Todd Klindt Todd.klindt@sympraxisconsulting.com @toddklindt www.toddklindt.com www.toddklindt.com/MSPSUG
Agenda
Before you Connect • Except Exchange • $PSVersionTable.PSVersion • Also consider adding PSReadLine if you are not on Win10 • Video walkthrough Install Sign-in Assistant
A Word about Passwords $MyAccount = Get-Credential $username = admin@company.onmicrosoft.com $password = “ RightHereInPlainText ” $secure = $password | ConvertTo-SecureString -AsPlainText – Force $MyAccount = New-Object System.Management.Automation.PSCredential ($username, $secure) Use an encrypted file
Windows Credential Manager
PowerShell Use Credential Manager
A Quick Word about MFA Enable MFA at the tenant (AzureAD) level Create an app password for your account
Connect to your Azure AD Tenant $MyAccount = Get-PnPStoredCredential -Name TenantAdmin -Type PSCredential Connect-MsolService -Credential $MyAccount Get-MsolUSer Get-Command -Module msonline $MyAccount = Get-Credential Connect-AzureAD -Credential $MyAccount Get-AzureADUser Get-Command -Module AzureAD
Fun Gotchas
Don’t Try This At Home
Connect to Skype for Business
Exchange Online Just a little different • No cmdlets, uses Remoting • Limited to three sessions • Requires port 80 • Close out gracefully • Remove-PSSession $Session • Supports MFA
License Up That New Mailbox
PowerShell with SharePoint Online • Users and groups • Tenants • Site Collections • Hub Sites • Multi-Geo Download here
Connect to SharePoint online
Things to install Install Sign-in Assistant Install MSOnline Module Install Azure AD Module Install SharePoint Online Module Install Skype for Business Online Module Office 365 PowerShell Module Installs Update the modules
Install them all
Updating the Modules PowerShell to Update your PowerShell Modules
Example script
Real world example Param( [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string] $User ) # Add the Active Directory bits and not complain if they're already there Import-Module ActiveDirectory -ErrorAction SilentlyContinue # Add the Azure Active Directory module Import-Module MSOnline
# Define AD group that is synced to AAD and is used for ODFB audience $syncgroupname = "CloudSync" $syncgroup = Get-ADGroup $syncgroupname # First, add the user to the group Add-ADGroupMember -Identity $syncgroupname -Members $User # Remind them to recompile their SharePoint audience Write-Host "You'll need to recompile your SharePoint audience to reflect the group change" # Sync up to Azure AD Start-ADSyncSyncCycle
# Now tweak the user in Azure AD, First connect Connect-MsolService -Credential (Get- StoredCredential -Target Admin) # Azure AD domain suffix $aadsuffix = (Get-MsolDomain | Where-Object - Property IsDefault -Value $true -EQ).name # Get the user $aaduser = "$user@$aadsuffix"
# Set the user's location. Without that the license will fail Set-MsolUser -UserPrincipalName $aaduser -UsageLocation “US" $license = "tkdemo:O365_BUSINESS_PREMIUM” # Set the user's license Set-MsolUserLicense -UserPrincipalName $aaduser - AddLicenses $license
Microsoft Teams!! • Woo Hoo! • PowerShell Support • https://blogs.technet.microsoft.com/skypehybridguy/2017/11/07/microsoft- teams-powershell-support/ • For automating all those Teams Tasks • Install-Module MicrosoftTeams
Flow and PowerApps • Flow and PowerApps • For both creators and Admins • Get list of all Flows and PowerApps • Kind of a janky install • Install-Module -Name Microsoft.PowerApps.Administration.PowerShell • Install-Module -Name Microsoft.PowerApps.PowerShell - AllowClobber
Office 365/Unified Groups • No Groups module • MSOL / Azure • Exchange • Teams • PnP PowerShell
The Sneaky Way: CSOM with PowerShell SharePoint 2016 Client SDK
Top Of Script
Get-SPOweb http://www.sharepointnutsandbolts.com/2013/12/Using-CSOM-in- PowerShell-scripts-with-Office365.html
More Examples
Patterns and Practices PowerShell (Phew!) Github • https://github.com/SharePoint/PnP-PowerShell
Favorites • PnPFile • Set-PnPGroupPermissions • Add-PnPFile, Copy-PnPFile • Add-PnPView • Find-PnPFile, Get-PnPFile • Get-PnPField • Move-PnPFile, Remove-PnPFile • Rename-PnPFile • Restore-PnPRecycleBinItem • Set-PnPFileCheckedIn • Office 365 Groups • Set-PnPFileCheckedOut • New-PnPUnifiedGroup, Remove- • PnPList PnPUnifiedGroup • Add, Get, Set, Remove • Get-PnPUnifiedGroup, Set- • Get-PnPListItem PnPUnifiedGroup • Get-PnPUnifiedGroupMembers • Set-PnPListItem • Get-PnPUnifiedGroupOwners • Get-PnPProperty
But my Boss HATES PnP PowerShell! Vesa Juvonen PowerShell Gallery RenCore • Exceptions are approved by SharePoint Engineering team • Can be more secure, as it can be more fine grained
How do I keep up? https://www.toddklindt.com/POSHOffice365Modules
Upload a File https://tenant.sharepoint.com/sites/hr
Add a Folder Get-PnPProperty
Get Internal Shared Files
Get Extended File Info Connect-PnPOnline -Url $url -Credentials MeganB $doclibs = Get-PnPList -Includes DefaultViewUrl,IsSystemList | Where-Object -Property IsSystemList -EQ -Value $false | Where-Object -Property BaseType -EQ -Value "DocumentLibrary “ Foreach ($doclib in $doclibs) { $doclibTitle = $doclib.Title $docs = Get-PnPListItem -List $DocLib $docs | ForEach-Object { Get-PnPProperty -ClientObject $_ -Property File, ContentType, ComplianceInfo} foreach ($doc in $docs) { [pscustomobject]@{Library= $doclibTitle;Filename = ($doc.File).Name;ContentType = ($doc.ContentType).Name;Label = ($doc.ComplianceInfo).ComplianceTag} }
Bulk Undelete Files https://sadtenant.sharepoint.com/ baduser@sadtenant.phooey https://www.toddklindt.com/PoshRestoreSPOFiles
New Site and Group • No Group, No Team, No Bueno • Can be Groupified later • Group, No Team • Can be Teamified later
The Whole Enchilada • There is no later!
“Save Site as Template”
Copy Office 365 Group Permissions
https://www.toddklindt.com/PoshCopyO365GroupMembers
Get All the Flows
Get Your Flows
Disable Flow Button Connect-SPOService -Url https://flowhater-admin.sharepoint.com $val = [Microsoft.Online.SharePoint.TenantAdministration.FlowsPolicy]::Disabled Set-SPOSite -Identity https://flowhater.sharepoint.com/sites/SadSite - DisableFlows $val Connect-PnPOnline -Url https://flowhater.sharepoint.com/sites/SadSite - Credentials ‘ SiteAdmin' Set-PnPSite -DisableFlows:$true
And PowerApps Apps
Recommend
More recommend
