How to Update Teams to Send Meeting Invitations to All Members

Teams depends on Microsoft 365 groups. You can add groups as meeting attendees and expect that members of those groups will receive meeting invitations. But they won’t unless you update group settings to force Office 365 to send invitations to all members. The job is easily done with PowerShell, and we show how in this post.

New Exchange Online Admin Center Loses Some Magic, But It’s the Future

Microsoft says that the new EAC is ready to use. While we don’t deny the fact, we think some of the magic that existed in previous portals has gone. PowerShell is replaced by the Graph as the foundation for the EAC. Progress happens, but it’s sad when a feature like command logging is left in the mists of the past.

New Location for Teams Compliance Records Breaks Scripts

Without saying anything, Microsoft changed where Microsoft 365 stores Teams compliance records in user and group mailboxes. The logic behind the change is impeccable even if it will cause PowerShell scripts to break. In addition, any ISV claiming to backup Teams by copying compliance records has some work to do.

Search the Office 365 Audit Log for Events Performed Against Objects

The Office 365 audit log is a great source of information about what happens inside a Office 365 tenant. Searching the audit log takes practice, but it turns up lots of insight. This article covers how to use the ObjectIds and FreeText parameters to find information about what happens to an object,

Microsoft Updates the Exchange Online Management Module (V2.0.3)

Version 2.0.3 of the Exchange Online Management PowerShell module is now available for download. The new release contains many useful enhancements including full support for certificate-based authentication, the ability to restrict cmdlets loaded into a session, and support for simultaneous connections to Exchange Online and the Security and Compliance Center.

Microsoft Launches V1.1.6 of PowerShell Module for Teams

Microsoft has launched version 1.1.6 of the PowerShell module for Teams (MicrosoftTeams). The new module makes the Skype for Business Online connector unnecessary because it contains the New-CsOnlineSession cmdlet needed to create a new session to use the cmdlets used to manage Teams policies.

Monitoring Guest Accounts Added to Teams

You can easily add people from outside your Office 365 tenant to the membership of Teams, but some oversight of who those people are and what teams they join is probably needed. This PowerShell script shows how to find records in the Office 365 audit log and figure out if they relate to the creation of new guest accounts before sending email asking to justify the addition of the new account.

How to Find Inactive Office 365 Accounts Using the Graph API and PowerShell

PowerShell hash tables are very efficient at retrieving data, which is just what’s needed when thousands of Office 365 accounts need processing. Our script to analyze usage data extracted from the Microsoft Graph was turbo-charged when we replaced list objects with hash tables, all of which makes it much easier to identify underused Office 365 accounts and save some money on licensing spend.

Speeding Access to Office 365 PowerShell Data Using Where Instead of Where-Object

The Office 365 for IT Pros eBook includes many PowerShell examples, and while we mostly concentrate on illustrating the principles of how PowerShell is used to solve problems, we do care about performance. Which is why we’re always interested in finding ways to speed up our code. This this article we explore how to use the Where method to replace the Where-Object cmdlet to filter objects. The good news is that it’s an easy way to get better code performance.

Updated Version of the Graph User Statistics Script Available

Office 365 usage data for several workloads is available through the Microsoft Graph. A PowerShell script is available to grab Graph data and use it to figure out if accounts are in active use. V1.2 of GetGraphUserStatisticsReport.PS1 is available in GitHub and should be better performing when processing thousands of accounts.

The 1-2-3 of Exchange Online Certificate Based Authentication for PowerShell

Exchange Online PowerShell is a critical automation tool for many Office 365 tenants. In 2021, Microsoft will remove basic authentication for PowerShell, so it’s time to change over to modern authentication. For scripts that run as batch or background jobs, that means converting to certificate-based authentication. In this post, we explore how to get the self-signed cert to glue everything together.

Analyzing Quarantined Messages with PowerShell

Exchange Online Protection puts problem messages into quarantine if it suspects that they contain spam, malware, or a phishing attempt. Instead of using the Security and Compliance Center GUI to work with quarantined messages, you can analyze details of quarantined messages with PowerShell to create some basic statistics and find messages that should be released.

Microsoft 365 Admin Center Manages Default Authentication Policy for Exchange Online

The Microsoft 365 admin center includes the ability to manage settings for the default Exchange Online authentication policy. You might have other policies to allow selective access with basic authentication to some protocols; these policies must be managed with PowerShell. Authentication policies are part of the journey to eliminate basic authentication from Exchange Online, now expected to happen in mid-2021.

Finding Orphaned OneDrive for Business Accounts

OneDrive for Business accounts belonging to ex-employees can be reassigned to others during the deletion workflow, but orphan accounts can accumulate over time. This post describes a PowerShell script to find orphan OneDrive accounts and add a user to the site so that anything there can be retrieved.

Bulk Policy Assignment for Teams Users

Teams supports the ability to assign policies to up to 5,000 users with background jobs. This makes it much easier to assign new policies to large groups of users. Unless you like writing your own PowerShell scripts to handle Teams policy assignment, this is definitely something that all Teams administrators need to know about.

Archiving Microsoft 365 Groups (and Teams) with PowerShell

Once Microsoft 365 Groups and Teams reach the end of their useful life, it’s good to archive them so that their data stays online and available for eDiscovery. A recent request looked for help to archive 600 Groups at the end of the academic year. The script described here might help solve the problem.

Maintaining Office 365 PowerShell Modules

Many PowerShell modules are available for Office 365 applications. Keeping them up to date can be a pain, so here’s a PowerShell script to automate the task. Using the latest modules means that you can access new and updated cmdlets, which might make all the difference to your scripts.

Reporting Deleted Stream Videos

Microsoft Stream doesn’t support Office 365 retention policies, so you can’t make sure that videos are kept for eDiscovery or compliance purposes. But a little lateral thinking and some PowerShell code quickly gives us a solution based on events from the Office 365 audit log, including emailing the report to someone designated to review videos before final deletion.

Find Guests in Office 365 Groups and Teams Where Guests are Prohibited

You can apply an Office 365 Sensitivity Label to control different aspects of Groups, Teams, and Sites. One of the settings controls whether guest users are allowed in group membership. We explain how to use PowerShell to search groups assigned a label to block guest access for existing guests, just in case you want to remove them.

Upgrading PowerShell Scripts that Use Exchange Online to Send Email

The combination of Exchange Online and PowerShell allows Office 365 admins to send messages for all manner of reasons. These scripts depend on SMTP AUTH connections and change is coming in this area with the deprecation of basic authentication. It’s a good idea to take an inventory of scripts that send email, including those that use the .NET classes to do the job.

Tracking Video Uploads to Stream

Microsoft Stream will tell you how much of the tenant storage allocation has been consumed by uploaded videos, but not who’s uploading the videos. You can find out by looking for video upload events in the Office 365 audit log. Once found, it’s a matter of processing the events to extract useful information!

Use Office 365 Audit Data to Highlight Unused Permissions

I’ve written many articles to explain how to use the Office 365 audit log to report different aspects of the platform. But taking action is much better than just reporting. In this post, we explain how to take a report generated from the Office 365 audit log and use it to drive some actions. In this case, removing the SendAs permission from people who aren’t using it.

Generate Per-User Audit Reports for SharePoint Online Activity

SharePoint Online generates a lot of events in the Office 365 audit log. You can interrogate the log with PowerShell to create per-user reports of their activities. The Search-UnifiedAuditLog cmdlet finds all the necessary data; after that it’s just a matter of filtering and refining the data and then creating the reports.

Microsoft Delivers Control for Teams Background Blur and Effects

Microsoft has updated the Teams meeting policy to introduce a new control over video filters in Teams meetings. The VideoFiltersMode setting controls if people can use background blur and background effects, including the ability to upload custom images. A client update is needed to respect the new setting. It will come at the end of May.

Upgrades Available for Exchange and SharePoint PowerShell Modules

Microsoft has published updates for the Exchange Online management and SharePoint Online PowerShell modules. Generally it’s a good idea to install the latest version of PowerShell modules for the different Office 365 products, but beware of some gotchas that await the unwary…

Use the Office 365 Audit Log to Find Who Updated a Document

Do you need to find out who updated a SharePoint Online or OneDrive for Business document? Use PowerShell to search the Office 365 audit log for document events and the complete history is available. Well, at least the last 90 days’ history – or 365 days if you have the necessary licenses.

Reporting SharePoint Online Site Usage Data with PowerShell and the Graph

It’s easy to retrieve storage data for SharePoint Online sites with PowerShell, but it’s faster with the Graph. Some disadvantages do exist, but it’s nice to have a choice. TheGraph is faster, especially with large tenants, but the SharePoint Online PowerShell cmdlets can deliver more data.

OneDrive Known Folders and PowerShell Module Installations

PowerShell modules are often updated regularly to add new features and functionality. When the time came to update the Azure Active Directory preview module to, things didn’t work so smoothly because the files for the previous version of the module had ended up in OneDrive for Business. The moral of the story is that there’s a reason why the Scope parameter exists for the Install-Module cmdlet.

Stopping Users Updating OWA Autosignatures

If an Office 365 tenant goes to the bother of creating nice OWA autosignatures for users, shouldn’t we also removed the ability to edit the signatures in OWA settings? RBAC seems like the right way to do the job, but in this case, the way RBAC restricts options by removing the right to run cmdlets or parameters means that the block affects other OWA settings. Fortunately, the Exchange developers thought of this and provide an option in OWA mailbox policies to save the day.

Faster PowerShell ForEach Loops to Process Office 365 Data

PowerShell is a great way to get work done with Office 365 data. The downside is that PowerShell can sometimes be slow, which is why we look for ways to speed things up, especially when dealing with some of the “heavier” cmdlets like Get-UnifiedGroup. The good news is that switching loops to use the ForEach method can speed things up. The bad is that you might only squeeze an extra 5% performance out of your code. Is that enough to bother? Your call…

Reporting SendAs Audit Events for Exchange Online Mailboxes

The SendAs audit event is logged when someone uses the send as permission to send a message from an Exchange Online mailbox. The events are stored in the Office 365 audit log and can be found there with an audit log search. However, things aren’t as straightforward as they are on-premises because some other types of delegated messages turn up in searches. Fortunately, we have a script to help.

Microsoft Pushes Removal of Basic Authentication from Exchange Online to Mid-2021

Covid-19 dealt a blow to Microsoft’s plans to remove basic authentication from 5 connection protocols for Exchange Online and forced them to postpone the removal from October 13, 2020 to sometime in the second quarter of 2021. The news is disappointing because basic authentication is a weakness exploited by many hackers. But you can’t plan for a pandemic and Office 365 tenants need more time to be ready for the deprecation.

Reporting Exchange Online Mailbox and SendAs/On Behalf Of Permissions

Exchange Online mailboxes support SendAs, Send on Behalf Of, and FullAccess permissions. A previous script focused on the FullAccess permission. This version covers all three. It’s also a good example of how you need to pay attention to property sets when writing PowerShell code to use the new Exchange Online REST-based cmdlets.

Reporting SharePoint Online Site Storage

SharePoint Online comes with a reasonable amount of free storage, but it’s surprising how quickly that storage can be consumed, especially if you use Office 365 retention policies. With that thought in mind, it’s a good idea to check what sites are consuming your SharePoint storage. This post covers how to write a PowerShell script to report SharePoint Online site storage, complete with a couple of bells and whistles.

Reporting Exchange Online Folder Permissions

In addition to mailbox permissions, Exchange Online supports folder-level delegated permissions. Users can create folder delegations through Outlook desktop. Like mailbox permissions, it’s a good idea for tenants to check folder-level delegations to ensure that people don’t keep permissions for longer than they should. We explain how to create a PowerShell script to generate such a report.

Quick and Easy Office 365 License Assignment Report

Office 365 licenses can seem complex, especially when you descend to the level of multi-product license plans. PowerShell makes it easy to generate a quick and simple report of who’s been assigned which license. And best of all, because the code is PowerShell, you can amend it to your heart’s content.

Reporting Exchange Online Mailbox Permissions

Exchange Online makes it easy to assign delegated permissions for user and shared mailboxes. But permissions assigned to people might not be still necessary, so it’s good to do a periodic check. In this post, we describe a script to scan for permissions on Exchange Online user and shared mailboxes and highlight non-standard permissions in a report generated as a CSV file.

Microsoft Updates Teams PowerShell Module to 1.0.5

Microsoft released Version 1.0.4 of the Teams PowerShell module on March 9. The new module comes with some useful updates and is recommended for anyone working with Teams through PowerShell. And if cmdlets don’t do the job for you, there’s always the Microsoft Graph as you can combine PowerShell and the Graph to solve even more problems.

Microsoft Makes SharePoint Site Swap Available to Large Tenants

Large Office 365 tenants with more than 10,000 seats can now use the SharePoint Online site swap feature to replace an old root site with a new communications site. The site swap must be done with PowerShell and needs a new version of the Invoke-SPOSiteSwap cmdlet. Once you prepare your new site for swapping, everything goes smoothly.