Load PowerShell Commands
To connect to Office365 via PowerShell:
$Cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic –AllowRedirection
Import-PSSession $Session
Import-Module MSOnline
Connect-MsolService –Credential $Cred
------------------------------------------------------------------------------------------------------
Disconnect
PowerShell Session
Remove-PSSession $Session
[Alternative] rsn $Session
-------------------------------------------------------------------------------------------------------------------
Configure Mailbox Permissions
To view Mailbox Permissions:
Get-MailboxPermission –Identity <MailboxID>
To Add Mailbox Permissions (Full Access):
Add-MailboxPermission -Identity <Mailbox ID 1> -User <Mailbox ID 2> -AccessRights FullAccess -InheritanceType All
In this command line, <Mailbox ID 1> represents the target mailbox; <Mailbox ID 2> is the user who will be granted Full Access permission.
If an administrator wants to grant a user access to a room mailbox, the administrator may want to specify that user as the Owner. To do this, use the following command line:
Add-MailboxPermission -Identity <Mailbox ID 1> -Owner <Mailbox ID 2>
Note Only users who have Exchange mailboxes can be granted access to other mailboxes. Users who do not have mailboxes receive a permissions error when they try to access the other mailboxes.
To verify that the permissions are applied to Mailbox ID 1, use the following command:
Get-MailboxPermission -Identity <Mailbox ID 1> | Select User, AccessRights, Deny
Get-MailboxPermission -Identity “charterdg” | Select User, AccessRights, Deny
In the results, you should be able to confirm that <Mailbox ID 2> has been granted Full Access permission.
To remove the Full Access configuration on a mailbox, use the following command:
Remove-MailboxPermission -Identity <Mailbox ID 1> -User <Mailbox ID 2> -AccessRights FullAccess
-------------------------------------------------------------------------------------------------------
To grant Receive As access, use the steps that are described in the Grant full mailbox access section. Granting full mailbox access in Office 365 Exchange Online covers both the same permissions that are required for Receive As access.
-------------------------------------------------------------------------------------------------------
To view Send as Permissions:
Get-RecipientPermission -Identity <Mailbox ID 1>
To use PowerShell to configure a mailbox so that a user other than the mailbox owner can use that mailbox to send messages, use the following command:
Add-RecipientPermission -Identity <Mailbox ID 1> -Trustee <Mailbox ID 2> -AccessRights SendAs
In this command line, <Mailbox ID 1> represents the target contact/mailbox/distribution group; <Mailbox ID 2> is the user who you want to grant Send As permission.
To verify that the permissions are applied to Mailbox ID 1, using the following command:
Get-RecipientPermission -Identity <Mailbox ID 1> | Select Trustee, AccessControlType, AccessRights
In the results, you should be able to confirm that <Mailbox ID 2> has been granted Send As permission.
Note These permissions can be assigned to a user mailbox or Active Directory group objects.
To remove Send As settings from a mailbox, use the following command:
Remove-RecipientPermission -Identity <Mailbox ID 1> -AccessRights SendAs -Trustee <Mailbox ID 2>
-------------------------------------------------------------------------------------------------------
Configure "Send on behalf" permissions
To use PowerShell to grant a user the ability to send mail on behalf of another user, use the following command:
Set-Mailbox -Identity <Mailbox ID 1> -GrantSendOnBehalfTo <Mailbox ID 2>
Set-Mailbox -Identity mservices -GrantSendOnBehalfTo mservicesdg
Set-Mailbox -Identity support -GrantSendOnBehalfTo supportdg
In this command line, <Mailbox ID 1> represents the mailbox that you want to grant permissions to and <Mailbox ID 2> is the mailbox of the user who you want to grant access.
To verify that the permissions are applied to Mailbox ID 1, use the following command:
Get-Mailbox -Identity <Mailbox ID 1> | Select GrantSendOnBehalfTo
In the results, you should be able to confirm that <Mailbox ID 2> has been granted Send On Behalf permission.
Note These permissions can be assigned to a user mailbox or mail-enabled Active Directory security group objects.
To remove Send On Behalf permission from a mailbox, use the following command:
Set-Mailbox -Identity <Mailbox ID 1> -GrantSendOnBehalfTo $NULL
------------------------------------------------------------------------------------------------------
Calendar Permissions
To view permissions:
Add-mailboxpermission –identity <MailboxID:\calendar>
Note: do not use the @domain for this first MailboxID
Add-mailboxpermission –identity <MailboxID:\calendar> -user <MailboxID2> -AccessRights< attribute>
Note: Most used attributes are Owner, Editor, Publishing Editor, Reviewer
To Change Permissions:
Set-mailboxpermission –identity <MailboxID:\calendar> -user <MailboxID2> -AccessRights< attribute>
To Remove Permissions:
Remove-mailboxpermission –identity <MailboxID:\calendar> -user <MailboxID2> -AccessRights< attribute>
-------------------------------------------------------------------------------------------------------
Configure email forwarding
To configure mail forwarding for a mailbox by using PowerShell, use the following command:
Set-Mailbox -Identity "<Mailbox ID>" -ForwardingSmtpAddress "<Target SMTP Address>"
In this command line, <Target SMTP Address> can be either internal or external to Exchange Online.
Additionally, IT Gens should use the -DeliverToMailboxAndForward parameter to save a copy of the message to the local mailbox before the message is forwarded to another SMTP address. The following is an example:
Set-Mailbox -Identity "<Mailbox ID>" -ForwardingSmtpAddress "<Target SMTP Address>" –DeliverToMailboxAndForward $true
To verify that the permissions are applied to Mailbox ID 1, use the following command:
Get-Mailbox -Identity <Mailbox ID 1> | Select ForwardingSmtpAddress
To remove email forwarding that is configured on a mailbox, use the following command:
Set-Mailbox -Identity "<Mailbox ID>" -ForwardingSmtpAddress $NULL
-------------------------------------------------------------------------------------------------------
Set-MailboxRegionalConfiguration -Identity <mailboxID> -Language en-us -Timezone "Eastern Standard Time"
-------------------------------------------------------------------------------------------------------
get-user |export-csv c:\users\extoluserlist.csv
Create new conference room:
New-Mailbox -Name "Test Room Mailbox" -Alias rm2 –Room
Ex: New-Mailbox -Name "Conference Room - 1st floor - Lobby" -Alias "lobby_conf" –Room
-------------------------------------------------------------------------------------------------
Add-MailboxPermission -Identity <Mailbox ID 1> -Owner <Mailbox ID 2>
Ex: Add-MailboxPermission -Identity lobby_conf@XYZ.COM -Owner lconrads@XYZ.COM
Change the Office 365 user Principle Name
in Bulk
Script:
-------------------------------------------
$csv = import-csv "C:\temp\UPN.csv"
$csv | Foreach {
$UserPrincipalName = $_.UserID
$NewUserPrincipalName = $_.newuserID
Set-MsolUserPrincipalName -UserPrincipalName $_.UserID -NewUserPrincipalName $_.newuserID
}
----------------------------------------------
.CSV format:
UserID,NewuserID
POC.Abc114@xyz.com,POC.Abc114@xyz.onmicrosoft.com
-------------------------------------------------------------------------------------------------
Open a PowerShell command with Administration credential and run the below two commands:
add-pssnapin Coexistence-Configuration
Start-OnlineCoexistenceSync
-------------------------------------------------------------------------------------------------
---------------------------------------------
$csv = Import-Csv “C:\temp\Contacts.csv”
foreach($line in $csv)
{
New-MailContact -Name $line.DisplayName -ExternalEmailAddress $line.EmailAddress -Alias $line.Alias
}
-----------------------------------------
.CSV format:
DisplayName,EmailAddress,Alias
Test.siemens(Lotus),Test.siemens@abc.com,Test.siemens
Deletion:
-----------------------------------------
$csv = Import-Csv “C:\temp\Remove-Contacts\Contacts.csv”
foreach($line in $csv)
{
Remove-MailContact -Identity $line.Alias -confirm:$false
}
-----------------------------------------
Alias
Test.siemens
Test.siemens1
Test.siemens2
-------------------------------------------------------------------------------------------------
Note: AD Quest PowerShell already installed in AD (PLSIE-DC2)
Get-QADUser -OrganizationalUnit "cg.corp/Service Accounts/O365" | ft FirstName,LastName,name,primarySMTPaddress,Initials
Set Password to Not Expire:
To set
password never to expire for only one user please run below commands:
•
Set-MsolUser
-UserPrincipalName <Microsoft Online Services ID> -PasswordNeverExpires
$true
•
Get-MSOLUser
-UserPrincipalName <Microsoft Online Services ID> | Select
PasswordNeverExpires (verify if it was successful)
---Example---
Set-MsolUser
-UserPrincipalName john@contoso.onmicrosoft.com -PasswordNeverExpires $true
To set
password never to expire for all users please run below commands:
Get-MSOLUser
| Set-MsolUser -PasswordNeverExpires $true
(To verify if it was successful)
Get-MSOLUser | Select UserPrincipalName,
PasswordNeverExpires
-------------------------------------------------------------------------------------------------
CHANGE USER PRINCIPLE NAME
To
update a non-federated user's UPN while they have a license, follow these
steps:
Connect
to Microsoft Online Services by using the Microsoft Online Services Module for
Windows PowerShell
Run the
following PowerShell cmdlet:
Set-MsolUserPrincipalName
-UserPrincipalName [CurrentUPN] -NewUserPrincipalName [NewUPN]
---------------------------------------------------------------------------------------------------
Thank You...
Avishek