I usually have to connect to Office 365 via PowerShell at least once per day. I had the following function stored in my PowerShell Profile:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://ps.outlook.com/powershell/" -Credential $UserCredential -Authentication Basic -AllowRedirection
Connect-MsolService -Credential $UserCredential
This allowed me to just open PowerShell and type Connect-O365 to connect to Office 365 instead of looking up the Session information and all of the cmdlets needed. One of the issues I faced was the lack of multi-factor authentication support. To connect to Exchange Online or Security and Compliance Center using multi-factor authentication you must use another module that is found in your tenant. Also, … Continue...
I have been recently using Teams as a central location for my organizations technical notifications instead of email as it provides a way for an entire Help Desk team to openly collaborate on the message and its contents. I recently got a request to get a Teams notification when a user gets locked out of their Active Directory account. By setting up a Webhook connector we can make it happen. The script will be triggered from Task Scheduler on Event ID 4740 which is created when a user gets locked out. By using “Search-ADAccount -LockedOut” we can return an array of locked out accounts, but by ordering it by lockout time we can ensure that we grab the most recent locked out user that corresponds to the security event.
I set the script and scheduled task up on my PDC because as far as I know, the actual lockout event … Continue...
In my previous post
I went through setting up a Team’s webhook to send a daily message / notification of all your Active Directory users that have their password expiring in a week or less. This is valuable for an IT team as they can review users and work together on the within the same work space (team).
In this post I will be setting up another scheduled task to send a daily message on Active Directory accounts that have not logged on in 90 days or more. I am also returning attributes like LockedOut, LastLogon, Enabled and more.
The array of users is sorted, showing the users that have not logged on in the longest to the shortest. You can change the sort order to fit the needs of your environment. By using the cmdlet, “New-Timespan” I can get the amount of days since the user last logged on.… Continue...
Microsoft Teams has many connectors available including Incoming Webhook. “This provides an easy solution to post notifications / messages from any scripting language through JSON formatted web service call.”1
In this post I will show you how you can gather all of your users who have passwords expiring within a specified time range, and send a notification including all relevant information to a Teams Channel. In my example I will get all users who have passwords expiring in 7 days and less and have it notify my “Help Desk” Teams Channel.
The current script will parse only enabled users because we don’t need to report on users, ‘passwordlastset’ attribute if the account isn’t even allowed to log in. It will also sort all of our data, so the users with passwords expiring the earliest will always be at the top of the message. The top description under, “Users … Continue...
I recently found myself needing to build out an on premise Active Directory environment and populate it from objects found in Office 365 (AzureAD). The local Active Directory would then be configured as the identity source and would sync up to AzureAD using Azure AD Connect. Unfortunately, Azure AD Connect is currently a one way sync from your on premise Active Directory Domain Services environment to AzureAD and wont sync objects down. AADConnect does have the ability to match our AzureAD objects to their corresponding Active Directory objects but, if an attribute like City, Phone Number, Department, Title, etc. is present in your existing AzureAD and not in ADDS, the attribute may remain in AzureAD but not replicate down to ADDS. So we will want to copy over as many attributes from AzureAD to our local Active Directory as possible in preparation for the Azure AD Connect sync. We will … Continue...
As an Office 365 administrator, you can apply your company branding to customize the look of your organization’s Office 365 Message Encryption email messages as well as the contents of the encryption portal. You can customize the following aspects of the viewing experience for recipients of encrypted email messages:
- Introductory text of the email that contains the encrypted message
- Disclaimer text of the email that contains the encrypted message
- Text that appears in the OME portal
- Logo that appears in the email message and OME portal
- Background color in the email message and OME portal
You can also revert back to the default look and feel at any time.
Below is the default message your recipient will see when they receive an encrypted email message.
Customize the Message
To customize the OME message you will first need to connect to Exchange Online using Remote PowerShell. You then want to get … Continue...
The SharePoint Development Community (also known as the SharePoint PnP community) is an open-source initiative coordinated by SharePoint engineering. This community controls SharePoint development documentation, samples, reusable controls, and other relevant open-source initiatives related to SharePoint development1 .
The SharePointPnP.PowerShell module is quite vast when it comes to managing and administrating your on-premise or SharePoint online environment. Before we dive into it you will first want to install it so you have all the cmdlets available to you.
|SharePoint Version Command to install
Note: This will be an on-going article. As I continue using this module I will update this article.
Connecting to SharePoint
In my environment I have SharePoint with Office 365 so I will be connecting to SharePoint Online. For testing purposes I will be working in one of my test sites so I will … Continue...
One of the things IT Administrators look to automate first is the new user creation process. I recently was going through the process of creating a new hires Active Directory login, Office 365 mailbox, and their Office 365 user account, and I wondered how I could make the process easier and quicker.
My focus was geared towards Managed Service Providers (MSP’s), Human Resource (HR) departments and general Help Desk Technicians. For MSP’s I wanted to create a tool that they could easily use across all of their clients because they may not spend the time to automate new user creations because they have hundreds, if not thousands of clients to tend to, and each client is unique so you can’t just copy the same automation script from one client to another. This would also be a huge asset for Help Desk technicians because they are more often than not the … Continue...
From time to time you may get clients or even managers requesting reports about their Office 365 environment. Another popular reason to compile a report on an Office 365 tenant would be when you take over a new client and you are auditing their environment trying to figure out what exactly is going on.
Click here to view the report as we go through it.
Using the PowerShell module “ReportHTML“, we can create beautiful and interactive HTML reports. Below I will walk you through a report I spent some time creating that includes tabs, charts, data tables and more. Below you can see the first page of my report. You can navigate to different content by clicking the tab. If you wanted to view the Users report you would just click on that tab.
The Dashboard contains some basic information about the Office 365 tenant … Continue...