Using PowerShell to manage Office 365 can make your work faster, more efficient, and easier. PowerShell gives you access to information about your Office 365 environment that cannot be accessed through the Microsoft 365 admin center and lets you perform bulk operations with a single command. By integrating Office 365 products into a single interface, PowerShell also simplifies user access control and strengthens cybersecurity.
This article explains the most useful Office 365 PowerShell commands for sysadmins. We've divided these commands into three categories — Automation, Reporting, and Configuration — so you can quickly find what you need.
How PowerShell can help you work with Office 365
The Microsoft 365 admin center is great for casual users. Using this system, you can manage your Office 365 user accounts and licenses, as well as services such as Exchange Online, Teams, and SharePoint Online. You can also manage all of these components using PowerShell. Its use greatly simplifies automation and makes your work more efficient.
In particular, there are several key factors that make it easier to manage Office 365 using PowerShell:
- PowerShell for Office 365 shows additional information that you can't see in the Microsoft 365 admin center.
- PowerShell , Office 365;
- Office 365 , PowerShell Office 365 ;
- ;
- PowerShell Office 365 , Office 365. ;
- Office 365 CSV-;
- PowerShell .
All of these features are extremely useful for system administrators. However, it should be noted that PowerShell helps enhance the management of Office 365 , and does not replace the Microsoft 365 admin center. Some tasks will be more efficient through the admin center, and vice versa, some configuration procedures can only be done using PowerShell commands.
Once you master the basics of PowerShell, the system is almost unlimitedly expandable. There are dozens of PowerShell tools that can simplify and speed up system administration, and using the command line will allow you to run scripts to automate frequent and time-consuming tasks.
Finally, try the PowerShell Integrated Scripting Environment (ISE) for all your PowerShell needs. This environment not only makes it easier to write PowerShell scripts, but also improves the interaction with the CLI.
PowerShell commands for Office 365 automation
Instead of manually processing dozens of user accounts, you can use PowerShell to quickly collect, filter, and organize information about your Office 365 users. Then, using the same command line interface, you can perform bulk actions on the desired account.
The most useful PowerShell commands for Office 365 automation are:
1. Connect to Office 365 app using PowerShell
Before you can start using PowerShell for Office 365, you need to download and install the Office 365 Module for Windows PowerShell and connect it to your Office 365 instance.
Here's how to do it:
- Download and install the Microsoft Online Services Sign-in Assistant for IT Pros , RTW .
- Import the PowerShell Online Services Module for Microsoft Azure Active Directory and Office 365 using the following PowerShell commands:
1. Install-Module -Name AzureAD 2. 3. Install-Module -Name MSOnline
- Enter your Office 365 admin credentials:
$Cred = Get-Credential
Now you need to create a PowerShell session as the remote user. This can be done with the following command:
$O365 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Cred -Authentication Basic -AllowRedirection
- Now import the session commands into your local Windows PowerShell session:
Import-PSSession $O365
- Finally, connect your session to all of your Office 365 services using this command:
Connect-MsolService –Credential $O365
This will connect and manage Office 365 PowerShell for your Office 365 instance.
2. Connect to Exchange Online and SharePoint Online using PowerShell
You can connect to Microsoft Exchange Online and Microsoft SharePoint Online to manage these services using PowerShell.
- Connecting to Exchange Online is essentially the same as connecting to Office 365. Here are the relevant commands:
1. $Cred = Get-Credential 2. 3. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Cred -Authentication Basic –AllowRedirection
- Connecting to SharePoint Online is a little more complex and you will need to install additional software.
First, install the SharePoint Online Management Shell component .
Then run the following command from PowerShell:
1. $admin="Admin@enterprise.onmicrosoft.com" 2. 3. $orgname="enterprise" 4. 5. $userCred = Get-Credential -UserName $admin -Message " ." 6. 7. Connect-SPOService -Url https://$orgname-admin.sharepoint.com -Credential $userCred
3. List of available PowerShell cmdlets for Office 365
Cmdlets are the primary type of PowerShell cmdlets for Office 365, and you'll use them the most. PowerShell for Office 365, like most CLIs, lets you see a list of all the available cmdlets for your system.
- To list all available cmdlets for MSOnline, run the following command:
Get-Command -module MSOnline
- You can also run the same command to see a list of all available cmdlets for Azure Active Directory simply by replacing the -module variable :
Get-Command -module AzureAD
4. List of all Office 365 users
One of the most common uses for PowerShell is to get a list of all Office 365 users. In PowerShell, you can do this with just one cmdlet: Get-msoluser .
This cmdlet will show you all Office 365 users with a valid license and will automatically get some basic information about each of them: DisplayName, City, Department, and ObjectID parameters.
- To do this, run the command:
1. Get-MsolUser | Select DisplayName, City, Department, ObjectID
- Then you can see the number of accounts by running a similar command:
1. Get-MsolAccountSku
- And to get a list of services available to you, run this command:
1. Get-MsolAccountSku | select -ExpandProperty ServiceStatus
- Using standard command line logic, these commands can be extended to filter the results. For example, you can group all users based on location by running:
1. Get-MsolUser | Select DisplayName, UsageLocation | Sort UsageLocation, DisplayName
5. Create a new user in Office 365 using PowerShell
PowerShell can be used to automate the process of creating new users on your system. To do this, use the New-MsolUser cmdlet :
To automate the user creation process, use this cmdlet with the appropriate variables:
1. New-MsolUser -UserPrincipalName JSmith@enterprise.onmicrosoft.com -DisplayName "John Smith" -FirstName “John” -LastName “Smith”
After running this command, PowerShell will display information about the user you created, including his temporary password and license status.
6. Change the password in Office 365 using PowerShell
One of the most common and most annoying tasks for system administrators is changing a user's password. Ideally, use a password manager to do this , but PowerShell gives you the ability to automatically update passwords for individual users.
To do this, run the command:
1. Set-MsolUserPassword -UserPrincipalName JSmith@netwrixqcspa.onmicrosoft.com -NewPassword P@SSw0rd!
You can also omit the -NewPassword parameter , in which case the system will automatically generate a random password:
1. Set-MsolUserPassword -UserPrincipalName JSmith@netwrixqcspa.onmicrosoft.com
Windows PowerShell Commands for Reporting
PowerShell for Office 365 is a great reporting tool. Using PowerShell cmdlets makes it quick and easy to access, sort, and correlate information about Office 365 users, as well as information about how they use the system.
It should be noted that most of the reporting cmdlets were deprecated in January 2018. Microsoft has replaced these cmdlets with the new Microsoft Graph Reporting API. This reduced PowerShell's reporting capabilities in Office 365, but all of the older functionality is still available through the Office 365 Security & Compliance Center.
However, when it comes to user and group reporting, PowerShell for Office 365 is still a key tool. Below are some of the most useful reports you can use PowerShell for.
1. Licensing plans
PowerShell has an extremely useful cmdlet that allows you to see a summary of your current licensing plans and available licenses for each plan. To use it, do the following.
To do this, run the command:
1. Get-MsolAccountSku
As a result, you will receive a report containing several key pieces of information:
- AccountSkuld - shows the available licensing plans for your organization;
- ActiveUnits The number of licenses you have purchased for a specific licensing plan.
- WarningUnits The number of non- renewed licenses in the licensing plan that expire at the end of the 30-day grace period.
- ConsumedUnits is the number of licenses that you have assigned to users from a specific licensing plan.
You can also use additional syntax to get more information about your licenses or filter and sort the results. For more information on how to do this, see the Microsoft documentation on Using PowerShell for Reporting .
2. User accounts
Another useful cmdlet for reporting is Get-MsolUser , which returns a list of all Office 365 user accounts. Here's how you can use this command.
Run the command:
1. Get-MsolUser
You will see a complete list of user accounts with matching names. You can also add a number of options to filter the displayed accounts. For example, to get a list of unlicensed users (users who have been added to Office 365 but have not yet licensed any of the services), run the following command:
1. Get-MsolUser -UnlicensedUsersOnly
You can use the where cmdlet to further explore specific accounts .
To combine two cmdlets, use the vertical bar "|": This means that PowerShell for Office 365 will take the results of the first command and send them to the next command. For example, if you only want to display user accounts that do not have a specified location, you can use a command like this:
1. Get-MsolUser | Where {{$_.UsageLocation -eq $Null}}
By adding additional syntax after the pipe "|", you can refine reports and get lists of users with any combination of attributes.
3. Email reports
PowerShell is also a powerful tool for checking email usage and users. In fact, it is one of the main system applications when it comes to reporting. Listed below are some useful reports regarding email:
- You can use PowerShell to get information about every mailbox on your system using the following command:
1. Get-mailbox | get-MailboxStatistics
- You can also get a list of all mailboxes that have not been logged in for 30 days (or any other period you need that means you need to close those mailboxes). To do this, run the command:
1. Get-Mailbox –RecipientType 'UserMailbox' | Get-MailboxStatistics | Sort-Object LastLogonTime | Where {{$_.LastLogonTime –lt ([DateTime]::Now).AddDays(-30) }} | Format-Table DisplayName, LastLogonTime
- — , , . . :
1. Get-MailTrafficTopReport
PowerShell Office 365
PowerShell is also extremely useful for customizing your Office 365 environment. As we point out in our free video tutorial on hidden Office 365 settings that can be unlocked using PowerShell , there are certain configuration options that are only available through the PowerShell interface.
The most useful and commonly used PowerShell commands for configuration are those related to managing user groups and creating new SharePoint sites. These tasks often complicate the work of system administrators, and automating them can save a lot of time.
1. Configure "hidden" parameters using PowerShell for Office 365
As we mentioned earlier, some of the Office 365 configuration options can only be accessed using PowerShell.
The most prominent example is the Skype for Business configuration options. The online admin center for this service contains several options to customize the way it works for your organization. However, with PowerShell, you will have access to more configuration options. For example, standard Skype conferences are set up so that:
- anonymous users can automatically log into each conference;
- participants can record the conference;
- all users in your organization can be designated as presenters.
To change these default settings, you can use Powershell. Here is the command to disable all three of the above options:
1. Set-CsMeetingConfiguration -AdmitAnonymousUsersByDefault $False -AllowConferenceRecording $False -DesignateAsPresenter "None"
If you want to reset the settings to their default values, use the following command:
1. Set-CsMeetingConfiguration -AdmitAnonymousUsersByDefault $True -AllowConferenceRecording $True -DesignateAsPresenter "Company"
This is just one example of hidden parameters that you can access using PowerShell. Visit our free online course to learn more .
2. Manage Office 365 Group Membership Using PowerShell
PowerShell has several cmdlets specifically for working with Office 365 Groups. For example ...
Run the command to see a list of all active groups in Office 365.
1. Get-MsolGroup
This command will also provide you with the hexadecimal ID for each group that you will need to manage your membership.
To add and remove group members, you will also need the hexadecimal ID of their accounts, which can be obtained with the command:
1. Get-MsolUser | Select ObjectID.
Then you can run the appropriate cmdlet to add or remove users from specific groups . To add users, run the following command, replacing the hexadecimal IDs shown in the example with IDs related to your group and the desired user:
1. Add-MsolGroupMember -GroupObjectId 5b61d9e1-a13f-4a2d-b5ba-773cebc08eec -GroupMemberObjectId a56cae92-a8b9-
To remove users from groups, you can run the same command, but with the first part changed:
1. Remove-MsolGroupMember
How Varonis interacts with PowerShell
Varonis complements the use of PowerShell in several ways.
Monitoring
Varonis monitors and validates activity in Office 365 (including configuration changes) and PowerShell commands. This allows you to track any changes that administrators or attackers make using PowerShell.
Administrators must make changes to Office 365 configuration or permissions with a valid change request. This additional level of validation ensures that processes and procedures run smoothly.
Attackers try to use PowerShell to disable security measures or elevate an account. Varonis catches these changes and monitors any other actions that attackers take in Office 365.
Receive alerts and take action
Varonis allows users to run PowerShell scripts when they receive alerts.
The most common use for this feature is to automatically respond to ransomware attacks. The ransomware threat model invokes a script that deactivates the user account and shuts down all the computers they log on to to stop the attack.
Conclusion
PowerShell is an effective tool for working with Office 365. It allows you to quickly access information from the system, generate detailed reports and perform bulk actions. It also lets you access certain Office 365 features that are not available in any other way.
Connecting Powershell to Office 365 is relatively easy, and as a result, you will have access to all of the advanced features listed above. It will also allow you to more easily integrate your Office 365 environment with the Varonis cybersecurity platform and keep sensitive data safe.