Set-ExecutionPolicy RemoteSigned
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force -Scope CurrentUser
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-Module Posh365 -Force
Import-Module Posh365 -Force
Connect-Cloud Connect to one or more services: Az, AzureAD, Compliance, Exo2, MSOnline, SharePoint & Teams. Credentials are locally encrypted for reuse - no need to reenter credentials the next time you need to connect.
Connect-Cloud -Tenant Contoso -EXO2 -MSOnline -AzureAD
Connect-Cloud -Tenant Contoso -EXO2 -MSOnline -AzureAD -GCCHIGH
Connect-Cloud -Tenant Contoso -EXO2 -MFA #when using MFA
Connect-Cloud -Tenant Contoso -Teams
Connect-Cloud -Tenant Contoso -Teams -GCCHIGH
Connect-Cloud -Tenant Contoso -AZ
Connect-Cloud -Tenant Contoso -AZ -GCCHIGH
Connect-Cloud -Tenant Contoso -SharePoint
Connect-Cloud -Tenant Contoso -Compliance
Connect-Cloud -Tenant Contoso -DeleteCreds #Deletes locally encrypted creds only
New-ExoCBAConnection Create reusable Exchange Online Certificate Based Authentication (CBA) connections
New-ExoCBAConnection -Tenant Contoso
Connect-Cloud -Tenant Contoso -EXOCBA
Connect-CloudMFA Same as Connect-Cloud but includes built-in password manager GUI
Connect-CloudMFA -Tenant Contoso -EXO2 -MSOnline -AzureAD -Teams
Connect-Exchange Connect to Exchange on-premises
Connect-Exchange -Server EXHybrid #Encrypts and reuses creds locally
Connect-Exchange -Server EXHybrid -DontViewEntireForest
Connect-Exchange -Server EXHybrid -DeleteExchangeCreds #Deletes locally encrypted creds only
Export-GraphConfig Use a GUI to save/encrypt ClientID, TenantID, Secret, UserName & Password Connect-PoshGraph Use saved encrypted credentials to connnect to Graph and Azure APIs
Export-GraphConfig -Tenant Contoso
Connect-PoshGraph -Tenant Contoso
Get-DiscoveryOffice365 -Tenant Contoso -Verbose
Choose all items & click OK Choose Connection type & click OK
First time running this? Let's install PowerShellGet2:
1. Run: Connect-Cloud -Tenant Contoso -EXO2 2. Sign in as Global Admin & restart powershell when prompted 3. Run: Get-DiscoveryOffice365 -Tenant Contoso -Verbose
Requires RSAT
Get-DiscoveryOnPrem -Verbose
1. Run: Get-Discovery -Verbose 2. Enter name of Exchange Server when prompted 3. Click link for Batches, copy/paste code on-premises 4. Click link for Permissions, copy/paste code on-premises 5. Add both documents to the root of SharePoint > Documents 6. Add BATCH01 to BatchName column in Batches.xlsx for pilot
Document to add to SharePoint | Paste code on-premises (not EMS) |
---|---|
Batches.xlsx | https://bit.ly/corebatches |
Permissions.xlsx | http://bit.ly/PermissionsScaled |
Note: Each command presents a GUI for selection and confirmation Connect to Exchange Online. Connect-Cloud -Tenant Contoso -EXO2
Update-MailboxMovePermissionBatch GUI to analyze permissions of mailboxes from Batches.xlsx. Will output new Batches.xlsx to desktop. Can add to SharePoint as new Batches file.
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
}
Update-MailboxMovePermissionBatch @params
Test-MailboxMove Test migration readiness of the mailboxes from Batches.xlsx. Of each user to be migrated, reports PASS or FAIL overall and individual on the following tests:
- Verifies each smtp address domain is an accepted domain
- Verifies mail user exists in Exchange Online
- Verifies mailbox does not exist in Exchange Online
- Verifies mail user is DirSynced
- Verifies UserMailboxes accounts are not disabled
- Verifies Routing Address is valid
- Verifies UserPrincipalName matches PrimarySmtpAddress (Use -SkipUpnMatchSmtpTest to skip this test)
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
}
Test-MailboxMove @params
New-MailboxMove Creates new move requests. Example uses batches file in SP site named "migrate". Use links in Discovery On-Premises to create Batches and Permissions files [ Link ]
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
RemoteHost = 'hybrid.contoso.com'
Tenant = 'contoso'
}
New-MailboxMove @params
# For GCC/GCCHIGH tenants: use full tenant address as shown below:
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
RemoteHost = 'hybrid.contoso.com'
Tenant = 'contoso.mail.onmicrosoft.us'
}
New-MailboxMove @params
Set-MailboxMove Set move requests
Set-MailboxMove -BadItemLimit 300 -LargeItemLimit 400
Suspend-MailboxMove Suspends move requests
Suspend-MailboxMove
Resume-MailboxMove Resumes move requests
Resume-MailboxMove
Resume-MailboxMove -DontAutoComplete
Remove-MailboxMove Removes move requests
Remove-MailboxMove
Complete-MailboxMove Complete move requests
Complete-MailboxMove
Complete-MailboxMove -Schedule #GUI presented to pick time, date, and users
Get-MailboxMoveStatistics Gets move request statistics for any or all move requests. Multi-select or select all, click OK
Get-MailboxMoveStatistics
Get-MailboxMoveStatistics -IncludeCompleted
Get-MailboxMoveReport Gets full move request report - from present to past. The way it should be
Get-MailboxMoveReport
Set-MailboxMoveLicense GUI to license users via AzureAD
Connect to AzureAD Connect-Cloud -Tenant Contoso -AzureAD
Set-MailboxMoveLicense
Set-MailboxMoveLicense -MailboxCSV .\UserPrincipalName.csv
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
}
Set-MailboxMoveLicense @params
Get-MailboxMoveLicense Reports on user license Skus via AzureAD
Get-MailboxMoveLicense
Get-MailboxMoveLicense -OneSkuPerLine
Get-MailboxMoveLicense -OneSkuPerLine -ExportToExcel # file saved in Posh365 folder on desktop
Get-MailboxMoveLicense -IncludeRecipientType # Connect to EXO2
$params = @{
SharePointURL = 'https://contoso.sharepoint.com/sites/migrate'
ExcelFile = 'Batches.xlsx'
}
Get-MailboxMoveLicense @params
Get-MailboxMoveLicenseCount Reports on a tenant's consumed and total skus and options
Get-MailboxMoveLicenseCount
Get-MailboxMoveLicenseReport Reports on each user's assigned skus and options, csv and excel output
Get-MailboxMoveLicenseReport -Path C:\temp\
Trace-Message GUI to trace Exchange Online messages. Select messages & click OK for trace details
Trace-Message # all messages from past 15 minutes
Trace-Message -StartSearchHoursAgo 6.3 -EndSearchHoursAgo 5 -Subject 'From the CEO'
Trace-Message -StartSearchHoursAgo 10 -Sender jane@Contoso.com
Trace-Message -Sender jane@Contoso.com -Recipient emily@Contoso.com
Trace-ExchangeMessage GUI to trace on-premises messages. Select messages & click OK for messageID details
Trace-ExchangeMessage # all messages from past 15 minutes
Trace-ExchangeMessage -StartSearchHoursAgo 10 -ExportToCsv
Trace-ExchangeMessage -StartSearchHoursAgo 10 -ExportToExcel -SkipHealthMessages
Get-MfaStats Return Managed Folder Assistant statistics as an object. Switch to start the MFA too
'[email protected]' | Get-MfaStats
'[email protected]' | Get-MfaStats -StartMFA
(Import-CSV .\mailboxes.csv).UserPrincipalName | Get-MfaStats
(Import-CSV .\mailboxes.csv).UserPrincipalName | Get-MfaStats -StartMFA
(Get-EXOMailbox -Properties Office -Filter "Office -eq 'Redmond'").UserPrincipalName | Get-MfaStats
(Get-EXOMailbox -Properties Office -Filter "Office -eq 'Redmond'").UserPrincipalName | Get-MfaStats -StartMFA
Get-OfficeEndpoints URLs and IPs, initial and "changes since", CSV and Excel output (click to enlarge)