How to modify main address of MS Office 365 group - powershell

Hello I need to modify the main mail address of an Office 365 group.
How can I change 1st part and domain:
Example:
I need to change admin#contoso.com to group#contoso.fr
How can I do this ?

I was looking for the same thing, and it's now possible (from january 2019!).
I found these commands who perfectly works:
Connect to PowerShell (with admin rights)
Allow Remote Signed scripts:
Set-ExecutionPolicy RemoteSigned
Log with O365 admin user:
$UserCredential = Get-Credential
Create new session:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import session:
Import-PSSession $Session
Set the new address:
Set-UnifiedGroup -Identity admin#contoso.com -PrimarySmtpAddress group#contoso.fr
That perfectly works for me, even if you're trying to send from external email.
Don't forget to return to the default execution policy:
Set-ExecutionPolicy Default
Enjoy it :)

Related

PowerShell Alias when connected to a remote Exchange Server

I am trying to create a script to connect to my exchange server remotely and create some alias for commonly used commands.
I connect to exchange using:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<ServerFQDN>/PowerShell/ -Authentication Kerberos -Credential $UserCredential
Import-PSSession $Session -DisableNameChecking
If I add to the bottom of this script:
New-Alias -Name "GR" -Value Get-Recipient
I see no error message, but no alias is created. If I run my script to connect to Exchange, and then run the New-Alias command in the terminal, the alias creates as expected.
I assume I am missing something fundamental regarding Sessions or scope, and any help gratefully received.

Remote powershell sessions can only be established with interactively entered credentials?

I'm trying to automate a powershell script which gathers data from O365. I've got a special limited user setup with the privileges required on O365 and also with local logon allowed on the server so that I can "run-as" that user (which I do for all the scripts below. I have verified different, expected errors when running as other users).
The script works fine interactively when credentials are set like this and the session opened:
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
However, if I create the credentials file for automation with:
Get-Credential | Export-Clixml -Path C:\batch\${env:USERNAME}_cred.xml
And then access from the script via:
$cred = Import-Clixml -Path C:\batch\${env:USERNAME}_cred.xml
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
The credential file load appears to succeed. I then get "Access Denied" on the session open, and then of course the rest of the script fails due to the session being null. I'm cutting and pasting the password in all cases (plus have tried many, MANY times including hand typing) so I don't think it's a simple typo issue. Seems more like something I'm fundamentally misunderstanding about powershell. Ultimately I'd like to not just have the credentials automated, but also have it run from task scheduler if there's any special settings above and beyond that I also need.
I don't see anything wrong from your code from PowerShell perspective. I have tested the way you are creating credentials within a company domain and I was able to create new session by importing credential XML file that was created by exporting the credentials the way you did. I then assume it might be MS Exchange related.
I can suggest alternatives for you to try:
# First we need to get the encrypted password:
$TempCred = Get-Credential
# provide credentials to the prompt
# now the encryption to be saved in a file
$TempCred.Password | ConvertFrom-SecureString | Set-Content C:\mypass.txt
This was the encrypted version of your password is saved as a text.
In your automation script you can now do this:
$username = "yourusername"
$password = Get-Content C:\mypass.txt | ConvertTo-SecureString
$cred = New-Object System.Management.Automation.PsCredential($username, $password)
$session = New-PSSession -Credential $cred .....
I am not sure if this works in your case, it worked in my company domain. Once again it worked for me the XML version too. I am just providing alternatives to try if you are not keen to find out as to why the XML way did not work.
I was able to get this working, in my environment at least, by including a call to Import-PSSession:
$Credential = Import-Clixml -Path D:\Modules\O365Credentials.xml
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Credential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Get-Mailbox
Does the account in question have MFA enabled? If so, you might try this.
This script:
Downloads Exchange Online Remote PowerShell Module
Installs Exchange Online PowerShell Module
Connects Exchange Online PowerShell using MFA
Or, you can perform these manually. More information, including a detailed walk-through, is available here:
https://o365reports.com/2019/04/17/connect-exchange-online-using-mfa/

Remove-MsolGroupMember use exchange online to perform this operation

I get the error:
Remove-MsoLGroupMember : You cannot update mail-enabled groups using
this cmdlet. Use Exchange Online to perform this operation
But i have connected to a remote session and imported the exchange online module, why does it still throw error?
$credential = Get-Credential
$lyncSession = New-CsOnlineSession -Credential $credential
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" -Credential $credential -Authentication "Basic" -AllowRedirection
Get-PSSession
Import-PSSession $exchangeSession
Remove-MsoLGroupMember -GroupObjectId $Group_GUID -GroupMemberType User -GroupmemberObjectId $GroupMembers.ObjectId
I was following this link to setup my remote connection to exchange, but i must be doing something wrong. https://technet.microsoft.com/en-us/library/dn362787(v=ocs.15).aspx
Use Remove-DistributionGroupMember instead if you are working with mail enabled security group as Remove-MsoLGroupMember works with regular security groups.
check this: https://technet.microsoft.com/en-us/library/aa998016(v=exchg.160).aspx

Office 365 Powershell issue with Set-UserPhoto for anyone other than myself

I'm a global admin for our 365 environment and I'm having an issue with the Set-UserPhoto command in powershell. If I run it for my own username, it works just fine but if I run it using anyone else's username, it errors. Is there some kind of access I need to give myself to make this work? I'm a domain admin and global administrator in 365 so I should be able to do anything.
Connected through PowerShell 3.0 using the following:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/?proxyMethod=RPS -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Command I'm running:
Set-UserPhoto –Identity username -PictureData ([System.IO.File]::ReadAllBytes("C:\userpics\username.jpg"))
Works fine for my username, for any other username I get this:
Error on proxy command 'Set-UserPhoto -Identity:'username' -PictureData: Tons of numbers here that scrolls for quite a while -Confirm:$False' to server BN3PR0201MB1027.namprd02.prod.outlook.com: Server version 15.01.0534.0000, Proxy method
RPS:
The WinRM client cannot process the request. The connection string should be of the form
[://][:][/] where transport is one of "http" or "https". Transport, port and suffix are
optional. The host may be a hostname or an IP address. For IPv6 addresses, enclose the address in brackets - e.g.
"http://[1::2]:80/wsman". Change the connection string and try the request again. .
+ CategoryInfo : NotSpecified: (:) [Set-UserPhoto], CmdletProxyException
+ FullyQualifiedErrorId : Microsoft.Exchange.Configuration.CmdletProxyException,Microsoft.Exchange.Management.Reci
pientTasks.SetUserPhoto
+ PSComputerName : outlook.office365.com
just ran into the exact same problem.
the solution was to run Microsoft Azure Active Directory Module for Windows PowerShell 'as administrator' (Elevated)
as seen here https://www.blackforce.co.uk/2016/09/23/set-userphoto-error-proxy-command
If you are in hybrid mode and thumbnailPhoto property is synched, you can only change the user photo in your local Active Directory and not in Office 365 Exchange PowerShell session.
If you are not in hybrid mode you can try this sample code instead:
Set-UserPhoto "username" -PictureData ([Byte[]] $(Get-Content -Path "C:\userpics\username.jpg" -Encoding Byte -ReadCount 0)) -Confirm:$false
I had the same issue, and solved it from another post (I don't remember which one).
In the connection string:
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri **https://outlook.office365.com/powershell-liveid/?proxymethod=rps** -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session

Export Powershell output to user desktop (User desktop varies)

i am running a powershell to export Exchange online user data in a TXT file where i have mentioned C:\Users\%userprofile%\Desktop\Getdata.txt as a location but this script runs on different computer where we have different users so i want to export the data to the desktop of the user directly
Script is as such
Start-Transcript
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
get-mailbox |FT >C:\Users\%userprofile%\Desktop\Getdata.txt
Stop-Transcrip
I am still not able to export data to the desktop. I cant export data on C:\ directly as users donot have permission on any local disks.Can this be possible keeping the powershell intact till get-mailbox.
If you're looking for the current user's Desktop path you can get that with:
[environment]::GetFolderPath('Desktop')
So for your code:
|FT > (join-path ([environment]::GetFolderPath('Desktop')) "GetData.txt")