Scribd
Upload
672 views9 pages

Microsoft 365 Administration

The document discusses various PowerShell scripts and commands for administering Microsoft 365 and Exchange. It covers topics like user administration, managing Exchange features like shared mailboxes and permissions, as well as other functions like setting external contact visibility and troubleshooting issues. Specific scripts are provided to perform actions like setting passwords, mailbox permissions, forwarding emails, and connecting to Exchange online.

Uploaded by

William Dudley
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
672 views9 pages

Microsoft 365 Administration

The document discusses various PowerShell scripts and commands for administering Microsoft 365 and Exchange. It covers topics like user administration, managing Exchange features like shared mailboxes and permissions, as well as other functions like setting external contact visibility and troubleshooting issues. Specific scripts are provided to perform actions like setting passwords, mailbox permissions, forwarding emails, and connecting to Exchange online.

Uploaded by

William Dudley
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Microsoft 365 Administration

Contents
==PowerShell Scripting==............................................................................................................................1
==User Administration==.........................................................................................................................1
'''Open Connection:'''...........................................................................................................................1
'''Set Password with no Force Change:'''..............................................................................................1
'''Set User to Never Expire:'''...............................................................................................................1
'''Set All to Never Expire:'''...................................................................................................................1
'''Show User Password Expiration Policy:'''..........................................................................................1
'''Lock/Unlock User Account:'''............................................................................................................1
'''Remove Automapping'''....................................................................................................................2
'''Change User Principal name all users (onmicrosoft remove)'''.........................................................2
'''Set all user passwords'''....................................................................................................................2
==Managing Exchange==.........................................................................................................................2
'''Connect/Sign in'''..............................................................................................................................2
'''Shared Mailbox'''...............................................................................................................................2
'''Assign Permissions to Calendar'''......................................................................................................3
'''Redirect/Forward Emails'''................................................................................................................3
'''Configure Send As Permissions:'''.....................................................................................................3
'''Grant User Full Access to another Mailbox'''....................................................................................3
'''Grant User Full Access to All Mailboxes'''.........................................................................................3
'''Configure "Send on Behalf of'''.........................................................................................................3
'''Maintain Calendar Subject'''.............................................................................................................3
'''Remove Automapping for Shared Mailbox'''....................................................................................3
'''Force Add Manager of a Distribution Group'''..................................................................................4
'''Remove a License"............................................................................................................................4
'''Change Mailbox type (i.e. User to Shared to conserve License).......................................................4
'''Extend booking period for calendar'''...............................................................................................4
'''To find every alias for each user or DG/DL run the command below'''.............................................4
'''To Get Proxy Addesses from MOP'''..................................................................................................4
==Statistics==...........................................................................................................................................4
''' Last Log on and Log off'''..................................................................................................................4
==External Contacts==.............................................................................................................................5
'''Set an external contact to not display in GAL'''.................................................................................5
'''Set all external contacts to be hidden from GAL'''............................................................................5
'''Import Contacts to Office 365'''........................................................................................................5
==Obscure Issues==.................................................................................................................................5
'''Recipients of attachments on Mac receive [Link] instead of attachment'''.............................5
Disable for Certain External Domains..................................................................................................5
==Permissions==......................................................................................................................................5
'''Calendars'''........................................................................................................................................5
==Troubleshooting==...............................................................................................................................6
==Links==.................................................................................................................................................6
'''Powershell Commands'''...................................................................................................................6
'''Downloads'''......................................................................................................................................7
'''Microsoft Online Services Module'''.................................................................................................7
'''Microsoft Online Services Sign-In Assistant'''....................................................................................7
Microsoft Training...................................................................................................................................7

==PowerShell Scripting==
Follow the instructions on this link and you won't have to do the multiple connect commands every
time

[Link]

==User Administration==
'''Unlock Powershell(God mode as they call it)'''

Set-ExecutionPolicy unrestricted (hit "y" then enter)

'''Open Connection:'''
$LiveCred = Get-Credential

Connect-MSOLService -Credential $LiveCred


'''Set Password with no Force Change:'''
Set-MsolUserPassword -userPrincipalName username -NewPassword "password"
-ForceChangePassword $false

'''Set User to Never Expire:'''


Set-MsolUser -UserPrincipalName username -PasswordNeverExpires $true

'''Set All to Never Expire:'''


Get-MSOLUser | Set-MSOLUser -PasswordNeverExpires $True

'''Show User Password Expiration Policy:'''


Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires

'''Lock/Unlock User Account:'''


Set-MsolUser -UserPrincipalName user@[Link] –blockcredential $false

Set-MsolUser -UserPrincipalName user@[Link] –blockcredential $true

'''Remove Automapping'''
Add-MailboxPermission -Identity JeroenC -User 'Mark Steele' -AccessRight FullAccess -InheritanceType
All -Automapping $false

''first remove full access permissions then use this command to re-add without automapping''

'''Change User Principal name all users (onmicrosoft remove)'''


Get-MsolUser | Where { -Not $_.[Link]().StartsWith(“admin@”) } | ForEach
{ Set-MsolUserPrincipalName -ObjectId $_.ObjectId -NewUserPrincipalName
($_.[Link](“@”)[0] + “@[Link]”) }

'''Set all user passwords'''


Get-msoluser |set-msoluserpassword -newpassword “password” -forcechangepassword $false

==Managing Exchange==
'''Connect/Sign in'''
1. Set-ExecutionPolicy unrestricted
2. Connect-MsolService (skip this step)

3. $LiveCred = Get-Credential (skip this step)

4. $Session = New-PSSession -ConfigurationName [Link] -ConnectionUri


[Link] -Credential $LiveCred -Authentication Basic –AllowRedirection

5. Import-PSSession $Session

'''Shared Mailbox'''
1. (create security group 1st)

2. New-Mailbox -Name "Name" -Alias aliasname -Shared

3. Set-Mailbox aliasname -ProhibitSendReceiveQuota 5GB -ProhibitSendQuota 4.75GB


-IssueWarningQuota 4.5GB

4. Add-MailboxPermission "Name" -User securitygroup -AccessRights FullAccess

5. (assign Send As Permission) Add-RecipientPermission "Name" -Trustee securitygroup -AccessRights


SendAs

*Or you can use the \\drobo-fs\Public\WilliamTools\SharedMailboxTool

'''Assign Permissions to Calendar'''


Add-MailboxFolderPermission -Identity username:\Calendar -AccessRight ReadItems -User
usernamegivenrights

More Access Rights can be found at [Link]

or

Get-MailboxFolderPermission -Identity share-mailbox-01:\calendar

set-MailboxFolderPermission -Identity share-mailbox-01:\calendar -User default -AccessRights owner

'''Redirect/Forward Emails'''
Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress
forwarding@address

'''Configure Send As Permissions:'''


Add-RecipientPermission -Identity <Mailbox ID 1> -Trustee <Mailbox ID 2> -AccessRights SendAs
'''Grant User Full Access to another Mailbox'''
Add-MailboxPermission -Identity <Mailbox ID 1> -User <Mailbox ID 2> -AccessRights FullAccess
-InheritanceType All

'''Grant User Full Access to All Mailboxes'''


Get-Mailbox |% {Add-MailboxPermission $_.Name -User "cwadmin" -AccessRights FullAccess;}

'''Configure "Send on Behalf of'''


Set-Mailbox -Identity <Mailbox ID 1> -GrantSendOnBehalfTo <Mailbox ID 2>

'''Maintain Calendar Subject'''


Set-CalendarProcessing -Identity “room mailbox” -DeleteSubject $false -AddOrganizerToSubject $false

'''Remove Automapping for Shared Mailbox'''


$FixAutoMapping = Get-MailboxPermission sharedmailbox |where {$_AccessRights -eq "FullAccess"
-and $_IsInherited -eq $false}

$FixAutoMapping | Remove-MailboxPermission

$FixAutoMapping | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User


-AccessRights:FullAccess -AutoMapping $false}

'''Force Add Manager of a Distribution Group'''


Set-DistributionGroup -Identity 'Distribution Group' -BypassSecurityGroupManagerCheck -ManagedBy
'TheManager'

'''Remove a License"
Get-MsolAccountSku

Set-MsolUserLicense -UserPrincipalName user@[Link] -RemoveLicenses "Value from Command


Above ([Link]:value)"

'''Change Mailbox type (i.e. User to Shared to conserve License)


set-mailbox -identity user@[Link] -type shared

* Note - Don't forget to change quotas if changing to shared.


'''Extend booking period for calendar'''
Set-CalendarProcessing -Identity "ROOM NAME" -BookingWindowInDays 1080

'''To find every alias for each user or DG/DL run the command below'''
Get-Recipient | FL name, @{name=”count”;expression={[array]
($_.EmailAddresses).Count}},EmailAddresses

Get-MSOLuser -User user@[Link] |Select -Expand Proxyaddresses

Get-MSOLuser |Select -Expand Proxyaddresses

'''To Get Proxy Addesses from MOP'''


Get-Msoluser | FL DisplayName,ProxyAddresses

==Statistics==

''' Last Log on and Log off'''


Get-Mailbox -Resultsize Unlimited | Get-MailboxStatistics | FL displayname, LastLogonTime | FL | Out-
file “C:\Users\UserDesktopName\Desktop\[Link]”

Get-LogonStatistics -Identity user@[Link]

==External Contacts==
'''Set an external contact to not display in GAL'''
Set-MailContact -Identity <Object@[Link]> -HiddenFromAddressListsEnabled $true

'''Set all external contacts to be hidden from GAL'''


Get-MailContact |Set-MailContact -hiddenfromaddresslistsenabled $true

'''Import Contacts to Office 365'''


[[Link] Sample External Contacts CSV File]

[[Link] Instructions]

==Obscure Issues==
'''Recipients of attachments on Mac receive [Link] instead of attachment'''
Disable TNEF for All Domains

Set-RemoteDomain Default -TNEFEnabled $false

Disable for Certain External Domains


New-RemoteDomain -Name DomainAlias -DomainName [Link]

Set-RemoteDomain DomainAlias -TNEFEnabled $false

==Permissions==
'''Calendars'''

None - FolderVisible

Owner - CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible,


EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems

PublishingEditor - CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems,


EditAllItems, DeleteOwnedItems, DeleteAllItems

Editor - CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems,


DeleteOwnedItems, DeleteAllItems

PublishingAuthor - CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems,


DeleteOwnedItems

Author - CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems

NonEditingAuthor - CreateItems, ReadItems, FolderVisible

Reviewer - ReadItems, FolderVisible

Contributor - CreateItems, FolderVisible

AvailabilityOnly - View only availability data

LimitedDetails - View availability data with subject and location

==Troubleshooting==
ERROR: "Import-Module : There were errors in loading the format data file..."

SOLUTION 1: Run powershell as administrator.

SOLUTION 2: Run "Get-ExecutionPolicy". If it is set to restricted, Run "set-executionpolicy


remotesigned".
==Links==
'''Powershell Commands'''
[[Link] Powershell cmdlets for
Office 365]

[[Link] Available Powershell Cmdlets in Exchange Online]

[[Link] Configuring Mail Forwarding]

[[Link] -
Converting mailboxes into

shared mailboxes

[[Link] Useful Powershell Scripts for


Office 365]

'''Downloads'''
[[Link]
[Link] Office 365 Desktop Updates]

'''Microsoft Online Services Module'''


[[Link] Microsoft Online Services Module for Windows
PowerShell (32-bit version)]

[[Link] Microsoft Online Services Module for Windows


PowerShell (64-bit version)]

'''Microsoft Online Services Sign-In Assistant'''


[[Link] Microsoft Online Services Sign-In Assistant (IDCRL7) –
32 bit version]

[[Link] Microsoft Online Services Sign-In Assistant (IDCRL7) –


64 bit version]

Microsoft Training
[Link]
[Link]
This site usually addresses the latest notes and issues seen.

[Link]

You might also like