I'm working on a little script that outputs the current Skype for Business Status of a user.
Available, Busy, Do Not Disturb. etc.
I already experimented a bit and can output a lot of information. The Script works fine but I can't find a status entry.
This is my code so far:
$userCredential = Get-Credential
$sfbSession = New-CsOnlineSession -Credential $userCredential
Import-Module SkypeOnlineConnector
Import-PSSession $sfbSession #connection opens
Get-CsOnlineUser -Identity "buttercup#sup.onmicrosoft.com"
$currentSession = Get-PSSession
Remove-PSSession -Session $currentSession #connection closes
Am I searching on the wrong spot?
If there is any more information I should provide please ask, I hope we can solve this.
For everyone wondering, I solved this problem.
Instead of using the Skype Online Connector, I use the Skype Lync 2013 SDK.
With this simple code, I can achieve what I wanted.
$client = [Microsoft.Lync.Model.LyncClient]::GetClient()
$contact = $client.ContactManager.GetContactByUri("spiderman#marvel.com")
$availabilityId = $contact.GetContactInformation("Availability")
$activity = $contact.GetContactInformation("Activity")
Write-Output ([Microsoft.Lync.Model.ContactAvailability]$availabilityId)
Note that this in this example, there is no need to enter any credentials, because GetClient() already gets the credentials of your open Skype for Business Service.
Related
I am trying to move bulk users(900+) from SfB On-Premise to SfB-Online using Move-CsUser PowerShell Cmdlet. Below is the code snippet:
$INP = Get-Content -Path <txt file path>
$SESSION = New-CsOnlineSession
Import-PsSession $SESSION -AllowClobber
foreach($USER in $INP)
{
Move-CsUser -Identity $USER -Target 'sipfed.online.lync.com' -ProxyPool 'ProxyPool_FQDN' -UseOAuth -Confirm:$False
}
It works fine for 15-20 users and moves them successfully to SfBOnline however, after that it prompts for Office admin credentials again saying "We couldn't sign you in. Please try again" and doesn't accept the credential anymore. Keeps prompting the same.
NOTE:
I have followed all the possibilities from Technet with no luck.
Disabled MFA from the global admin Office account - No luck.
Tried using -UserList parameter to move bulk users - Same issue.
Any help would be much appreciated.
I'm trying to enter a specific session on a remote machine which has credentials.
I have already setup trusted hosts etc.. and have successfully run commands on new virtual sessions.
I would like to enter the session by providing a session ID.
I have seen documentation for each seperate ways but I'm not sure how to combine them, can someone help?
This is what I would imagine it would look like
$username = "exampleUsername"
$password = ConvertTo-SecureString "examplePassword" -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList($username, $password)
$serverNameOrIp = "exampleIp"
$sessionId = 2
Enter-PSSession -Id $sessionId -ComputerName $serverNameOrIp -Credential $cred
However I'm getting very clear invalid argument exceptions which makes sense since the documentation doesn't say anything about this combination:
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/enter-pssession?view=powershell-7
Is there a way to do this? I may be missing something obvious or looking in the wrong place. Many thanks in advance
(for more info)
EDIT:
I am trying to connect to the current interactive user session and run some commands for the user to see. The user is permanently logged in/already logged in and I have their session ID. I just need to use it and connect to it however there are still credentials to use for the machine - I'm unsure how to combine these two.
I'm trying to automate a powershell script which gathers data from O365. I've got a special limited user setup with the privileges required on O365 and also with local logon allowed on the server so that I can "run-as" that user (which I do for all the scripts below. I have verified different, expected errors when running as other users).
The script works fine interactively when credentials are set like this and the session opened:
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
However, if I create the credentials file for automation with:
Get-Credential | Export-Clixml -Path C:\batch\${env:USERNAME}_cred.xml
And then access from the script via:
$cred = Import-Clixml -Path C:\batch\${env:USERNAME}_cred.xml
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
The credential file load appears to succeed. I then get "Access Denied" on the session open, and then of course the rest of the script fails due to the session being null. I'm cutting and pasting the password in all cases (plus have tried many, MANY times including hand typing) so I don't think it's a simple typo issue. Seems more like something I'm fundamentally misunderstanding about powershell. Ultimately I'd like to not just have the credentials automated, but also have it run from task scheduler if there's any special settings above and beyond that I also need.
I don't see anything wrong from your code from PowerShell perspective. I have tested the way you are creating credentials within a company domain and I was able to create new session by importing credential XML file that was created by exporting the credentials the way you did. I then assume it might be MS Exchange related.
I can suggest alternatives for you to try:
# First we need to get the encrypted password:
$TempCred = Get-Credential
# provide credentials to the prompt
# now the encryption to be saved in a file
$TempCred.Password | ConvertFrom-SecureString | Set-Content C:\mypass.txt
This was the encrypted version of your password is saved as a text.
In your automation script you can now do this:
$username = "yourusername"
$password = Get-Content C:\mypass.txt | ConvertTo-SecureString
$cred = New-Object System.Management.Automation.PsCredential($username, $password)
$session = New-PSSession -Credential $cred .....
I am not sure if this works in your case, it worked in my company domain. Once again it worked for me the XML version too. I am just providing alternatives to try if you are not keen to find out as to why the XML way did not work.
I was able to get this working, in my environment at least, by including a call to Import-PSSession:
$Credential = Import-Clixml -Path D:\Modules\O365Credentials.xml
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Credential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Get-Mailbox
Does the account in question have MFA enabled? If so, you might try this.
This script:
Downloads Exchange Online Remote PowerShell Module
Installs Exchange Online PowerShell Module
Connects Exchange Online PowerShell using MFA
Or, you can perform these manually. More information, including a detailed walk-through, is available here:
https://o365reports.com/2019/04/17/connect-exchange-online-using-mfa/
I'm trying to license my users in office365 with a powershell script in tassk scheduler.
First : I have a script to create some users in my domain controller. This script add content (userprincipalname) in a txt file. Example :
- Create user : John Smith
- The script add this in the txt file : john.smith#domain.com
Second : Another script try to license this user. This script are connecting to MSOLService with this cmdlets :
$LOGIN = "svc-365#domain.com"
$MDP = Get-Content "C:\Script\SVC-365.txt" | ConvertTo-SecureString
$Cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $LOGIN,$MDP
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Connect-MsolService -Credential $UserCredential
Import-PSSession $Session -AllowClobber
$User = Get-Content "C:\Script\CreationMail.txt"
foreach ($i in $User) {
Set-MsolUser -UserPrincipalName $i -UsageLocation "FR"
Set-MsolUserLicense -UserPrincipalName $i -AddLicenses "tenantudl:STANDARDWOFFPACK_FACULTY"
}
This script is perfectly working when I manually execute in powershell ISE, but not working in the task scheduler...
If somebody can help me, I will be grateful to him ! :)
Thanks for help !
Which user runs the script in your task?
With credentials that you have saved as a hash value in a text file it can only be decrypted by the user that made the file.
So if you made that file with your user, but the user that is setup to run the task is not the same, say a service account, it cannot decrypt the password and the login will fail.
As a note, I would highly recommend Microsofts new feature to assign licenses by group membership instead of doing it by scripts as Microsoft changes things an scripts break.
It is in preview right now and require an AD Basic license on your account or higher, you can activate a free trial of the EMS license pack in Azure and and this will be enough to activate the feature.
For TaskScheduler scripts, you need to set it up correctly.
Set the "Program/Scritp" to Powershell.exe
Set the "Add arguments" to -ExecutionPolicy Bypass C:\Temp\AddLicence.ps1
(Optional) If your script requires any params then you will need to add them and your "Add Arguments" field ends up as -ExecutionPolicy Bypass C:\Temp\AddLicence.ps1 -Users C:\temp\users.csv -LicenceType C:\temp\O365.txt
I find the problem ! :D
In my task, it was domain\administrator who run the task but this account havn't the right to connect to office365 and he havn't the admin right on Exchange-online. I was changed this account with another who have the right on 365 and it's WORK !! :D
Thank's for help guys !
I've a strange problem that I can't understand. Maybe someone will be able to explain it to me.
I'm trying to automate the installation of an app for SharePoint in a multitenant environment. I run the scripts on a remote machine like this:
$session = New-PSSession -Name "Install App Session" -Authentication Credssp -Credential $InstallAccountCredentials -ComputerName $frontend
$installAppScriptPath = Join-Path $currentScriptPath "\SharePoint\InstallApp.ps1"
$job = Invoke-Command -Session $session -FilePath $installAppScriptPath -ArgumentList $customerUrl, $env:COMPUTERNAME -AsJob
Wait-Job $job
Inside the InstallApp.ps1 I invoke the Import-SPAppPackage command but I get an "Access denied.
You do not have permission to perform this action or access this resource." error. However, if I login to the machine with exactly the same credentials that are used as $InstallAccountCredentials and start the script, everything is working perfectly fine. The account that is used for running this script is an tenant admin account.
Is there something I miss in invoking the command?
PowerShell remote doesn't work for a significant portion of the SharePoint cmdlets. Use the client object model instead - you can invoke those methods from PowerShell as needed.