Connect-AzureAD
$Password = "em2Y2DA7KiZx2uo5QSAk*" | ConvertTo-SecureString -AsPlainText -Force
Set-AzureADUserPassword -ObjectID "7de0a4c8-8bfb-43bc-9d6e-e4b6131f3e66" -Password $passwordThis reset’s the account password to the specified one above, ignores already used passwords and extends expired account password lifecycle.
$AllServers=Get-ADComputer -Filter {OperatingSystem -Like "Windows Server*" -and Enabled -eq 'True'}
$Servers = ForEach ($Server in $AllServers){
$Result=Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled = 'True'" -Property DNSServerSearchOrder -ComputerName $Server.Name
New-Object -TypeName PSObject -Property @{
ComputerName = $Server.Name -join ','
DNSServerSearchOrder = $Result.DNSServerSearchOrder -join ','
} | Select-Object ComputerName,DNSServerSearchOrder | Export-Csv -Path C:\Temp\ServerDNSSettings.csv -NoTypeInformation -Append
}Run this from a domain controller and it will report the DNS servers set on the NIC card.
Azure Active Directory has a ton of attributes which hold potentially useful information. I needed to compare what attributes are synced from an On-Premise AD environment to Azure AD. The client was using AD Sync Connector to synchronize their AD.
After collecting all the attributes from a Microsoft knowledgebase article, I added them all to the below script
# Export/working path, please create it before running script
$Path = Split-Path -Parent "C:\scripts\*.*"
# Create variable for the date stamp in log file
$LogDate = Get-Date -f yyyyMMddhhmm
# Define CSV and log file location variables
# They have to be on the same location as the script
$Csvfile = $Path + "\AllAzADUsers_$logDate.csv"
# Get all Azure AD users
$AzADUsers = Get-AzureADUser -All $true | Select-Object -Property *
# Display progress bar
$progressCount = 0
for ($i = 0; $i -le $AzADUsers.Count; $i++) {
Write-Progress `
-Id 0 `
-Activity "Retrieving User " `
-Status "$progressCount of $($AzADUsers.Count)" `
-PercentComplete (($progressCount / $AzADUsers.Count) * 100)
$progressCount++
}
# Create list
$AzADUsers | Sort-Object GivenName | Select-Object `
@{Label = "First name"; Expression = { $_.GivenName } },
@{Label = "Last name"; Expression = { $_.Surname } },
@{Label = "Display name"; Expression = { $_.DisplayName } },
@{Label = "User principal name"; Expression = { $_.UserPrincipalName } },
@{Label = "Street"; Expression = { $_.StreetAddress } },
@{Label = "City"; Expression = { $_.City } },
@{Label = "State/province"; Expression = { $_.State } },
@{Label = "Zip/Postal Code"; Expression = { $_.PostalCode } },
@{Label = "Country/region"; Expression = { $_.Country } },
@{Label = "Job Title"; Expression = { $_.JobTitle } },
@{Label = "Department"; Expression = { $_.Department } },
@{Label = "Company"; Expression = { $_.CompanyName } },
@{Label = "Description"; Expression = { $_.Description } },
@{Label = "Office"; Expression = { $_.PhysicalDeliveryOfficeName } },
@{Label = "Telephone number"; Expression = { $_.TelephoneNumber } },
@{Label = "E-mail"; Expression = { $_.Mail } },
@{Label = "Mobile"; Expression = { $_.Mobile } },
@{Label = "User type"; Expression = { $_.UserType } },
@{Label = "ageGroup"; Expression = { $_.ageGroup } },
@{Label = "alernativeSecurityId"; Expression = { $_.alernativeSecurityId } },
@{Label = "alernativeSecurityIds"; Expression = { $_.alernativeSecurityIds } },
@{Label = "consentProvidedForMinor"; Expression = { $_.consentProvidedForMinor } },
@{Label = "createdDateTime"; Expression = { $_.createdDateTime } },
@{Label = "creationType"; Expression = { $_.creationType } },
@{Label = "dateOfBirth"; Expression = { $_.dateOfBirth } },
@{Label = "facsimileTelephoneNumber"; Expression = { $_.facsimileTelephoneNumber } },
@{Label = "immutableId"; Expression = { $_.immutableId } },
@{Label = "legalAgeGroupClassification"; Expression = { $_.legalAgeGroupClassification } },
@{Label = "legalCountry"; Expression = { $_.legalCountry } },
@{Label = "mailNickName"; Expression = { $_.mailNickName } },
@{Label = "netId"; Expression = { $_.netId } },
@{Label = "objectId"; Expression = { $_.objectId } },
@{Label = "otherMails"; Expression = { $_.otherMails } },
@{Label = "password"; Expression = { $_.password } },
@{Label = "passwordPolicies"; Expression = { $_.passwordPolicies } },
@{Label = "physicalDeliveryOfficeName (officeLocation)"; Expression = { $_.physicalDeliveryOfficeName } },
@{Label = "preferredLanguage"; Expression = { $_.preferredLanguage } },
@{Label = "signInNames"; Expression = { $_.signInNames } },
@{Label = "signInNames.userName"; Expression = { $_.signInNames.userName } },
@{Label = "signInNames.phoneNumber"; Expression = { $_.signInNames.phoneNumber } },
@{Label = "signInNames.emailAddress"; Expression = { $_.signInNames.emailAddress } },
@{Label = "strongAuthenticationAlternativePhoneNumber"; Expression = { $_.strongAuthenticationAlternativePhoneNumber } },
@{Label = "strongAuthenticationEmailAddress"; Expression = { $_.strongAuthenticationEmailAddress } },
@{Label = "strongAuthenticationPhoneNumber"; Expression = { $_.strongAuthenticationPhoneNumber } },
@{Label = "usageLocation"; Expression = { $_.usageLocation } },
@{Label = "userType"; Expression = { $_.userType } },
@{Label = "userState"; Expression = { $_.userState } },
@{Label = "userStateChangedOn"; Expression = { $_.userStateChangedOn } },
@{Label = "Dirsync"; Expression = { if (($_.DirSyncEnabled -eq 'True') ) { 'True' } Else { 'False' } } },
@{Label = "Account status"; Expression = { if (($_.AccountEnabled -eq 'True') ) { 'Enabled' } Else { 'Disabled' } } } |
# Export report to CSV file
Export-Csv -Encoding UTF8 -Path $Csvfile -NoTypeInformation #-Delimiter ";"Connecting to Exchange on Office 365. There are two methods, one from the Azure portal and one from your local PC.
Azure method –
Log into portal.azure.com and use your administrator account. Fire up the cloud powershell and execute the below command –
Connect-EXOPSSession
This will authenticate you to Exchange services without needing to input any further credentials or options. You will have full access to all the commands related to exchange online services.
Local PC method –
Download and install the “Microsoft Online Services Sign-In Assistant”
Edit the below registry key on your PC to allow basic authentication.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Allow basic - decimal 1
Once that has been done, run the below commands after each other. You will be prompted to enter your administrator credentials in the second command which will store them temporarily in a variable.
Set-ExecutionPolicy RemoteSigned $UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session
Note the 3rd command should be in a single entry.