office365 – Mohammed Wasay

Add Alternate Email Address or Recovery Email Address for Office365 Administrator

September 6, 2017 by mo wasay

In Office365, depending on the admin role of an account you may want to add an alternate email address for password recovery. This is a basically a self-service password reset for Administrators of Office365. Quick way to do this is with PowerShell:

#Connect to Office365
Import-Module MSOnline
Connect-MsolService
$O365Cred = Get-Credential
$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session

#Check if the user has an Alternate Email Address (Recovery Address)
Get-MsolUser -UserPrincipalName mwasay@domain.com | select -ExpandProperty AlternateEmailaddresses

#Check if the user has an Alternate Email Address (Recovery Address)
Set-MsolUser -UserPrincipalName mwasay@domain.com -AlternateEmailAddresses mwasay@domain2.com

#Connect to Office365

Import-Module MSOnline

Connect-MsolService

$O365Cred = Get-Credential

$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection

Import-PSSession $O365Session

#Check if the user has an Alternate Email Address (Recovery Address)

Get-MsolUser -UserPrincipalName mwasay@domain.com | select -ExpandProperty AlternateEmailaddresses

#Check if the user has an Alternate Email Address (Recovery Address)

Set-MsolUser -UserPrincipalName mwasay@domain.com -AlternateEmailAddresses mwasay@domain2.com

If this setting is unset for an administrator, Office365 gives you a … Read moreAdd Alternate Email Address or Recovery Email Address for Office365 Administrator

Office365: List Your Business Canâ€™t Live Without

April 5, 2017April 5, 2017 by mo wasay

When you have a lot of conference rooms, equipment or special rooms mailboxes it is hard to list or find available free rooms during a particular time slot. Luckily, Office365 and Outlook 2013/2016 have a special feature called ‘Room Lists’, which enable you to find and scheduleÂ a room quickly based on availability and offer … Read moreOffice365: List Your Business Canâ€™t Live Without

Cleaning up Office365 Groups Mess

February 23, 2017 by mo wasay

Office 365 Groups are a shared workspace for email, conversations, files, and events where group members can collectively get stuff done. It compliments the introduction of Microsoft Teams. The main thing to keep in mind is that this feature is still evolving. Why is it important to control Office 365 Group creation? This feature is … Read moreCleaning up Office365 Groups Mess

Set password never to expire for users in a particular domain (Bulk mode)

January 3, 2017January 3, 2017 by mo wasay

Let me start by saying that I don’t recommend doing this at all. Password Never Expires is bad security practice, but there are situations that might require it. I had a similar request on how this could be done. Setting it for multiple users:

#Connect of Office365
Import-Module MSOnline
$O365Cred = Get-Credential
$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session
Connect-MsolService â€“Credential $O365Cred 

#Get a List of user that belong to the second domain
$SDusers = Get-MsolUser -All -DomainName "yourseconddomain.com"

#Setting the password never to expire
ForEach($SDuser in $SDusers)
{
    Set-MsolUser -UserPrincipalName $SDuser -PasswordNeverExpires $true
}

#Connect of Office365

Import-Module MSOnline

$O365Cred = Get-Credential

$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection

Import-PSSession $O365Session

Connect-MsolService â€“Credential $O365Cred

#Get a List of user that belong to the second domain

$SDusers = Get-MsolUser -All -DomainName "yourseconddomain.com"

#Setting the password never to expire

ForEach($SDuser in $SDusers)

{

Set-MsolUser -UserPrincipalName $SDuser -PasswordNeverExpires $true

}

Setting it for a single user:

Get-MSOLUser -UserPrincipalName user@domain.com | Select PasswordNeverExpires

1	Get-MSOLUser -UserPrincipalName user@domain.com \| Select PasswordNeverExpires

Get PasswordAge for users in a particular domain

January 3, 2017 by mo wasay

In Office365 if you have more than one domain in a subscription, there are times where you may want to get the password age for users of that domain. In my case to check which users are covered and meeting policy and get the users addressed.

Get-MsolUser -All -DomainName "yourdomainname.com" | select DisplayName, LastPasswordChangeTimeStamp,@{Name=â€PasswordAgeâ€;Expression={(Get-Date)-$_.LastPasswordChangeTimeStamp}}

1	Get-MsolUser -All -DomainName "yourdomainname.com" \| select DisplayName, LastPasswordChangeTimeStamp,@{Name=â€PasswordAgeâ€;Expression={(Get-Date)-$_.LastPasswordChangeTimeStamp}}

The output will be similar to:

How to force update GlobalAddressList in Office 365?

December 7, 2016December 7, 2016 by mo wasay

This post explains how to manually force and update the global address list in Office 365. Updating the global address list requires to have the Address List Management role. By default, nobody has this role. 1. Assign the AddressList Management role Login with your administrator account to the Office 365 portal. Go to Exchange Admin … Read moreHow to force update GlobalAddressList in Office 365?

Convert resource mailbox to a user mailbox

November 3, 2016 by mo wasay

Based on my audit for a client I found that a user mailbox was at sometime converted to a resource mailbox. There is no convert button/ link to switch it back. I still don’t know how, or why this would have happened. Anyways, for someone who may come across this weird issue, here is the … Read moreConvert resource mailbox to a user mailbox

Extending the Booking days for Conference Room Calendar (Resource)

October 13, 2016 by mo wasay

By default Office365 limits Resource booking days to just 180 days. The maximum days it can be booked for 1080 days. I like to make resource booking days 1 year from the day of making the reservation/ appointment. Now instead of visiting each calendar and making the change, powershell can help us out.

#Connect to Office365 
$cred = Get-Credential
Import-Module MSOnline
Connect-MsolService -Credential $cred
$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection
$importresults = Import-PSSession $s

#Get all the Rooms and make the booking days to 365
Get-MailBox | Where {$_.ResourceType -eq "Room"} | Set-CalendarProcessing -BookingWindowInDays 365

#Connect to Office365

$cred = Get-Credential

Import-Module MSOnline

Connect-MsolService -Credential $cred

$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection

$importresults = Import-PSSession $s

#Get all the Rooms and make the booking days to 365

Get-MailBox | Where {$_.ResourceType -eq "Room"} | Set-CalendarProcessing -BookingWindowInDays 365

Disable Office group creation

November 3, 2016July 17, 2016 by mo wasay

Every Exchange user has an OWA mailbox policy that governs what they can and can’t do with their mailbox. Updating this mailbox policy removes the ability for users to create Groups. Because OWA policies are per user, you can limit the ability to create Groups for some users and not others. At this time, the … Read moreDisable Office group creation

Get a list of shared mailboxes that are accidentally licensed

August 22, 2016March 16, 2016 by mo wasay

We know that in a hybrid scenario or during migration all shared mailboxes are migrated as a user account and then converted in a shared mailbox. Sometimes admin forget to remove the license for the shared box after conversion and there is no GUI alternative to see if the shared mailbox is licensed. Shared mailbox … Read moreGet a list of shared mailboxes that are accidentally licensed