Windows PowerShell pour gérer Office 365 (15.03.17)

Windows PowerShell

Utiliser Windows PowerShell pour gérer Office 365  
Applets de commande Windows PowerShell pour Office 365  
Installer et configurer le module Microsoft Online Services pour Windows PowerShell pour l’authentification unique

Installer powershell pour office 365 sur windows 7

Installer le Microsoft .NET Framework 4.5 ou 4.5.1 (http://go.microsoft.com/fwlink/p/?LinkId=257868)
Installer le Windows Management Framework 3.0 (http://go.microsoft.com/fwlink/p/?LinkId=272757) ou 4.0 (http://go.microsoft.com/fwlink/p/?LinkId=391344)

Faire en sorte que les mots de passe n'expire plus dans Office 365

Connect-MsolService (username / password de l'administrateur)

Get-MsolUser | Set-MsolUser -PasswordNeverExpires $True (pour changer l'attribut pour tous les utilisateurs)

Set-MsolUser -UserPrincipalName -PasswordNeverExpires $True (pour un seul utilisateur)

Get-MsolUser | fl (liste des attributs pour tous les utilisateurs, pour contrôle)


Augmenter à 30 jours le temps de rétention des e-mails supprimés

Get-Mailbox | Set-Mailbox -SingleItemRecoveryEnabled $True -RetainDeletedItemsFor 30


Supprimer la policy qui supprime les e-mails plus vieux que 2 ans.

$UserMailboxes = Get-mailbox -Filter {(RecipientTypeDetails -eq 'UserMailbox')}
$UserMailboxes | Set-Mailbox –RetentionPolicy $null

Rendre possible le partage de calendrier dans l'organisation

$credentials = Get-Credential
# This will spawn a window asking for credentials, enter your Office 365 administrative credentials.  

# Once Powershell has your credentials, we need to log into the Office 365 servers using the credentials we just set, and start our remote session. Use the command below to do so.
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $credentials -Authentication Basic -AllowRedirection
# This might take a few seconds to complete.

# Next, we need to lower our shell security. This enables us to run the cmdlet after this which executes a script from Microsoft’s servers. Use this command to do so:
Set-ExecutionPolicy -ExecutionPolicy unrestricted

# Now we need to import the Powershell commands, from the Microsoft servers, to our local session. Use the command below to do so.
$ImportResults = Import-PSSession $session

# Once that finishes, we should restore our default shell security. Use the command below to restore our default Execution Policy.
Set-ExecutionPolicy -ExecutionPolicy restricted

# All that's left now is to turn on the calendar sharing. It's a longer command, but it will set a default policy for enabling calendar sharing across the domain.
Enable-OrganizationCustomization
Set-SharingPolicy ‘Default Sharing Policy’ –Domains ‘*: CalendarSharingFreeBusySimple’

Ceci permet à l'utilisateur de partager son calendrier via l'interface web ou outlook, jusqu'au droit de "Reviewer". Pour donner plus de droit, cf. ci après.

Donner droit d'édition à un calendrier

Add-MailboxFolderPermission -Identity “xx@mydomain.com:\Calendrier” -AccessRights Editor -User yy@mydomain.com

*noter que si O365 est un anglais, remplacer par Calendar ou la langue utilisée

Donner droit d'édition à un calendrier pour un user, sur toutes les boîtes d'un seul coup

foreach($Mailbox in (Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')})) {Add-MailboxFolderPermission -Identity "$($Mailbox.Name):\CalendarName" -User user@mydomain.com -AccessRights Reviewer}

 

Donner les droits d'accès complet à un compte

Add-MailboxPermission xx@mydomain.com -User permitteduser@mydomain.com -AccessRights FullAccess -InheritanceType All
Verify
Get-MailboxPermission -Identity xx@mydomain.com | Select User, AccessRights, Deny

Donner les droits d'accès complet au compte admin, sur toutes les boîtes d'un seul coup

Faire un script et le sauver comme myscript.ps1 et l'exécuter en powershell

Contenu du script :

$credentials = Get-Credential
# This will spawn a window asking for credentials, enter your Office 365 administrative credentials.

# Once Powershell has your credentials, we need to log into the Office 365 servers using the credentials we just set, and start our remote session. Use the command below to do so.
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $credentials -Authentication Basic -AllowRedirection
# This might take a few seconds to complete.

# Next, we need to lower our shell security. This enables us to run the cmdlet after this which executes a script from Microsoft’s servers. Use this command to do so:
Set-ExecutionPolicy -ExecutionPolicy unrestricted

# Now we need to import the Powershell commands, from the Microsoft servers, to our local session. Use the command below to do so.
$ImportResults = Import-PSSession $session

# Once that finishes, we should restore our default shell security. Use the command below to restore our default Execution Policy.
Set-ExecutionPolicy -ExecutionPolicy restricted

Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -User XX@MYACCOUNT.onmicrosoft.com -AccessRights fullaccess -InheritanceType all -AutoMapping $False

Donner les droits d'envoi au nom de "Send As"

Add-RecipientPermission -Identity xx@mydomain.com -Trustee yy@mydomain.com -AccessRights SendAs

Donner des droits sur certains dossiers et sous-dossiers

# tout d'abord se connecter avec le compte sur lequel les modifications de droits doivent avoir lieu et importer les modules O365

Import-Module MSOnline
$O365Cred = Get-Credential
$O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Set-ExecutionPolicy -ExecutionPolicy unrestricted
Import-PSSession $O365Session
Connect-MsolService –Credential $O365Cred

# Liste folders and paths

Get-MailboxFolder -Identity myUser -Recurse | ft Name,FolderPath

# Location wanted folder(s) in the list and for this example, we will replace is with myPath

ForEach($f in (Get-MailboxFolder -Identity "myUser:\myPath" -recurse) ) { Add-MailboxFolderPermission -Identity $f.Identity -User "userToReceiveRights" -AccessRights Editor}

# Where AccessRights can be Editor, Reviewer, Owner...# Once that finishes, we should restore our default shell security. Use the command below to restore our default Execution Policy.
Set-ExecutionPolicy -ExecutionPolicy restricted

# Exit

Enlever la fonctionnalité winmail.dat

  1. $LiveCred = Get-Credential
  2. Type in your Office365 admin user credentials
  3. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
  4. Import-PSSession $Session
  5. Set-RemoteDomain Default -TNEFEnabled $false
  6. Remove-PSSession $Session

      Source : http://blog.powerbiz.net.au/office-365/fixing-the-winmail-dat-attachment-problem-in-office365/

Purger les utilisateurs supprimés

Purger une mailbox précise:
 - Remove-MsolUser –UserPrincipalName username@mydomain.com

Purger toutes les mailboxes en attente d'élimination:
  - Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser –RemoveFromRecycleBin –Force

      Source: http://365command.com/justins-tech-tip-of-the-week-purging-and-removing-deleted-users-and-mailboxes-...


Activer - désactiver le courrier - pêle-mêle

Désactiver pour un utilisateur:

Set-Clutter -Identity user@domain.com -Enable $false

Désactiver pour tout le monde:
get-mailbox | Set-Clutter -Enable $false

Source: https://www.adrienfuret.fr/2015/10/09/desactiver-pele-mele-office365/


Facebook Twitter RSS Google+