Use these common PowerShell Scripts for making modifications

, Popular PowerShell Scripts for Office 365 Administrators – Part II

MessageOps has compiled these handy PowerShell scripts that you can use to make modifications with regards to your Office 365 tenant.

Licensing – This will license users from a csv and give you a report of what failed

  • Launch the powershell connect to 365 and run the command to get the license available
  • Fill out the csv with username from 365 and license sku
  • Then path to the directory where they are at and run rename the txt file to a .ps1

.\scriptname .\users.csv

How to get the actual license sku

Get-MsolAccountSku

Anything below can be turned into a variable and put into a csv or just added to the script below.

$file= “AssignLicense.log”

$LogName = $MyInvocation.mycommand.Path.replace(“.ps1”, “.log”)

((Get-Date).ToString() + ” Script Started”) | out-file $LogName

Start-Transcript -Path $file -NoClobber:$false

import-csv $args[0] | foreach{

$Error.Clear()

“****************************************************************************”

“Assigning License to ” + $_.email

“****************************************************************************”

try{

Set-MsolUser -UserPrincipalName $_.email -UsageLocation US -ErrorAction SilentlyContinue

Set-MsolUserLicense -UserPrincipalName $_.email -AddLicenses $_.license -ErrorAction SilentlyContinue

}

catch

{

$Error[0].Exception.Message

}

if($Error.count -gt 0){

$Message = “Error Processing : ” + $_.email + ” ” +  $Error[0].Exception.Message

Write-Host $Message  -ForeGroundColor Red

$Message   | out-file $LogName -Append

}

}

Stop-Transcript

How to change a username in Office 365 for login

A single user

Set-MsolUserPrincipalName -UserPrincipalName user@domain.com -NewUserPrincipalName user2@domain.com

List of users by csv

Import-Csv .\users.csv | foreach {Set-MsolUserPrincipalName -UserPrincipalName $_.UPN -NewUserPrincipalName $_.UPN2}

Turn on user auditing

set-mailbox -auditenabled $true -identity username

Turn on impersonation for a service account

New-ManagementRoleAssignment –Role “ApplicationImpersonation” –User user@domain.com

Full Access All Mailboxes

Gives a single user Full Access rights to all mailboxes in the tenant. This is primarily used for administrators of the tenant for oversight. Set auto mapping to ‘False’.

Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq ‘UserMailbox’) -and (Alias -ne ‘Admin’)} | Add-MailboxPermission -User jsmith@contoso.com -AccessRights FullAccess -InheritanceType All -Automapping $false

Password Change

Change the password of a single mailbox user. 

Set-MsolUserPassword -userPrincipalName jsmith@contoso.com -NewPassword “Welcome1” -ForceChangePassword $false

Password Complexity

Changes the password complexity of the tenant from strong to weak. Not recommended, but there have been cases of this occurring. 

Get-MsolUser | Set-MsolUser -StrongPasswordRequired $false

Password Never Expires

Sets a single mailboxes password to never expire. 

Set-MsolUser -UserPrincipalName jsmith@contoso.com -PasswordNeverExpires $true

Remove Forward

Remove all forwards from a single mailbox. This can be done in the portal, but sometimes the modification fails and this script is needed. 

Set-Mailbox -Identity jsmith@contoso.com -DeliverToMailboxAndForward $false -ForwardingSMTPAddress $null

Delete User

Delete a single user mailbox from Office 365. Sometimes this is not possible through the Office 365 portal making this script necessary. 

Remove-MsolUser -UserPrincipalName jsmith@contoso.com‘ -Force

Purge Deleted Users

Removes all deleted mailboxes from the recycle bin. This cannot be reversed, but if an account has an SMTP address or UPN you require, this is necessary. 

Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser –RemoveFromRecycleBin -Force

Store and Forward

Sets a store and forward rule on a single mailbox. This still sends mail to the intended recipient and keeps a copy, but also forwards to the mailbox of your choosing. 

Set-Mailbox -Identity jsmith@contoso.com -DeliverToMailboxAndForward $true -ForwardingSMTPAddress amatthew@contoso.com