portal
- Logo that appears in the email message and OME portal
- Background color in the email message and OME portal
You can also revert back to the default look and feel at any time.
Below is the default message your recipient will see when they receive an encrypted email message.
Customize the Message
To customize the OME message you will first need to connect to Exchange Online using Remote PowerShell. You then want to get … Continue...
One of the things IT Administrators look to automate first is the new user creation process. I recently was going through the process of creating a new hires Active Directory login, Office 365 mailbox, and their Office 365 user account, and I wondered how I could make the process easier and quicker.
My focus was geared towards Managed Service Providers (MSP’s), Human Resource (HR) departments and general Help Desk Technicians. For MSP’s I wanted to create a tool that they could easily use across all of their clients because they may not spend the time to automate new user creations because they have hundreds, if not thousands of clients to tend to, and each client is unique so you can’t just copy the same automation script from one client to another. This would also be a huge asset for Help Desk technicians because they are more often than not the … Continue...
From time to time you may get clients or even managers requesting reports about their Office 365 environment. Another popular reason to compile a report on an Office 365 tenant would be when you take over a new client and you are auditing their environment trying to figure out what exactly is going on.
Using the PowerShell module “ReportHTML“, we can create beautiful and interactive HTML reports. Below I will walk you through a report I spent some time creating that includes tabs, charts, data tables and more. Below you can see the first page of my report. You can navigate to different content by clicking the tab. If you wanted to view the Users report you would just click on that tab.
The Dashboard contains some basic information about the Office 365 tenant … Continue...
I set out to explore a way to generate a nice, multi-sheet, Office 365 report that I could give to end-user’s or Office Manager’s using PowerShell. Unfortunately, I read about the Excel COM interface before reading about the Excel PowerShell module created by Doug Finke. If you are starting from scratch, I would recommend reading up on the PowerShell Module instead of going the COM route as it’s a easier to use that the Excel COM Interface. Regardless, I finished my PowerShell script and wanted to share it for others to use.
Not a lot of pre-reqs for this script and I designed it that way. At first it was reliant on an Excel Workbook that was pre-formatted how I liked, and it would populate the data specifically for that workbook only. However, I decided to have PowerShell format the Excel Workbook from scratch as it ran. So for … Continue...
If you have never heard of PowerShell Universal Dashboard you need to head on over to PoshUD right now and check out this awesome PowerShell Module. Using PowerShell Core, Material Design, ReactJS and ASP.NET Core, Universal Dashboard takes advantage of cutting-edge technology to provide cross-platform, cross-device dashboards that looks sleek and modern.1
While reading over some other posts about what other people have done with PowerShell Universal Dashboard, I wondered if there was a way to create a interactive dashboard that would hook into Office 365 and gather data from it. At first, I attempted to create a dashboard that would create a PSSession to Office 365 but it presented some problems and overall was quite slow. I then decided to use the Microsoft Graph REST API to connect to Office 365. This allows it to refresh the data within in the dashboard quickly and takes seconds to connect.… Continue...
When doing a migration to Office 365, one of the final steps prior to “flipping” the user in the migration batches, is to make sure to properly license them so once they flip they get an Exchange Online mailbox. One of the issues you will come across is you will have more users in Office 365 than you are migrating. This is very common because some users may not need Exchange services but may need other Office 365 offerings such as OneDrive, SharePoint, etc. This also happens when you use ADConnect to sync on-premise Active Directory users to Office 365 and again, not everyone will be needing an Exchange mailbox. However, prior to completing your migration batch jobs is all the users in the batches must have a proper license for Exchange.
Instead of going through user objects one by one, I created a script that will do the following:… Continue...
This article will show you how to work with the Graph API using a PowerShell module. If you want to learn how to work with the API with only PowerShell please visit this article: https://www.thelazyadministrator.com/2019/07/22/connect-and-navigate-the-microsoft-graph-api-with-powershell/
The Microsoft Graph API is a REST API provided by Microsoft for integrating and managing Office 365 Exchange Online, OneDrive for Business, and Azure AD. It allows for application developers to integrate their apps with those Microsoft Services. Management of the environment is also possible but requires understanding of OAuth and REST.¹
By using the PowerShell module PSMSGraph we can interact with the Graph API in a more PowerShell friendly way. The MSMSGraph module is an API wrapper. It seeks to take the “foreign” concepts of REST and OAuth and make them accessible and usable in PowerShell. This module strives to make PowerShell administration and automation tasks via the Microsoft Graph API more like … Continue...
There are some immediate perks for using PowerShell to either install an application on remote computers or update an applications configuration remotely. In this post I will do several things, Install Office 365 ProPlus to a remote computer, and update the configuration of Office 365 ProPlus on the remote machine, having it go from the Monthly channel to the Semi-Annual channel and also removing groove.exe and lync.exe (Skype for Business).
When updating the configuration the install is silent and the EULA is accepted by setting <Display Level=“None” AcceptEULA=“TRUE”/>. When you set FORCEAPPSHUTDOWN to false, Office applications can be used during the upgrade but its recommended to restart the client workstation at the end of the install. I have also seen it not able to update if certain office applications are running. It’s recommended to set FORCEAPPSHUTDOWN to TRUE to close the office applications while … Continue...
When you want to look up a users license in Office 365 using PowerShell you are presented with a unfriendly Sku. Sometimes the Sku and the actual license name are similar but sometime it’s hard to distinguish the name from the Sku.
Using a hash table we can convert the Sku to its friendly name an have PowerShell do a lookup.
The script will first lookup all users that are currently licensed so it does not attempt to look up a null value. It will then go through each licensed user, take all of their licenses and put it in an array, do a lookup on each license they have and export the user’s Display Name and friendly license name to a CSV file. It will append the results to the CSV so it does not overwrite the file.
The results will display the user and their friendly … Continue...