by Alex Verboon
Hello everyone, today I wanted to see application guard for office in action. If you are not familiar with application guard for office, I suggest you read the following articles / documentation. Microsoft Defender Application Guard for Office Application Guard Read More …
Today I received an e-mail from a customer explaining to me that at times they have false positives with e-mail Impersonation. Depending on your configuration the e-mail will end up being moved to the user’s junk folder or into quarantine. Read More …
Yesterday I noticed a tweet from @Pawp81 about a new feature being rolled out in Office 365 to configure user submissions. So, let’s have a look at this. When enabling the ‘Report Message’ add-in in Office 365, users can report Read More …
Last December Microsoft introduced Microsoft Threat Protection (MTP) including advanced hunting that allows us to run queries across multiple data sources i.e. Microsoft Defender ATP and Office 365 ATP. If you haven’t heard yet about MTP I recommend reading Christian Read More …
Just in case you are not familiar with what DKIM is all about but still interested, I suggest you first read Use DKIM to validate outbound email sent from your custom domain in Office 365 If you’re looking for detailed Read More …
Here’s a small cmdlet I wrote today to pull the Office 365 roadmap information with PowerShell.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
Function Get-Office365Roadmap { <# .Synopsis Get-Office365Roadmap .DESCRIPTION Get-Office365Roadmap retrieves Office 365 information .EXAMPLE Get-Office365Roadmap Retrieves the complete Office 365 roadmap information .EXAMPLE Get-Office365Roadmap -Stats Count Name ----- ---- 203 In development 191 Launched 17 Previously released 61 Rolling out 3 Cancelled .PARAMETER Stats Shows the total number of features grouped by deployment status #> [CmdletBinding()] Param( [switch]$Stats ) Begin{} Process{ $roadmapfeatures = Invoke-WebRequest -Uri https://roadmap-api.azurewebsites.net/api/features $features = $roadmapfeatures.Content $rm = ($features) -join "`n" | ConvertFrom-Json } End{ If ($Stats -eq $true) { $rm | Group-Object Status | Select-Object Count,Name } Else { $rm } } } |
Just recently Microsoft announced the general availability of the Office 365 centralized deployment service. I have tested it and it really makes deploying Office Add-ins super easy. The add-in configuration and deployment can be managed through the Office 365 portal Read More …
The Get-MsolUserInformation cmdlet provides an easy way to retrieve all users that are a member or guest and/or are registered in Azure Directory or Active Directory.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 |
function Get-MsolUserInformation { <# .Synopsis Get-MsolUserInformation .DESCRIPTION The Get-MsolUserInformation cmdlet provides an easy way to retrieve all users that are a member or guest and or are registered in Azure Directory or Active Directory. In addition a new property is added to the output called SynchType which is either set to "InCloud" or "ADSynched". .PARAMETER UserPrincipalName The user ID of the user to retrieve. .PARAMETER OutputMode Basic or Detailed. Basic only outputs DisplayName,SynchType,UserPrincipalName Detailed outputs all user attributes .PARAMETER UserType Member or Guest .PARAMETER Directory InCloud = in Azure Directory only, ADSynched = registered in Active Directory and Synched to Azure Directory. .EXAMPLE Get-MsolUserInformation -UserPrincipalName alex@foocorp.com -OutputMode Basic This command shows basic user information for user alex@foocorp.com .EXAMPLE Get-MsolUserInformation -OutputMode Detailed This command retrieves "all" user information for the retrieved users. Use -OutputMode Basic to show the following information: DisplayName,UserType, SynchType,UserPrincipalName .EXAMPLE Get-MsolUserInformation -UserType Member This command retrieves all users that are registered on the tenant and therefore their UserType attribute is set to "Member". Use - Usertype Guest to list all "Guest" users. .EXAMPLE Get-MsolUserInformation -Directory ADSynched This command retrieves all Active Directory Synched users. .EXAMPLE Get-MsolUserInformation -Directory InCloud This command lists all users that are registered in Azure Directory only. .EXAMPLE Get-MsolUserInformation -UserType Member -Directory InCloud This command lists all users that are a member and only registered in AzureDirectory. .EXAMPLE Get-MsolUserInformation -UserType Member -Directory InCloud | Where-Object {$_.PasswordNeverExpires -eq $rue} This command lists all Azure Directory users that have the PasswordNeverExpires property set to true. .NOTES Version 1.0, 20.11.2016, Alex Verboon #> [CmdLetBinding(DefaultParameterSetName="None")] Param ( # The user ID of the user to retrieve. [Parameter(ParameterSetName = "OneUser", Mandatory=$false, ValueFromPipelineByPropertyName=$true )] $UserPrincipalName, # The user type can be Member of Guest [Parameter(ParameterSetName = "Allusers", Mandatory=$false, ValueFromPipelineByPropertyName=$true )] [ValidateSet("Member","Guest")] [string]$UserType, # The source Directory where the user is created, Azure Directory or Active Directory [Parameter(ParameterSetName = "Allusers", Mandatory=$false, ValueFromPipelineByPropertyName=$true )] [ValidateSet("InCloud","ADSynched")] [string]$Directory, # Defines the output mode, Basic or Detailed. [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$true )] [ValidateSet("Basic","Detailed")] [string]$OutputMode="Detailed" ) Begin { Try { Get-MsolDomain -ErrorAction Stop > $null } catch { write-error "You must call the Connect-MsolService cmdlet before calling any other cmdlets" Throw } if (-not $PSBoundParameters.ContainsKey("UserPrincipalName")) { if (-not $PSBoundParameters.ContainsKey("UserType")) { If($Directory -eq "InCloud") { $AzureAdUsers = Get-MsolUser | Where-Object {$_.LastDirSyncTime -eq $null} } Elseif ($Directory -eq "ADSynched") { $AzureAdUsers = Get-MsolUser | Where-Object {$_.LastDirSyncTime -ne $null} } Else { $AzureAdUsers = Get-MsolUser } } Else { if ($Directory -eq "InCloud") { $AzureAdUsers = Get-MsolUser | Where-Object {$_.UserType -eq "$UserType" -and $_.LastDirSyncTime -eq $null} } Elseif ($Directory -eq "ADSynched") { # This will not return any results as users of type "Guest" aren't synched with AD. $AzureAdUsers = Get-MsolUser | Where-Object {$_.UserType -eq "$UserType" -and $_.LastDirSyncTime -ne $null} } Else { $AzureAdUsers = Get-MsolUser | Where-Object {$_.UserType -eq "$UserType"} } } } Else { $AzureAdUsers = Get-MsolUser -UserPrincipalName $UserPrincipalName } } Process { $AzureAdUsers | foreach {$_ | Add-member -MemberType NoteProperty -Name SynchType ` -Value ($synchTypevalue = If ($_.LastDirSyncTime -eq $null) { "InCloud" } Else { "ADSynched" } ) } } End { If ($OutputMode -eq "Basic") { $output = $AzureAdUsers | Select-Object DisplayName,UserType, SynchType,UserPrincipalName } If ($OutputMode -eq "Detailed") { $output = $AzureAdUsers } $output } } |
To get a list of all users that belong to a given role, the Microsoft Azure Active Directory module has a cmdlet Get-MsolRoleMember, however to run the cmdlet you must use the RoleObjectId parameter and provide a value. The possible Read More …
A small PowerShell script that lists all users that have the specified Office 365 AccountSkuid enabled on their account.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
<# .Synopsis Get-Office365AccountSkuLicensedUsers .DESCRIPTION The Get-Office365AccountSkuLicensedUsers cmdlet retrieves the users that have a specific Office 365 subscription (AccountSkuId) assigned. .EXAMPLE Get-Office365LicenseInfo .PARAMETER AccountSkuId The name of an Office 365 AccountSkuId A list of known AccountSkuId's pre-populated. Extend the list if needed, a list of known AccountSkuIDs can be found here: # http://blogs.technet.com/b/treycarlee/archive/2013/11/01/list-of-powershell-licensing-sku-s-for-office-365.aspx Other usefull sources related to licensing # https://technet.microsoft.com/en-us/library/dn771771.aspx # https://technet.microsoft.com/en-us/library/dn771773.aspx Version 1.1 - added ENTERPRISEWITHSCAL license option #> function Get-Office365AccountSkuLicensedUsers { [CmdletBinding()] [Alias()] Param ( # AccountSkuId [Parameter(Mandatory=$true, ParameterSetName = "AccountSkuId", ValueFromPipelineByPropertyName=$true, Position=0)] [ValidateSet("ENTERPRISEPACK","RIGHTSMANAGEMENT","AAD_PREMIUM","PLANNERSTANDALONE","POWER_BI_STANDARD","ENTERPRISEWITHSCAL")] $AccountSkuId ) Begin { } Process { If ($PSBoundParameters.ContainsKey("AccountSkuId")) { $AccountSkuIdUsers = Get-MsolUser | Select-Object DisplayName,UserPrincipalName -ExpandProperty Licenses | Where-Object {$_.AccountSkuId -like "*$AccountSkuId*"} $AccountSkuIdUsers | Select-Object DisplayName,UserPrincipalName } } End { } } |