Microsoft 365 Admin Center Manages Default Authentication Policy for Exchange Online

The Microsoft 365 admin center includes the ability to manage settings for the default Exchange Online authentication policy. You might have other policies to allow selective access with basic authentication to some protocols; these policies must be managed with PowerShell. Authentication policies are part of the journey to eliminate basic authentication from Exchange Online, now expected to happen in mid-2021.

How to Find and Reassign Orphaned OneDrive for Business Accounts

OneDrive for Business accounts belonging to ex-employees can be reassigned to others during the deletion workflow, but orphan accounts can accumulate over time. This post describes a PowerShell script to find orphan OneDrive accounts and add a user to the site so that anything there can be retrieved.

How to Bulk Assign Policies to Teams Users in Batch Jobs

Teams supports the ability to assign policies to up to 5,000 users with background jobs. This makes it much easier to assign new policies to large groups of users. Unless you like writing your own PowerShell scripts to handle Teams policy assignment, this is definitely something that all Teams administrators need to know about.

How to Archive Microsoft 365 Groups and Teams with PowerShell

Once Microsoft 365 Groups and Teams reach the end of their useful life, it’s good to archive them so that their data stays online and available for eDiscovery. A recent request looked for help to archive 600 Groups at the end of the academic year. The script described here might help solve the problem.

How to Make Sure That You Use the Latest Microsoft 365 PowerShell Modules

Many PowerShell modules are available for Office 365 applications. Keeping them up to date can be a pain, so here’s a PowerShell script to automate the task. Using the latest modules means that you can access new and updated cmdlets, which might make all the difference to your scripts.

How to Generate an Email Report About Deleted Stream Videos

Microsoft Stream doesn’t support Office 365 retention policies, so you can’t make sure that videos are kept for eDiscovery or compliance purposes. But a little lateral thinking and some PowerShell code quickly gives us a solution based on events from the Office 365 audit log, including emailing the report to someone designated to review videos before final deletion.

How to Find Guests in Microsoft 365 Groups and Teams Where Guests are Prohibited

You can apply an Office 365 Sensitivity Label to control different aspects of Groups, Teams, and Sites. One of the settings controls whether guest users are allowed in group membership. We explain how to use PowerShell to search groups assigned a label to block guest access for existing guests, just in case you want to remove them.

The Need to Upgrade PowerShell Scripts that Send Email via Exchange Online

The combination of Exchange Online and PowerShell allows Office 365 admins to send messages for all manner of reasons. These scripts depend on SMTP AUTH connections and change is coming in this area with the deprecation of basic authentication. It’s a good idea to take an inventory of scripts that send email, including those that use the .NET classes to do the job.

How to Track and Report Video Uploads to Stream (Classic)

Microsoft Stream will tell you how much of the tenant storage allocation has been consumed by uploaded videos, but not who’s uploading the videos. You can find out by looking for video upload events in the Office 365 audit log. Once found, it’s a matter of processing the events to extract useful information!

Use Office 365 Audit Data to Highlight Unused SendAs Permissions

I’ve written many articles to explain how to use the Office 365 audit log to report different aspects of the platform. But taking action is much better than just reporting. In this post, we explain how to take a report generated from the Office 365 audit log and use it to drive some actions. In this case, removing the SendAs permission from people who aren’t using it.

How to Report Per-User SharePoint Online Activity

SharePoint Online generates a lot of events in the Office 365 audit log. You can interrogate the log with PowerShell to create per-user reports of their activities. The Search-UnifiedAuditLog cmdlet finds all the necessary data; after that it’s just a matter of filtering and refining the data and then creating the reports.

How to Control Teams Background Effects for Online Meetings

Microsoft has updated the Teams meeting policy to introduce a new control over video filters in Teams meetings. The VideoFiltersMode setting controls if people can use background blur and background effects, including the ability to upload custom images. A client update is needed to respect the new setting. It will come at the end of May.

Upgrades Available for Exchange and SharePoint PowerShell Modules

Microsoft has published updates for the Exchange Online management and SharePoint Online PowerShell modules. Generally it’s a good idea to install the latest version of PowerShell modules for the different Office 365 products, but beware of some gotchas that await the unwary…

Use the Office 365 Audit Log to Find Who Updated a Document

Do you need to find out who updated a SharePoint Online or OneDrive for Business document? Use PowerShell to search the Office 365 audit log for document events and the complete history is available. Well, at least the last 90 days’ history – or 365 days if you have the necessary licenses.

How to Report SharePoint Online Site Usage Data with PowerShell and the Graph

It’s easy to retrieve storage data for SharePoint Online sites with PowerShell, but it’s faster with the Graph. Some disadvantages do exist, but it’s nice to have a choice. TheGraph is faster, especially with large tenants, but the SharePoint Online PowerShell cmdlets can deliver more data.

OneDrive Known Folders and PowerShell Module Installations

PowerShell modules are often updated regularly to add new features and functionality. When the time came to update the Azure Active Directory preview module to 2.0.2.89, things didn’t work so smoothly because the files for the previous version of the module had ended up in OneDrive for Business. The moral of the story is that there’s a reason why the Scope parameter exists for the Install-Module cmdlet.

Stopping Users Updating OWA Autosignatures

If an Office 365 tenant goes to the bother of creating nice OWA autosignatures for users, shouldn’t we also removed the ability to edit the signatures in OWA settings? RBAC seems like the right way to do the job, but in this case, the way RBAC restricts options by removing the right to run cmdlets or parameters means that the block affects other OWA settings. Fortunately, the Exchange developers thought of this and provide an option in OWA mailbox policies to save the day.

Faster PowerShell ForEach Loops to Process Office 365 Data

PowerShell is a great way to get work done with Office 365 data. The downside is that PowerShell can sometimes be slow, which is why we look for ways to speed things up, especially when dealing with some of the “heavier” cmdlets like Get-UnifiedGroup. The good news is that switching loops to use the ForEach method can speed things up. The bad is that you might only squeeze an extra 5% performance out of your code. Is that enough to bother? Your call…

How to Report Email SentAs Other Exchange Online Mailboxes

The SendAs audit event is logged when someone uses the send as permission to send a message from an Exchange Online mailbox. The events are stored in the Office 365 audit log and can be found there with an audit log search. However, things aren’t as straightforward as they are on-premises because some other types of delegated messages turn up in searches. Fortunately, we have a script to help.

Microsoft Pushes Removal of Basic Authentication from Exchange Online to Mid-2021

Covid-19 dealt a blow to Microsoft’s plans to remove basic authentication from 5 connection protocols for Exchange Online and forced them to postpone the removal from October 13, 2020 to sometime in the second quarter of 2021. The news is disappointing because basic authentication is a weakness exploited by many hackers. But you can’t plan for a pandemic and Office 365 tenants need more time to be ready for the deprecation.

How to Report Who Uses SendAs Permission to Send from an Exchange Online Mailbox

Exchange Online mailboxes support SendAs, Send on Behalf Of, and FullAccess permissions. A previous script focused on the FullAccess permission. This version covers all three. It’s also a good example of how you need to pay attention to property sets when writing PowerShell code to use the new Exchange Online REST-based cmdlets.

How to Generate a SharePoint Online Site Storage Usage Report with PowerShell

SharePoint Online comes with a reasonable amount of free storage, but it’s surprising how quickly that storage can be consumed, especially if you use Office 365 retention policies. With that thought in mind, it’s a good idea to check what sites are consuming your SharePoint storage. This post covers how to write a PowerShell script to report SharePoint Online site storage, complete with a couple of bells and whistles.

Reporting Exchange Online Folder Permissions

In addition to mailbox permissions, Exchange Online supports folder-level delegated permissions. Users can create folder delegations through Outlook desktop. Like mailbox permissions, it’s a good idea for tenants to check folder-level delegations to ensure that people don’t keep permissions for longer than they should. We explain how to create a PowerShell script to generate such a report.

Quick and Easy Office 365 License Assignment Report

Office 365 licenses can seem complex, especially when you descend to the level of multi-product license plans. PowerShell makes it easy to generate a quick and simple report of who’s been assigned which license. And best of all, because the code is PowerShell, you can amend it to your heart’s content.

How to Create a Report About Exchange Online Mailbox Permissions

Exchange Online makes it easy to assign delegated permissions for user and shared mailboxes. But permissions assigned to people might not be still necessary, so it’s good to do a periodic check. In this post, we describe a script to scan for permissions on Exchange Online user and shared mailboxes and highlight non-standard permissions in a report generated as a CSV file.

Microsoft Updates Teams PowerShell Module to 1.0.5

Microsoft released Version 1.0.4 of the Teams PowerShell module on March 9. The new module comes with some useful updates and is recommended for anyone working with Teams through PowerShell. And if cmdlets don’t do the job for you, there’s always the Microsoft Graph as you can combine PowerShell and the Graph to solve even more problems.

Microsoft Makes SharePoint Site Swap Available to Large Tenants

Large Office 365 tenants with more than 10,000 seats can now use the SharePoint Online site swap feature to replace an old root site with a new communications site. The site swap must be done with PowerShell and needs a new version of the Invoke-SPOSiteSwap cmdlet. Once you prepare your new site for swapping, everything goes smoothly.

Microsoft Updates Exchange Online Management PowerShell Module

A new version of the Exchange Online management PowerShell module is available. The update includes a number of bug fixes (including some security upgrades) and new features. You should upgrade to the new version as soon as possible and keep an eye out for more changes in the future.

Managing SharePoint Online with PowerShell

Like many other parts of Office 365, you can manage SharePoint Online with PowerShell. At least, you can manage some aspects of SharePoint Online with PowerShell. Microsoft has made it easier to keep up to date with the latest SharePoint Online module and the PnP module, so there’s lots of cmdlets to help Administrators do a better job of automating different aspects of SharePoint Online.

How to Update OWA Signatures with PowerShell

OWA stores user signatures in mailboxes, which makes it a lot easier for Office 365 admins to update signatures centrally with just a few lines of PowerShell and some HTML magic. OK, maybe more than a few lines… but it’s a lot less complicated than it is to mess around with the system registry and points the way to how Microsoft might introduce cloud signatures for all Outlook clients.

How to Update an Outlook for Windows Signature with PowerShell

Microsoft is working on cloud signatures for Outlook, but how can you update signatures for the current versions of Outlook click to run. Here’s our best attempt with PowerShell. The code works, but it could do with some error handing and various improvements before it could go anywhere near production. Think of it as a working example of why cloud signatures will be so much better,.

Using Microsoft Graph API Queries to Process Large Amounts of Data

Writing code to illustrate a point sometimes falls into the trap that things don’t work so well when you scale things up. Take Graph calls for instance. Code that works well with 100 teams isn’t so good with 4,000. The solution is to keep on telling the Graph to fetch data until it’s all in the safe hands of PowerShell, and then process it.

Adding the Same Mailbox to Multiple Distribution Lists

A question asked what the best way is to add a mailbox to multiple distribution lists. The admin UIs do the job for a few lists, but PowerShell is the way to go when you have lots of lists to process. Two approaches are discussed here: one uses an array as the input, the other uses a CSV file.

How to Report Microsoft 365 Groups Deletions Using the Audit Log

Office 365 Groups (and their underlying teams and sites) can be removed by user action or automatically through the Groups expiration policy. By examining records in the Office 365 audit log, we can track exactly when groups are soft-deleted followed by permanent removal 30 days later. All done with a few lines of PowerShell and some parsing of the audit data held in the records.

Reporting Team Deletion Events to Office 365 Administrators

A question asked how to be notified when people delete Teams. The answer lies in the Office 365 audit log, and once we’ve found out when Teams are deleted are who deleted them, we can notifications to administrators via email or by posting to a Teams channel. The administrators can then decide if they should restore the deleted team or let it expire and be permanently deleted after 30 days.

Using the Groups Admin Role

The Groups admin role was added to Office 365 in November 2019 to allow tenants to assign responsibility for day-to-day group management to specific users through interfaces like the Microsoft 365 Admin Center. The role is still relatively unknown and probably not used in many tenants. In this post, we discuss how to use PowerShell to assign the role to those allowed to create new groups.

How to Generate an Activity Report for Microsoft 365 Groups and Teams

After a couple of years, it’s time to update the Office 365 Groups and Teams Activity Report script. Written in PowerShell, the script analyzes the groups in an Office 365 tenant to figure out if each group or team is in active use. Because it’s a PowerShell script, you can amend the code to your heart’s content.

Use the Webhook Connector to Post Microsoft 365 Roadmap Items to Teams Channels

Finding it hard to keep up to date with Office 365? This post describes how to use PowerShell to post recent Microsoft 365 roadmap updates to a Teams channel.The message cards hold details of what an update contains, its status, the posting date, and the technology categories the item covers. Apart from posting to Teams, the script also creates a CSV file holding details of all the roadmap items that you can use for reporting and analysis.

Microsoft Fixes Irritation in Skype for Business Online PowerShell Module

The Skype for Business Online PowerShell module is not well liked. It works differently to other modules and has some oddities, including the ability to disconnect sessions after 60 seconds and fail to reconnect. The new Enable-CsOnlineSessionForReconnection helps to keep sessions going, so that’s one small but irritating oddity off what could be a long list.