This post explains how to manually force and update the global address list in Office 365. Updating the global address list requires to have the Address List Management role. By default, nobody has this role. 1. Assign the AddressList Management role Login with your administrator account to the Office 365 portal. Go to Exchange Admin…
Tag: powershell
Remove disabled users from Distribution Lists & Security Groups in Active Directory
One of my clients had several disabled users showing up in distribution lists and security groups and this was creating unnecessary noise in email, alerts, etc. I highly encourage all administrators to keep their AD neat and tidy. The following PowerShell script searches for disabled users in Groups and Distribution Groups and removes them:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# This script removes all disabled users from all security and distribution groups in the specified "searchOU" Import-Module ActiveDirectory $searchOU = "OU=Groups,DC=domain,DC=local" $adgroup = Get-ADGroup -Filter 'GroupCategory -eq "Security" -or GroupCategory -eq "Distribution"' -SearchBase $searchOU $adgroup | ForEach-Object{ $group = $_ Get-ADGroupMember -Identity $group -Recursive | %{Get-ADUser -Identity $_.distinguishedName -Properties Enabled | ?{$_.Enabled -eq $false}} | ForEach-Object{ $user = $_ $uname = $user.Name $gname = $group.Name Write-Host "Removing $uname from $gname" -Foreground Yellow Remove-ADGroupMember -Identity $group -Member $user -Confirm:$false } } |
…
Convert resource mailbox to a user mailbox
Based on my audit for a client I found that a user mailbox was at sometime converted to a resource mailbox. There is no convert button/ link to switch it back. I still don’t know how, or why this would have happened. Anyways, for someone who may come across this weird issue, here is the…
Find out ‘in cloud’ Distribution Groups
Microsoft Teams was announced yesterday and many want to jump right in. I noticed when users wanted to create teams, new distribution groups started getting added. I wanted to find out my ‘In cloud’ distribution groups and was surprised there was no property for the item. I was able to find out the groups…
Migrate Office365 Photos to AD
Many of my customers have Office365 and have been using Skype for Business for sometime now. It is likely that your organization users have uploaded their profile picture. Now only if there was a way to sync those pictures back to your AD – so it looks neat & nice. There is a way!
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
#MigrateOffice365PhotosToAD.ps1 function Get-Office365Photo($EmailAddress,$Credential) { $wc = New-Object System.Net.WebClient $wc.credentials = $Credential # Build the URL that'll return the jpeg of the user's photo $url = "https://outlook.office365.com/ews/exchange.asmx/s/GetUserPhoto?email=$EmailAddress&size=HR96x96" # Build a path to export it to (.\[email protected]) $outPath = "$pwd\$EmailAddress.jpg" try { # Download the image and save it to the current directory $wc.DownloadFile($url,$outPath) return $outPath } catch { throw $_ } } function Upload-ADPhoto($Username,$FilePath) { # Import the photo into a variable as a byte array $photo = [byte[]](Get-Content $FilePath -Encoding byte) # Replace the current value of thumbnailPhoto with the byte array from above Set-ADUser $Username -Replace @{ThumbnailPhoto=$photo} } # Get the credential to allow us to download the images $Cred = Get-Credential -Message "Please enter your Office 365 Credentials" # Get every mail-enabled AD user $users = Get-ADUser -ldapfilter '(mail=*)' -properties mail # For each of the mail-enabled users... foreach ($user in $users) { try { # Download the photo $photoPath = Get-Office365Photo -EmailAddress $user.mail -Credential $Cred # Upload the photo Upload-ADPhoto -Username $user -FilePath $photoPath } catch { Write-Warning "Unable to update image for $($user.mail)" } } |
…
Active Directory: Changing passwords for users in bulk using a .csv file
Many accounts in your AD might need a password change. What if you want to do this in bulk ? First, we need to the userlist. Depending on your requirements we need to get a list of users (specifically samaccountname). For random password generation I recommend using http://manytools.org/network/password-generator/ as it can generate up 1000 for…
Extending the Booking days for Conference Room Calendar (Resource)
By default Office365 limits Resource booking days to just 180 days. The maximum days it can be booked for 1080 days. I like to make resource booking days 1 year from the day of making the reservation/ appointment. Now instead of visiting each calendar and making the change, powershell can help us out.
1 2 3 4 5 6 7 8 9 |
#Connect to Office365 $cred = Get-Credential Import-Module MSOnline Connect-MsolService -Credential $cred $s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection $importresults = Import-PSSession $s #Get all the Rooms and make the booking days to 365 Get-MailBox | Where {$_.ResourceType -eq "Room"} | Set-CalendarProcessing -BookingWindowInDays 365 |
Happy…
Check Proxy settings from Powershell
To check the proxy settings like ProxyOveride or if it is enabled or not:
1 |
Get-ItemProperty -Path "Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" |
To disable proxy from PowerShell:
1 |
Set-ItemProperty -Path "Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" ProxyEnable -value 0 |
To enable proxy from PowerShell:
1 |
Set-ItemProperty -Path "Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" ProxyEnable -value 1 |
Change the password age in bulk for Active Directory accounts
Ran into an interesting situation where pretty much all domain accounts did not follow the default password policy and had the option of ‘password never expires’ checked. I needed to fix this immediately without impacting the users and expiring any accounts that may affect the business. I needed to adjust the password age for all…
Disable Office group creation
Every Exchange user has an OWA mailbox policy that governs what they can and can’t do with their mailbox. Updating this mailbox policy removes the ability for users to create Groups. Because OWA policies are per user, you can limit the ability to create Groups for some users and not others. At this time, the…