Automating Office 365 Administration using PowerShell
This is a tutorial for those of you who want to manage your Office 365 platform in a more automated way. We will be covering tasks like importing multiple users, configuring them, creating distribution groups, modifying and deleting existing items. All of these tasks will be done using a single command line in PowerShell and, occasionally, a CSV file.
First of all, make sure you can connect to Office365 by installing the Microsoft Online Services Sign-In Assistant. After that, download and install the PowerShell module for Microsoft Online Services (MSOL). You can read more about these initial steps here: http://technet.microsoft.com/en-us/library/jj151815.aspx
We can now run our first command, to actually connect to our platform:
Connect-MsolService
After we entered our credentials, we can see what are the commands available for this module:
Get-Command -Module MSOnline
Let's say we have a CSV file, given to us by the PR department. It contains a list of the people who will need a new Office365 account. The structure is something like this:
FirstName; SecondName; Department; SSN; PersonalEmailAddress
# Store the file into a variable $users=Import-Csv -Path users.csv # Check out its properties and methods to understand what we can do with it $users | Get-Member
Let's see some practical examples:
- Creating groups for each department:
$users | Group-Object -Property Department | Select-Object -Property Department | ForEach-Object { New-MsolGroup -DisplayName $_ `-Description ("$_"+" Department - Distribution Group") }
- Creating new users:
# We exclude the default domain name and store in a variable only the name of our domain $domainName=Get-MsolDomain | Where-Object {$_.name -notlike "*onmicrosoft.com*"} #Creating the users $users | Select-Object FirstName, LastName, Department, ` @{n="UserPrincipalName";e="$_.FirstName"+"."+"$_.LastName"+"@"+"$domainName.Name"} | ForEach-Object { New-MsolUser -UserPrincipalName $_.UserPrincipalName ` -FirstName $_.FirstName -LastName $_.LastName `-DisplayName ("$_.FirstName" + "$_.LastName") `-Department $_.Department ` -LicenseAssignment "Our_Domain:BPOS_Standard" }
3. While we are waiting we realize we forgot to set the passwords. We wanted it to be something like "Employee + SSN"
$users | Select-Object @{n="UserPrincipalName";e="$_.FirstName"+"."+"$_.LastName"+"@"+"$domainName.Name"}, `@{n="Password";e=("Employee"+"$_.SSN")} | ForEach-Object { Set-MsolUserPassword -UserPrincipalName $_.UserPrincipalName ` -NewPassword $_.Password ` -ForceChangePassword $true }
4. We can now add our newly created users to our newly created groups:
$users | Select-Object Department, @{n="UserPrincipalName";e="$_.FirstName"+"."+"$_.LastName"+"@"+"$domainName.Name"} | ForEach-Object {Add-MsolGroupMembers -groupObjectId $_.Department ` -groupMemberObjectId $_.UserPrincipalName `-groupObjectType "User" }
You can find more details at the following link: Manage Office 365 with Office 365 PowerShell
Other Languages
This article is also available in the following languages: