« Previous 1 2 3 Next »
Managing Office 365 in PowerShell
Remote Office
Managing Users
In addition to the cmdlets already mentioned, other commands let you create, manage, and delete users in Office 365. The most important cmdlets in this area include:
New-MsolUser
– Create a new user. For example, to create a new user with a short command, useNew-MsolUser -UserPrincipalName "<email address>" -DisplayName "<display name>"
. The commandlet generates the password and displays it.Remove-MsolUser
– Delete the user and return the assigned licenses. After that, the user can still sign in for 30 days.Restore-MsolUser
– The user's original state is restored. This works up to 30 days after deletion. However, you can permanently delete mailboxes to prevent them from being restored.Set-MsolUser
– Update a user and change their settings.Set-MsolUserPassword
– Change the password.
To view all of the user management cmdlets, type Get-Command *msoluser*
(Figure 3). The commands available for group administration are shown by typing get-command *msolgroup*
.
For example, if you want to specify that a user password never expires, use
Set-MsolUser -UserPrincipalName <Username> -PasswordNeverExpires $True
Without this option, the corresponding user must change their password every 90 days. $False
lets you reverse this option. It is also possible to activate complex passwords for a user, which is what the -StrongPasswordRequired
option does:
Set-MsolUser -UserPrincipalName <username> -StrongPasswordRequired $True
$False
disables this function.
As mentioned earlier, a user resides for 30 days in the Recycle Bin when you delete them and can be restored from the Recycle Bin using Restore-MsolUser
. The following command displays deleted mailboxes that can be restored:
Get-MsolUser -ReturnDeletedUsers | fl UserPrincipalName, ObjectID
If finally you want to delete a user, use their ObjectID
:
Get-MsolUser -Remove-MsolUser -ObjectID GUID -RemoveFromRecycleBin -Force
Additionally, you can use the command
Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force
to erase individual users, as well as remove all users from the Recycle Bin.
Connecting to the Exchange Management Shell
Office 365 accounts and a local Exchange server are used in parallel in many environments. It thus makes sense to make the commands from the Exchange Management Shell available in PowerShell in addition to Office 365 cmdlets. To do this, first store the Office 365 login credentials in a variable:
$cred = Get-Credential
Open a connection to Office 365 and the Exchange Management Shell:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange \ -ConnectionUri https://ps.outlook.com/powershell \ -Credential $cred -Authentication Basic -AllowRedirection
Then, import this data with Import-PSSession $Session
.
Exchange Online Protection
Microsoft offers the cloud virus scanner Exchange Online Protection (EOP) for local Exchange installations and for Office 365. This tool is the successor of Forefront Online Protection for Exchange (FOPE). In Office 365, Exchange Online Protection is automatically enabled, which means that incoming and outgoing email is scanned for viruses and spam.
If you also have local Exchange servers, you can send email from your local servers to Office 365, where it is scanned for viruses and then forwarded. This approach also works in both directions with Exchange Server 2013 and with the virus scanner integrated in Exchange 2013.
The following command ensures that Exchange Server 2013 will scan email messages after Exchange Online Protection has scanned them:
Set-MalwareFilteringServer -ForceRescan $true
To check the value, enter:
Get-MalwareFilteringServer | Format-List Name, ForceRescan
This redirection between Exchange and Office 365 is controlled by the MX record in the domain. The wizard for connecting Office 365 with a local Exchange installation adds an additional accepted domain to the Exchange organization for hybrid messaging. This domain is added as a secondary proxy domain. By default, this is the domain.mail.onmicrosoft.com
domain. You can view the accepted domain with:
Get-AcceptedDomain | fl DomainName, IsCoexistenceDomain
In the Exchange Management Shell, you can view the settings by typing Get-HybridConfiguration
.
Besides managing the Office 365 services in the PowerShell, you can also manage other cloud services from Microsoft, such as Windows Azure. The installation file for managing Windows Azure in PowerShell can be found online [8]. After the install, just import the cmdlets by typing Import-Module Azure
. Before you can manage Azure with PowerShell, you must modify your PC so that it connects to Windows Azure.
To begin, enter Get-AzurePublishSettingsFile
and then log in to Windows Azure. Download the file, which the wizard then displays. Enter the Import-AzurePublishSettingsFile <publishsettings File>
command followed by Get-AzureSubscription
.
Microsoft offers the Windows Azure Backup service, which lets you back up data from servers in the cloud. In PowerShell, you can view the available cmdlets for Windows Azure Backup with Get-Command *ob*
(Figure 4). Alternatively, you can use the Get-Command -Module MSOnlineBackup
command. More information about Azure Backup is available in the "Azure Backup" article in this issue.
« Previous 1 2 3 Next »