Article :: KB00013
Today, I will explain how to connect to your Office 365 tenant using PowerShell to perform day-to-day administration tasks.
PowerShell helps you to manage your Office 365 tenant environment efficiently from the command line. There is two part of this management. One is Azure Active Directory and licenses management, and another is services management like Exchange online, SkypeForBusiness online etc.
Azure Active Directory also has two versions of the PowerShell module currently available for us to connect the Office 365 tenant.
· Azure Active Directory PowerShell for Graph (New and recommended version of cmdlets. The commands have “AzureAD” in their name to differentiate with older version)
· Microsoft Azure Active Directory Module (Older version of cmdlets. These commands have “MSOL” in their name)
Note: I will suggest you to install both the modules. MSOL cmdlets still not yet replaced entirely by the AzureAD cmdlets for the administration of USER, GROUP and Licenses.
Prerequisites
1) Windows Version Supported
· Windows 10
· Windows 8.1
· Windows 8
· Windows 7 Service Pack 1 (SP1)
· Windows Server 2019
· Windows Server 2016
· Windows Server 2012 R2 & 2012
· Windows Server 2008 R2 SP1
2) Microsoft .NET Framework 3.5 feature should enable on your computer.
3) Admin access to Office 365 Tenant.
4) Internet Connection
5) Connectivity with Microsoft Office 365 Services.
6) Make sure PowerShell “ExecutionPolicy” set to RemoteSigned or Unrestricted. Type Get-ExecutionPolicy command in the PowerShell to know the current value.
7) MFA (Multi-factor authentication) should be disabled.
Step-By-Step Process
1) Open PowerShell in Elevated Mode
- Open Windows Powershell
Type PowerShell into RUN and press Enter to open a PowerShell Window.
- Once PowerShell window opens, type the below command to open PowerShell in Elevated Administrator Mode
Type Start-Process PowerShell -Verb RunAs and press Enter.
2) Prevent Truncating the long output
We have to prevent the truncation of long output in the PowerShell. I always use this and suggest the same as well as a best practice. “-1” means unlimited values. Default value is 4, means it will show only first 4 results.
Type the below command in the elevated PowerShell window.
$FormatEnumerationLimit=-1
3) Store Admin Credentials in a Variable
In the next step, we will store the admin credential into a variable for the multiple uses, into the same session. This is temporary and clear once we close the PowerShell Window. I have stored the credential into "$UserCredential" custom variable. You can use your own naming as well.
Type the below command in the PowerShell window and press ENTER.
$UserCredential = Get-Credential
It will prompt for username and password. Type your office365 admin username and password and press
.
3) Install and Connect with AzureAD (newer cmdlet version)
- Type the below command into elevated PowerShell window to install the AzureAD Module on the local computer.
Install-Module -Name AzureAD
Installation will prompt about installing a module from an untrusted repository (don't worry, it is safe to use), type A (Yes to All) and press ENTER. It will install the AzureAD Module on the local computer. It is a one-time activity.
- Post installation, type on of the below command to connect to Azure Active Directory. (Due to data protection laws, compliance and country policies Microsoft has provided different connection URL for China, Germany & US GOV. Check the reference section for the Microsoft Documents link)
Type the below command in the same PowerShell window to connect AzureAD with stored credentials.
Connect-AzureAD -Credential $UserCredential
Region specific Connection URL/Commands
Note: For MFA (Multi-factor authentication) there are additional steps. I will share the details in the separate article soon.
4) Install and Connect with MSOL (older cmdlet version)
- Type the below command into elevated PowerShell window to install the MSOL Module on the local computer. (For Windows Vista, 7, 8, 8.1, Windows Server 2008 & 2008 R2 you need to first download and install Microsoft Online Services Sign-In Assistant.)
Install-Module -Name MSOnline
Installation will prompt about installing a module from an untrusted repository (don't worry, it is safe to use), type A (Yes to All) and press ENTER. It will install the MSOL Module on the local computer. It is a one-time activity.
- Post installation, type on of the below command to connect to Microsoft Azure Active Directory. (Due to data protection laws, compliance and country policies Microsoft has provided different connection URL for China, Germany & US GOV. Check the reference section for the Microsoft Documents link)
Type the below command in the same PowerShell window to connect MSOL with stored credentials.
Connect-MsolService -Credential $UserCredential
Region specific Connection URL/Commands
Note: For MFA (Multi-factor authentication) there are additional steps. I will share the details in the separate article soon.
4) Connect to Exchange Online Services
- Type the below command to establishes a new persistent PowerShell connection with Office 365 Exchange online services.
$EOSSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Region specific Connection URL/Commands
- Type the below command will imports the cmdlets, functions, and aliases, from a PSSession on a local computer into the current session. AllowClobber switch will help to import all the commands.
Import-PSSession $Session -AllowClobber
All the commands in a single block, run them all at one time to connect with Azure Active Directory and Exchange Online Services.
$FormatEnumerationLimit=-1
$UserCredential = Get-Credential
Connect-AzureAD -Credential $UserCredential
Connect-MsolService -Credential $UserCredential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -AllowClobber
References
You can refer below URL's for more details on location specific Microsoft Cloud Services.
Hope you guys liked the article. Do like and share the same.
If you liked this article, do share the same. You can also Buy me a Coffee using Paypal at "paypal.me/duttaavijit", This is purely a volunteer effort. THANK YOU !!!