Todd Klindt Todd.klindt@sympraxisconsulting.com @toddklindt - PowerPoint PPT Presentation

Todd Klindt Todd.klindt@sympraxisconsulting.com @toddklindt www.toddklindt.com www.toddklindt.com/MSPSUG

Agenda

Before you Connect • Except Exchange • $PSVersionTable.PSVersion • Also consider adding PSReadLine if you are not on Win10 • Video walkthrough Install Sign-in Assistant

A Word about Passwords $MyAccount = Get-Credential $username = admin@company.onmicrosoft.com $password = “ RightHereInPlainText ” $secure = $password | ConvertTo-SecureString -AsPlainText – Force $MyAccount = New-Object System.Management.Automation.PSCredential ($username, $secure) Use an encrypted file

Windows Credential Manager

PowerShell Use Credential Manager

A Quick Word about MFA Enable MFA at the tenant (AzureAD) level Create an app password for your account

Connect to your Azure AD Tenant $MyAccount = Get-PnPStoredCredential -Name TenantAdmin -Type PSCredential Connect-MsolService -Credential $MyAccount Get-MsolUSer Get-Command -Module msonline $MyAccount = Get-Credential Connect-AzureAD -Credential $MyAccount Get-AzureADUser Get-Command -Module AzureAD

Fun Gotchas

Don’t Try This At Home

Connect to Skype for Business

Exchange Online Just a little different • No cmdlets, uses Remoting • Limited to three sessions • Requires port 80 • Close out gracefully • Remove-PSSession $Session • Supports MFA

License Up That New Mailbox

PowerShell with SharePoint Online • Users and groups • Tenants • Site Collections • Hub Sites • Multi-Geo Download here

Connect to SharePoint online

Things to install Install Sign-in Assistant Install MSOnline Module Install Azure AD Module Install SharePoint Online Module Install Skype for Business Online Module Office 365 PowerShell Module Installs Update the modules

Install them all

Updating the Modules PowerShell to Update your PowerShell Modules

Example script

Real world example Param( [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string] $User ) # Add the Active Directory bits and not complain if they're already there Import-Module ActiveDirectory -ErrorAction SilentlyContinue # Add the Azure Active Directory module Import-Module MSOnline

# Define AD group that is synced to AAD and is used for ODFB audience $syncgroupname = "CloudSync" $syncgroup = Get-ADGroup $syncgroupname # First, add the user to the group Add-ADGroupMember -Identity $syncgroupname -Members $User # Remind them to recompile their SharePoint audience Write-Host "You'll need to recompile your SharePoint audience to reflect the group change" # Sync up to Azure AD Start-ADSyncSyncCycle

# Now tweak the user in Azure AD, First connect Connect-MsolService -Credential (Get- StoredCredential -Target Admin) # Azure AD domain suffix $aadsuffix = (Get-MsolDomain | Where-Object - Property IsDefault -Value $true -EQ).name # Get the user $aaduser = "$user@$aadsuffix"

# Set the user's location. Without that the license will fail Set-MsolUser -UserPrincipalName $aaduser -UsageLocation “US" $license = "tkdemo:O365_BUSINESS_PREMIUM” # Set the user's license Set-MsolUserLicense -UserPrincipalName $aaduser - AddLicenses $license

Microsoft Teams!! • Woo Hoo! • PowerShell Support • https://blogs.technet.microsoft.com/skypehybridguy/2017/11/07/microsoft- teams-powershell-support/ • For automating all those Teams Tasks • Install-Module MicrosoftTeams

Flow and PowerApps • Flow and PowerApps • For both creators and Admins • Get list of all Flows and PowerApps • Kind of a janky install • Install-Module -Name Microsoft.PowerApps.Administration.PowerShell • Install-Module -Name Microsoft.PowerApps.PowerShell - AllowClobber

Office 365/Unified Groups • No Groups module • MSOL / Azure • Exchange • Teams • PnP PowerShell

The Sneaky Way: CSOM with PowerShell SharePoint 2016 Client SDK

Top Of Script

Get-SPOweb http://www.sharepointnutsandbolts.com/2013/12/Using-CSOM-in- PowerShell-scripts-with-Office365.html

More Examples

Patterns and Practices PowerShell (Phew!) Github • https://github.com/SharePoint/PnP-PowerShell

Favorites • PnPFile • Set-PnPGroupPermissions • Add-PnPFile, Copy-PnPFile • Add-PnPView • Find-PnPFile, Get-PnPFile • Get-PnPField • Move-PnPFile, Remove-PnPFile • Rename-PnPFile • Restore-PnPRecycleBinItem • Set-PnPFileCheckedIn • Office 365 Groups • Set-PnPFileCheckedOut • New-PnPUnifiedGroup, Remove- • PnPList PnPUnifiedGroup • Add, Get, Set, Remove • Get-PnPUnifiedGroup, Set- • Get-PnPListItem PnPUnifiedGroup • Get-PnPUnifiedGroupMembers • Set-PnPListItem • Get-PnPUnifiedGroupOwners • Get-PnPProperty

But my Boss HATES PnP PowerShell! Vesa Juvonen PowerShell Gallery RenCore • Exceptions are approved by SharePoint Engineering team • Can be more secure, as it can be more fine grained

How do I keep up? https://www.toddklindt.com/POSHOffice365Modules

Upload a File https://tenant.sharepoint.com/sites/hr

Add a Folder Get-PnPProperty

Get Internal Shared Files

Get Extended File Info Connect-PnPOnline -Url $url -Credentials MeganB $doclibs = Get-PnPList -Includes DefaultViewUrl,IsSystemList | Where-Object -Property IsSystemList -EQ -Value $false | Where-Object -Property BaseType -EQ -Value "DocumentLibrary “ Foreach ($doclib in $doclibs) { $doclibTitle = $doclib.Title $docs = Get-PnPListItem -List $DocLib $docs | ForEach-Object { Get-PnPProperty -ClientObject $_ -Property File, ContentType, ComplianceInfo} foreach ($doc in $docs) { [pscustomobject]@{Library= $doclibTitle;Filename = ($doc.File).Name;ContentType = ($doc.ContentType).Name;Label = ($doc.ComplianceInfo).ComplianceTag} }

Bulk Undelete Files https://sadtenant.sharepoint.com/ baduser@sadtenant.phooey https://www.toddklindt.com/PoshRestoreSPOFiles

New Site and Group • No Group, No Team, No Bueno • Can be Groupified later • Group, No Team • Can be Teamified later

The Whole Enchilada • There is no later!

“Save Site as Template”

Copy Office 365 Group Permissions

https://www.toddklindt.com/PoshCopyO365GroupMembers

Get All the Flows

Get Your Flows

Disable Flow Button Connect-SPOService -Url https://flowhater-admin.sharepoint.com $val = [Microsoft.Online.SharePoint.TenantAdministration.FlowsPolicy]::Disabled Set-SPOSite -Identity https://flowhater.sharepoint.com/sites/SadSite - DisableFlows $val Connect-PnPOnline -Url https://flowhater.sharepoint.com/sites/SadSite - Credentials ‘ SiteAdmin' Set-PnPSite -DisableFlows:$true

And PowerApps Apps