365 Notes

1. Connect to 365
2. Set-ExecutionPolicy RemoteSigned
3.  
4. // Hit S and enter
5.  
6. $UserCredential = Get-Credential
7.  
8. // Type in admin credentials
9.  
10. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
11.  
12. Import-PSSession $Session
13.  
14. // When finished make sure you enter: Remove-PSSession $Session
15.  
16. Connect to 365 (MFA)
17.  
18. Connect-EXOPSSession -UserPrincipalName snadmin@
19.  
20. Add/Remove Full Access Rights to Mailbox:
21. $UserCredential = Get-Credential
22.  
23. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
24.  
25. Import-PSSession $Session
26.  
27. Add-MailboxPermission TARGETMAILBOX@TENANT.com -User USERGETTINGPERMISSION@TENANT.com -AccessRights FullAccess -AutoMapping $false
28.  
29. Remove Full Access Rights to Mailbox:
30. $UserCredential = Get-Credential
31.  
32. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
33.  
34. Import-PSSession $Session
35.  
36. Remove-MailboxPermission deirdre@maffeilandscape.com -User Awarchal@maffeilandscape.com -AccessRights FullAccess
37.  
38. Convert to shared mailbox
39. Set-Mailbox xxxx@yyyy.onmicrosoft.com -Type shared
40.  
41. Sync AD
42. Start-ADSyncSyncCycle -PolicyType Delta
43. // This is a quick sync that should work for most tasks
44.  
45. Start-ADSyncSyncCycle -PolicyType Initial
46. // This is a more in-depth sync which takes longer but is more thorough, you shouldn’t need to use this unless troubleshooting why a Delta sync is not working
47.  
48. Change UPN (Sign In Address)
49. Connect-MsolService
50.  
51. Set-MsolUserPrincipalName -UserPrincipalName "snadmin@capecdp.onmicrosoft.com" -NewUserPrincipalName "snadmin@capecdp.com"
52.  
53. Change Password
54. Connect-MsolService
55.  
56. Set-MsolUserPassword -UserPrincipalName admin@TENANT.com -NewPassword NEWPASSWORD -ForceChangePassword $False
57.  
58. Enable AD Sync Scheduling
59. Set-ADSyncScheduler -SchedulerSuspended $false
60.  
61. Generate List of Admins
62. $cred = Get-Credential
63.  
64. Connect-MsolService -credential $cred
65.  
66. $role = Get-MsolRole -RoleName "Company Administrator"
67.  
68. Get-MsolRoleMember -RoleObjectId $role.ObjectId | Export-CSV c:\admin list.csv
69.  
70. Increase Mailbox Size
71. Set-Mailbox < UserID > -ProhibitSendQuota < Value > -ProhibitSendReceiveQuota < Value > -IssueWarningQuota <Value>
72.  
73. Set-Mailbox orders@microc.com -ProhibitSendQuota 49GB -ProhibitSendReceiveQuota 50GB -IssueWarningQuota 48GB
74.  
75. Create Encrypted Password File
76.  
77. ConvertFrom-SecureString | Out-File "c:\powershell\password.key"
78.  
79. Change Password - Automated
80.  
81. $TenantUname = "admin@TENANT.com"
82. $TenantPass = cat "c:\powershell\password.key" | ConvertTo-SecureString
83. $TenantCredentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $TenantUname, $TenantPass
84.  
85. Connect-MsolService -Credential $TenantCredentials
86.  
87. Set-MsolUserPassword -UserPrincipalName "test123@TENANT.com" -NewPassword "Bovine34" -ForceChangePassword $False
88.  
89. Set-MsolUser -UserPrincipalName test123@TENANT.com -PasswordNeverExpires $true
90.  
91.  
92. List All Email Addresses and Aliases
93. Set-ExecutionPolicy RemoteSigned
94.  
95. // Hit S and enter
96.  
97. $UserCredential = Get-Credential
98.  
99. // Type in admin credentials
100.  
101. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
102. Import-PSSession $Session
103.  
104. get-mailbox | select -expand emailaddresses alias
105.  
106. // This will generate a giant list, copy and paste it into a notepad or something and then use ctrl F to find the alias you’re looking for
107.  
108. Set Conference Room Calendar Permissions
109.  
110. $LiveCred = Get-Credential
111.  
112. $Session = New-PSSession -ConfigurationName Microsoft.Exchange-ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
113.  
114. Import-PSSession $Session
115.  
116. Set-MailboxFolderPermission -Identity "room@comain.com:\Calendar" -User default -AccessRights PublishingAuthor
117.  
118. Modern Authentication
119.  
120. Set-ExecutionPolicy RemoteSigned
121.  
122. // Hit S and enter
123.  
124. $UserCredential = Get-Credential
125.  
126. // Type in admin credentials
127.  
128. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
129.  
130. Import-PSSession $Session
131.  
132. // Check Status
133. Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
134.  
135. // Turn on
136. Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
137.  
138. // Turn off
139. Set-OrganizationConfig -OAuth2ClientProfileEnabled $false
140.  
141.  
142. Create RMS Templates Manually
143.  
144. $irmConfig = Get-IRMConfiguration
145. $list = $irmConfig.LicensingLocation
146. if (!$list) { $list = @() }
147. if (!$list.Contains($licenseUri)) { $list += $licenseUri }
148.  
149. Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true
150. Set-IRMConfiguration -SimplifiedClientAccessEnabled $true
151.  
152. // To Test
153.  
154. Test-IRMConfiguration -Sender "xxxx@tenant.com"
155.  
156.  
157. Adopt Ubiquiti
158.  
159. set-inform http://wifi.securebiznetworks.com:8080/inform
160.  
161. http://wifi.securebiznetworks.com:8080/inform
162.  
163. set-inform http://unifi.securebiznetworks.com:8080/inform
164.  
165. http://unifi.securebiznetworks.com:8080/inform
166.  
167. OpenDNS Fix
168.  
169. reg add "HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\MICROSOFT\Windows\NetworkConnectivityStatusIndicator" /v UseGlobalDNS /t REG_DWORD /d 1 /f
170.  
171.  
172. Refresh Webroot From CMD
173.  
174. 32-bit
175. "C:\Program Files\Webroot\WRSA.exe" -poll
176.  
177. 64-bit
178. "C:\Program Files (x86)\Webroot\WRSA.exe" -poll
179.  
180.  
181. Change MFA Options
182.  
183. https://aka.ms/mysecurityinfo
184.  
185.  
186. Set Password to Never Expire
187.  
188. WMIC USERACCOUNT WHERE Name='pam' SET PasswordExpires=FALSE
189.  
190. Clear All Inbox Rules on Mailbox
191.  
192. Get-InboxRule -Mailbox "BrianBarth@CCB-Media.com"| Remove-InboxRule
193.  
194. View Calendar Permissions of User
195.  
196. Get-MailboxFolderPermission <UPN of Calendar Owner>:\calendar
197.  
198. Add Calendar Permissions of User
199.  
200. Add-MailboxFolderPermission -Identity <UPN of Calendar Owner>:\calendar -user <UPN of User Gaining Access> -AccessRights <Permission Level, such as PublishingEditor>
201.  
202. Change Calendar Permissions of User
203.  
204. Set-MailboxFolderPermission -Identity <UPN of Calendar Owner>:\calendar -user <UPN of User Gaining Access> -AccessRights <Permission Level, such as PublishingEditor>
205.  
206. Never Use Rich Text Format
207.  
208. Set-RemoteDomain Default -TNEFEnabled $false
209.  
210. Initiate Online Archiving Process
211.  
212. Start-ManagedFolderAssistant –Identity <UserName>
213.