Archive

Archive for August, 2012

Windows PowerShell cmdlets for Office 365 ~ Manage Users – Part 02

August 16, 2012 7 comments

office365_thumb

In my previous Article – Manage Users – Part 01 I have posted information about adding Get-MsolUser, Create New-MsolUsers and Assign Customized License Plan for already created users and for new users.

In this article I will show you how to Provision bulk user accounts using a .CSV file.

What is a .CSV file?

The CSV file type is primarily associated with ‘Comma-Separated Variables’. A comma delimited file is a database exported into a format where each record is a single line and each field in the record is indicated by a comma. It is an easy way to transfer a large amount of data between programs.

In the web based portal there is a particular place where you can upload the CSV file to create user accounts in bulk. But i will show you how to provision bulk users using PS commands with a previously created .CSV file.

 

bULK

 

Below herewith are some information points which would help you to create the accurate .CSV file to perform bulk user add.

  1. The minimum number of rows is two, including the first row of user data column labels.
  2. The maximum number of rows is 251, including the first row of user data column labels.
  3. Only the user name and display name are required entries.
  4. You have to create multiple .CSV file if you want to import more than 250 users.
  5. If you are importing users from different countries or regions, Microsoft recommend creating a separate CSV file for each country or region and performing a bulk import operation for each CSV file. This is because you will be indicating the location of the users in the CSV file as part of this import process, and only one location can be selected per bulk import operation.
  6. Make sure that the User Name column of your CSV file contains the full email address.

 

The following table shows the user data column labels and maximum character length for each in the sample CSV file.

 

User data column label Maximum character length
User Name / UserPrincipalName (Required) The maximum total length of the user name is 79 characters (including @ symbol), in the format name@domain.<extension>. The user’s alias cannot exceed 30 characters and the domain name cannot exceed 48 characters
First Name 64
Last Name 64
Display Name (Required) 256
Job Title 64
Department 64
Office Number 128
Office Phone 64
Mobile Phone 64
Fax 64
Address 128
State or Province 128
ZIP or Postal Code 40
Country or Region 128

 

Sample CSV file is given below,

 

image

 

Below PS cmdlets will allow you to provision new user accounts by using the .CSV file,

 

Import-Csv -Path c:\users.csv | ForEach-Object {New-MsolUser -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -DisplayName "$($_.FirstName) $($_.LastName)" -LicenseAssignment ‘msdivision:ENTERPRISEPACK’ -UsageLocation US } | Export-Csv -Path c:\NewUsers.csv –NoTypeInformation

 

image

 

The purpose of using Export-csv file is to store the account information along with the random password generated for each user. Once the user accounts are created you can distribute password using the generated report. Below screenshot show you the generated temp password for each user.

 

image

 

It is not that much harder isn’t it guys? So try to keep doing Admin tasks using PS commands, this will make your life so easier… Hope this article would help you guys. You can access the previous article using below link, Smile

 

Windows PowerShell cmdlets for Office 365 ~ Manage Users – Part 01

Advertisements
Categories: Office365

Windows PowerShell cmdlets for Office 365 ~ Manage Users – Part 01

August 16, 2012 2 comments

office365_thumb

 

Windows PowerShell is a task-based command-line shell and scripting language designed for system administration. As an Matured Systems Administrator Smile  you can use rich PowerShell commands to perform many more Microsoft Office 365 Administration tasks such as manage users, groups, role memberships, service principals, domains and ect. In my previous blogs I have mentioned some PS comdlets to carryout some tasks and errors you would get during the administration tasks. Below series of articles provide you descriptive information with screenshots about Windows PowerShell cmdlets for Office 365.

Prior to get familiarized with cmdlets you should install prerequisites attached below, You can go through the installation steps to install below tools which I posted in the my previous blog post.

  • Operating System – you’ll need to be running Windows 7 or Windows Server 2008 R2
  • .NET Framework – the 3.5.1 version of the .NET Framework needs to be installed

Microsoft Online Services Sign-in Assistant

Install Microsoft Online services module for windows PowerShell

How to connect to MS Online using PS :

Use below PS command to Import MSonline Module and Log in to Microsoft Online tenant account.

Import-Module MsOnline

 

image

 

Connect-MsolService

image

 

~Get-MsolUser~

This cmdlet is used to retrieve Information about Microsoft Online Users.An individual user will be retrieved if the Object ID or UserPrincipalName parameter is used.

 

Untitled

 

~New-MsolUser~

This cmdlet is used to create a new user in the Microsoft Online directory. In order to give the user access to services, they must also be assigned a license (using the LicenseAssignment parameter) and also it is not a must to use –Password  parameter and if you do not use, system will automatically generate a temp password and will display under the Password tab.

 

As I mentioned you have LicenseAssignment parameter, you can retrieve it using below PS command.

 Get-MsolAccountSku

 

image

 

New-MsolUser -UserPrincipalName dilshansam@valakulu.net -DisplayName ‘Dilshan Sam’ -FirstName Dilshan -LastName Sam -LicenseAssignment msdivision:ENTERPRISEPACK -UsageLocation lk -Password Password1

 

image

 

PS Command without –Password  parameter. As you can see system generated a temp password for the created user.

 

New-MsolUser -UserPrincipalName dilshansam@valakulu.net -DisplayName ‘Dilshan Sam’ -FirstName Dilshan -LastName Sam -LicenseAssignment msdivision:ENTERPRISEPACK -UsageLocation lk -Password Password1

 

Untitled

 

After you have enter the PS cmdlet you can go to Administration Portal and view the created User.

 

image

 

~Assign Customized License Plan~

Each Microsoft Office 365 Plan contain a subset of service plans. when viewing the licensing settings in the Microsoft Online Services Portal for user assigned license you will see subset of services under the Assign Licenses. Subsets can be changed with the license type which the user have purchased.

Instead of assigning all of the service plans available with the license, you may only need to assign a subset of these, such as Office Professional Plus and Exchange Online. In order to do this from the shell, you’ll need to be able to view the service plan information to retrieve what your options are. Below command will provide you plan details for the EnterprisePack sku. so you again turn to the Get-MsolAccountSku cmdlet. Here’s a one-liner that will provide below information.

Get-MsolAccountSku | Where-Object {$_.SkuPartNumber -eq 'ENTERPRISEPACK'} |
   ForEach-Object {$_.ServiceStatus}

 

Are you shocked about the service Plan description? Smile It is obvious you get shocked by seeing the description. Here I have break down of what each of these really are,

 

Untitled

 

Here we go now we do have required service plan details. Now you can modify license option you have selected for each individual user and also you can select customized service plan for new user provisioning processes. At first will see how to assign customized service plan for newly creating user.

 

Customized service plan for already created user

I have selected all service license plan for previously created dilshansam@valakulu.net user and now I need to customize it to use only Office Professional Plus and Exchange Online licenses. In order to do that, we’ll need to create a LicenseOption object using the New-MsoLicenseOptions cmdlet. When running the cmdlet, we specify the account sku id, which in this case would be in the format of tenant:ENTERPRISEPACK, and then we disable the service plans that we do not want to be include in the object. You can achieve this by disabling service plans that you do not want to be include in the user object using DisabledPlans parameter. As you can see below the resulting LicenseOption object is saved to the $options variable, which can then be assigned to theLicenseOptions parameter when modifying the account:

 

$options = New-MsolLicenseOptions -AccountSkuId msdivision:ENTERPRISEPACK -DisabledPlans MCOSTANDARD,SHAREPOINTWAC,SHAREPOINTENTERPRISE

 

PS>Set-MsolUserLicense -UserPrincipalName dilshansam@valakulu.net -LicenseOptions $options

 

image

 

Customized service plan for new user

New-MsolUser -UserPrincipalName dilshansam@valakulu.net -DisplayName ‘Dilshan Sam’ -FirstName Dilshan -LastName Sam -LicenseAssignment msdivision:ENTERPRISEPACK -LicenseOptions $options -UsageLocation lk

 

image

 

In my next article I will show you how to carryout Bulk licensing and Provision bulk user accounts using a CSV file. 

Hope this article helpful for you guys… Smile

Windows PowerShell cmdlets for Office 365 ~ Manage Users – Part 02

Categories: Office365

Configure Office 365 Exchange Online Preview to use Windows Azure AD Rights Management.

August 1, 2012 8 comments

294528-microsoft-office-365-and-office-2013

Windows Azure AD Rights Management provides the ability to enable the use of digital rights management technology in organizations that subscribe to Microsoft online services

Windows Azure AD Rights Management information rights management (IRM) features are available in Microsoft Office 365 Enterprise E3 Preview and Microsoft Office 365 ProPlus Preview….

I have step down the installation process with screenshots and additionally I have attached error previews as well for your further understanding. Smile

ADRMS

 

Follow below steps to setup the Office 365 Exchange Online Preview to use Windows Azure AD Rights Management.

 

Step 01 : Download Required Applications, Install and run require PS commands 

Download the Windows Azure AD Rights Management administration module (WindowsAzureADRightsManagementAdministration.exe) for Windows PowerShell from below link and double-click WindowsAzureADRightsManagementAdministration.exe to launch installation of the Rights Management administration module by following below screenshots.

http://www.microsoft.com/en-us/download/details.aspx?id=30339

 

image

 

image

 

image

 

image

 

Open the %WINDIR%\System32\WindowsPowerShell\v1.0 folder and ensure that your Powershell.exe.config file contains the following XML data:

 

image

 

Open windows PowerShell prompt and type the followings commands to import the module and connect to your Rights Management installation

Type the following commands:

Import-Module AADRM

Connect-AadrmService -Verbose

Enter your Office 365 Preview credentials when prompted,

dilshan@pcloud.onmicrosoft.com

 

image

 

image

 

Type the following command to enable the Rights Management service for use with your user account,

Enable-Aadrm and Disconnect-AadrmService

 

image

 

Once you have completed the required tasks enabling Windows Azure AD Rights Management requires only a few additional configuration steps to enable it for use.

 

Step 02 : Enabling IRM services with Exchange Online

 

To enable Information Rights Management with Exchange online you have to carry out some additional tasks with Microsoft Office 365 Enterprise E3 Preview deployment as below,

Connect to your Exchange Online account using Windows PowerShell. Login with below command.

$LiveCred = Get-Credential

image

 

Start configuration of Exchange Online:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUrihttps://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection.

 

image

 

Import-PSSession $Session

 

image

 

While running any of the commands in your windows Powershell for Office 365 if you encounter this error: ~~cannot be loaded because the execution of scripts is disabled on this system~~

image

 

You can run below PS commands to sort out the issue. Smile

Get-ExecutionPolicy and Set-Executionpolicy Unrestricted

 

image

 

image

 

Enable-OrganizationCustomization

 

image

 

Since I’m located in Asia, I ran the following command to set the key sharing URL:

Set-IRMConfiguration –RMSOnlineKeySharingLocation

https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc

 

image

 

Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

 

image

 

Set-IRMConfiguration -InternalLicensingEnabled $true

 

image

 

You can test the configuration by running the following commands:

Test-IRMConfiguration -RMSOnline

 

Test-IRMConfiguration -sender user@company.onmicrosoft.com

Test-IRMConfiguration –sender dilshan@pcloud.onmicrosoft.com

 

image

 

image

Categories: Office365