Microsoft is constantly improving their web-based Office 365 administration tool but there are still sometimes things that need to be done with the PowerShell tool. It also provides more granular control and the ability to automate complex tasks through scripting. Below I’ll describe how to connect to Office 365 and Azure with PowerShell.
The first step is to install two additional tools for PowerShell. You need both the Microsoft Online Services Sign-In Assistant for IT Professionals and the Azure Active Directory Module for Windows PowerShell (64-bit). They are located on Microsoft’s web site: https://technet.microsoft.com/en-us/library/jj151815.aspx.
The next step is to open PowerShell. This is already included with Windows 7 and 8.x. The easiest way to run it is to click on Start or hit the Windows key and type “powershell”. A list of matches for that keyword will appear in the menu. Right-click on the plain “Powershell” and select “Run as Administrator.”
By default, both Windows 7 and 8 have restrictions on running scripts so we need to make a one-time change. You don’t have to do this every time you run PowerShell. You can verify the current script settings by running the Set-ExecutionPolicy command.
If it returns Restricted as shown in the above image, run the “Set-ExecutionPolicy RemoteSigned” command to allow the Office 365 scripts to execute. Answer Yes at the prompt.
That concludes the initial setup. Below are two sections that cover Office 365 which allows you to manage the mailboxes and Azure which allows you to manage the user accounts. You can use the same PowerShell window to manage each simultaneously.
Connecting to Office 365
Now let’s assign administrative credentials to a variable for later use. When you enter the “$Cred = Get-Credential” a Windows login box will pop up. Enter the username and password for an administrator level account in your Office 365 deployment.
The next step is to connect to your Office 365 account by entering the following command (this is all on one line):
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “https://ps.outlook.com/powershell/” -Credential $Cred -Authentication Basic -AllowRedirection
Now we can load the Office 365 PowerShell scripts by using the following command:
That’s it! Now you can begin using the Office 365 scripts. For example, you can use the command “Get-Mailbox | Get-MailboxStatistics | ft DisplayName, TotalItemSize” to list all of your users’ mailboxes and the amount of space each is using.
Connecting to Azure Active Directory
The Azure cmdlets let you control the actual user accounts in your Office 365 deployment. To access them, either open PowerShell as described in the previous section or keep using the same window if you’re already connected to Office 365.
The first step is to load the cmdlets:
Next, enter your administrative credentials:
And finally connect to Azure:
Connect-MSOLService -Credential $msolcred
You can now run the Azure cmdlets – for example, to display the password expiration settings for all the accounts use:
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires