Skip to content

itpro-tips/Posh365

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 

Repository files navigation

Posh365

Install
Set-ExecutionPolicy RemoteSigned
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force
Install without Admin Access
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force -Scope CurrentUser
Update Posh365
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force
Import-Module Posh365 -Force

Connect

Connect-Cloud Connect to one or more services: Az, AzureAD, Compliance, Exo2, MSOnline, SharePoint & Teams. Credentials are locally encrypted for reuse - no need to reenter credentials the next time you need to connect.

Connect-Cloud -Tenant Contoso -EXO2 -MSOnline -AzureAD
Connect-Cloud -Tenant Contoso -EXO2 -MSOnline -AzureAD -GCCHIGH
Connect-Cloud -Tenant Contoso -EXO2 -MFA #when using MFA
Connect-Cloud -Tenant Contoso -Teams
Connect-Cloud -Tenant Contoso -Teams -GCCHIGH
Connect-Cloud -Tenant Contoso -AZ
Connect-Cloud -Tenant Contoso -AZ -GCCHIGH
Connect-Cloud -Tenant Contoso -SharePoint
Connect-Cloud -Tenant Contoso -Compliance
Connect-Cloud -Tenant Contoso -DeleteCreds #Deletes locally encrypted creds only

New-ExoCBAConnection Create reusable Exchange Online Certificate Based Authentication (CBA) connections

New-ExoCBAConnection -Tenant Contoso
Connect-Cloud -Tenant Contoso -EXOCBA

Exchange_Online_Certificate_Based_Authentication_Function

Connect-CloudMFA Same as Connect-Cloud but includes built-in password manager GUI

Connect-CloudMFA -Tenant Contoso -EXO2 -MSOnline -AzureAD -Teams

Connect-Exchange Connect to Exchange on-premises

Connect-Exchange -Server EXHybrid #Encrypts and reuses creds locally
Connect-Exchange -Server EXHybrid -DontViewEntireForest
Connect-Exchange -Server EXHybrid -DeleteExchangeCreds #Deletes locally encrypted creds only

Export-GraphConfig Use a GUI to save/encrypt ClientID, TenantID, Secret, UserName & Password Connect-PoshGraph Use saved encrypted credentials to connnect to Graph and Azure APIs

Export-GraphConfig -Tenant Contoso
Connect-PoshGraph -Tenant Contoso

Discover Office 365

Get-DiscoveryOffice365 -Tenant Contoso -Verbose

Choose all items & click OK Choose Connection type & click OK

First time running this? Let's install PowerShellGet2:

1. Run: Connect-Cloud -Tenant Contoso -EXO2 2. Sign in as Global Admin & restart powershell when prompted 3. Run: Get-DiscoveryOffice365 -Tenant Contoso -Verbose

Discover On-Premises

Requires RSAT

Get-DiscoveryOnPrem -Verbose

1. Run: Get-Discovery -Verbose 2. Enter name of Exchange Server when prompted 3. Click link for Batches, copy/paste code on-premises 4. Click link for Permissions, copy/paste code on-premises 5. Add both documents to the root of SharePoint > Documents 6. Add BATCH01 to BatchName column in Batches.xlsx for pilot

Document to add to SharePoint Paste code on-premises (not EMS)
Batches.xlsx https://bit.ly/corebatches
Permissions.xlsx http://bit.ly/PermissionsScaled

Migrate from Hybrid to Office 365

Note: Each command presents a GUI for selection and confirmation Connect to Exchange Online. Connect-Cloud -Tenant Contoso -EXO2

Analyze Permissions

Update-MailboxMovePermissionBatch GUI to analyze permissions of mailboxes from Batches.xlsx. Will output new Batches.xlsx to desktop. Can add to SharePoint as new Batches file.

$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
}
Update-MailboxMovePermissionBatch @params

Migrate

Test-MailboxMove Test migration readiness of the mailboxes from Batches.xlsx. Of each user to be migrated, reports PASS or FAIL overall and individual on the following tests:

  • Verifies each smtp address domain is an accepted domain
  • Verifies mail user exists in Exchange Online
  • Verifies mailbox does not exist in Exchange Online
  • Verifies mail user is DirSynced
  • Verifies UserMailboxes accounts are not disabled
  • Verifies Routing Address is valid
  • Verifies UserPrincipalName matches PrimarySmtpAddress (Use -SkipUpnMatchSmtpTest to skip this test)
$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
}
Test-MailboxMove @params

New-MailboxMove Creates new move requests. Example uses batches file in SP site named "migrate". Use links in Discovery On-Premises to create Batches and Permissions files [ Link ]

$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
    RemoteHost    = 'hybrid.contoso.com'
    Tenant        = 'contoso'
}
New-MailboxMove @params
# For GCC/GCCHIGH tenants: use full tenant address as shown below:
$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
    RemoteHost    = 'hybrid.contoso.com'
    Tenant        = 'contoso.mail.onmicrosoft.us'
}
New-MailboxMove @params

Set-MailboxMove Set move requests

Set-MailboxMove -BadItemLimit 300 -LargeItemLimit 400

Suspend-MailboxMove Suspends move requests

Suspend-MailboxMove

Resume-MailboxMove Resumes move requests

Resume-MailboxMove
Resume-MailboxMove -DontAutoComplete

Remove-MailboxMove Removes move requests

Remove-MailboxMove

Complete-MailboxMove Complete move requests

Complete-MailboxMove
Complete-MailboxMove -Schedule #GUI presented to pick time, date, and users

Report on Migration

Get-MailboxMoveStatistics Gets move request statistics for any or all move requests. Multi-select or select all, click OK

Get-MailboxMoveStatistics
Get-MailboxMoveStatistics -IncludeCompleted

Get-MailboxMoveReport Gets full move request report - from present to past. The way it should be

Get-MailboxMoveReport

License

Set-MailboxMoveLicense GUI to license users via AzureAD

Connect to AzureAD Connect-Cloud -Tenant Contoso -AzureAD

Set-MailboxMoveLicense
Set-MailboxMoveLicense -MailboxCSV .\UserPrincipalName.csv

$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
 }
Set-MailboxMoveLicense @params

Get-MailboxMoveLicense Reports on user license Skus via AzureAD

Get-MailboxMoveLicense
Get-MailboxMoveLicense -OneSkuPerLine
Get-MailboxMoveLicense -OneSkuPerLine -ExportToExcel # file saved in Posh365 folder on desktop
Get-MailboxMoveLicense -IncludeRecipientType # Connect to EXO2

$params = @{
    SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
    ExcelFile     = 'Batches.xlsx'
 }
Get-MailboxMoveLicense @params

Get-MailboxMoveLicenseCount Reports on a tenant's consumed and total skus and options

Get-MailboxMoveLicenseCount

Get-MailboxMoveLicenseReport Reports on each user's assigned skus and options, csv and excel output

Get-MailboxMoveLicenseReport -Path C:\temp\

Mail Flow

Message Trace

Trace-Message GUI to trace Exchange Online messages. Select messages & click OK for trace details

Trace-Message # all messages from past 15 minutes
Trace-Message -StartSearchHoursAgo 6.3 -EndSearchHoursAgo 5 -Subject 'From the CEO'
Trace-Message -StartSearchHoursAgo 10 -Sender jane@Contoso.com
Trace-Message -Sender jane@Contoso.com -Recipient emily@Contoso.com

Trace-ExchangeMessage GUI to trace on-premises messages. Select messages & click OK for messageID details

Trace-ExchangeMessage # all messages from past 15 minutes
Trace-ExchangeMessage -StartSearchHoursAgo 10 -ExportToCsv
Trace-ExchangeMessage -StartSearchHoursAgo 10 -ExportToExcel -SkipHealthMessages

Administration

Managed Folder Assistant

Get-MfaStats Return Managed Folder Assistant statistics as an object. Switch to start the MFA too

'jane@Contoso.com' | Get-MfaStats
'jane@Contoso.com' | Get-MfaStats -StartMFA
(Import-CSV .\mailboxes.csv).UserPrincipalName | Get-MfaStats
(Import-CSV .\mailboxes.csv).UserPrincipalName | Get-MfaStats -StartMFA
(Get-EXOMailbox -Properties Office -Filter "Office -eq 'Redmond'").UserPrincipalName | Get-MfaStats
(Get-EXOMailbox -Properties Office -Filter "Office -eq 'Redmond'").UserPrincipalName | Get-MfaStats -StartMFA

Networking

Office365 Endpoints

Get-OfficeEndpoints URLs and IPs, initial and "changes since", CSV and Excel output (click to enlarge)

ME3V6nNhwV

About

Connect. Provision. Maintain.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 100.0%