Popular PowerShell Scripts for Office 365 Administrators – Part II
Use these common PowerShell Scripts for making modifications
MessageOps has compiled these handy PowerShell scripts that you can use to make modifications with regards to your Office 365 tenant.
Licensing – This will license users from a csv and give you a report of what failed
- Launch the powershell connect to 365 and run the command to get the license available
- Fill out the csv with username from 365 and license sku
- Then path to the directory where they are at and run rename the txt file to a .ps1
.\scriptname .\users.csv
How to get the actual license sku
Get-MsolAccountSku
Anything below can be turned into a variable and put into a csv or just added to the script below.
$file= “AssignLicense.log”
$LogName = $MyInvocation.mycommand.Path.replace(“.ps1”, “.log”)
((Get-Date).ToString() + ” Script Started”) | out-file $LogName
Start-Transcript -Path $file -NoClobber:$false
import-csv $args[0] | foreach{
$Error.Clear()
“****************************************************************************”
“Assigning License to ” + $_.email
“****************************************************************************”
try{
Set-MsolUser -UserPrincipalName $_.email -UsageLocation US -ErrorAction SilentlyContinue
Set-MsolUserLicense -UserPrincipalName $_.email -AddLicenses $_.license -ErrorAction SilentlyContinue
}
catch
{
$Error[0].Exception.Message
}
if($Error.count -gt 0){
$Message = “Error Processing : ” + $_.email + ” ” + $Error[0].Exception.Message
Write-Host $Message -ForeGroundColor Red
$Message | out-file $LogName -Append
}
}
Stop-Transcript
How to change a username in Office 365 for login
A single user
Set-MsolUserPrincipalName -UserPrincipalName [email protected] -NewUserPrincipalName [email protected]
List of users by csv
Import-Csv .\users.csv | foreach {Set-MsolUserPrincipalName -UserPrincipalName $_.UPN -NewUserPrincipalName $_.UPN2}
Turn on user auditing
set-mailbox -auditenabled $true -identity username
Turn on impersonation for a service account
New-ManagementRoleAssignment –Role “ApplicationImpersonation” –User [email protected]
Full Access All Mailboxes
Gives a single user Full Access rights to all mailboxes in the tenant. This is primarily used for administrators of the tenant for oversight. Set auto mapping to ‘False’.
Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq ‘UserMailbox’) -and (Alias -ne ‘Admin’)} | Add-MailboxPermission -User [email protected] -AccessRights FullAccess -InheritanceType All -Automapping $false
Password Change
Change the password of a single mailbox user.
Set-MsolUserPassword -userPrincipalName [email protected] -NewPassword “Welcome1” -ForceChangePassword $false
Password Complexity
Changes the password complexity of the tenant from strong to weak. Not recommended, but there have been cases of this occurring.
Get-MsolUser | Set-MsolUser -StrongPasswordRequired $false
Password Never Expires
Sets a single mailboxes password to never expire.
Set-MsolUser -UserPrincipalName [email protected] -PasswordNeverExpires $true
Remove Forward
Remove all forwards from a single mailbox. This can be done in the portal, but sometimes the modification fails and this script is needed.
Set-Mailbox -Identity [email protected] -DeliverToMailboxAndForward $false -ForwardingSMTPAddress $null
Delete User
Delete a single user mailbox from Office 365. Sometimes this is not possible through the Office 365 portal making this script necessary.
Remove-MsolUser -UserPrincipalName [email protected]‘ -Force
Purge Deleted Users
Removes all deleted mailboxes from the recycle bin. This cannot be reversed, but if an account has an SMTP address or UPN you require, this is necessary.
Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser –RemoveFromRecycleBin -Force
Store and Forward
Sets a store and forward rule on a single mailbox. This still sends mail to the intended recipient and keeps a copy, but also forwards to the mailbox of your choosing.
Set-Mailbox -Identity [email protected] -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]